1629fee8473a0942612ab4eb841cea3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1629fee8473a0942612ab4eb841cea3d_JaffaCakes118
Size

368KB
MD5

1629fee8473a0942612ab4eb841cea3d
SHA1

1f8a7b0de851a2599cb4c696372f5753263f6db5
SHA256

55e253d7e7fab46683031ec1a60dde8d450da1cb07a7b94164ee5cab6e039bcb
SHA512

6e40b9d916b41491dc6a2d1d7077ff5d58903a7cdf90850d6fad3fe3dc40edafe222fd1179107dd7f6eef7f104e4ce1874124cfa7934fe538971d8d2c77ee7ee
SSDEEP

6144:idIXS5UjKrp1H/7MLDEMJ0Om7fWYnfiw2iEonABbhuQ676KBuTXAeBKKPBpL:iqSOGrr7MVJ03WYfi+EonHuKBMBKKP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1629fee8473a0942612ab4eb841cea3d_JaffaCakes118

Files

1629fee8473a0942612ab4eb841cea3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21fd633edb3545fb99c86d76f7aecad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\bpdsefpssp\ekod

Imports

kernel32

LocalSize
SetStdHandle
GetModuleFileNameW
DebugActiveProcess
TlsSetValue
IsValidLocale
SetFilePointer
GetStartupInfoA
GetFileSize
GetUserDefaultLCID
OpenMutexA
GetProcessShutdownParameters
LeaveCriticalSection
GetTempFileNameA
WaitForMultipleObjectsEx
VirtualFree
ReadConsoleInputW
ReadConsoleInputA
WriteConsoleW
MapViewOfFile
ReadConsoleOutputCharacterW
HeapSize
TerminateProcess
lstrlenW
WriteProfileSectionA
CompareStringA
GetLocaleInfoW
LocalFileTimeToFileTime
GetSystemTimeAdjustment
GetFullPathNameA
GetModuleHandleW
CreateFileA
GetTickCount
GetExitCodeThread
SetThreadIdealProcessor
DeleteFileA
VirtualQuery
SetConsoleCursorPosition
GetPrivateProfileSectionNamesW
CreatePipe
GetModuleFileNameA
GlobalGetAtomNameA
FileTimeToSystemTime
VirtualAlloc
GetCPInfo
EnumResourceNamesW
InterlockedExchange
IsDebuggerPresent
GetLocalTime
HeapDestroy
Sleep
RemoveDirectoryW
InitializeCriticalSectionAndSpinCount
FindFirstFileW
GetTimeFormatA
TlsAlloc
GetConsoleMode
ReadFile
GetTimeFormatW
EnumSystemLocalesW
FreeResource
GlobalSize
GetModuleHandleA
CreateMutexA
HeapFree
GetLocaleInfoA
TlsGetValue
MultiByteToWideChar
GetCalendarInfoA
CloseHandle
SetLastError
GlobalFindAtomA
EnterCriticalSection
GetOEMCP
lstrcatW
SetConsoleCursorInfo
GetCurrentProcess
GetFileAttributesExW
SetConsoleCtrlHandler
FlushFileBuffers
VirtualAllocEx
WritePrivateProfileStringW
FreeEnvironmentStringsW
WriteConsoleOutputCharacterA
GetProcAddress
GetProcAddress
SetConsoleScreenBufferSize
WriteFile
GetThreadLocale
GetConsoleCP
SetLocaleInfoA
CompareStringW
GetStringTypeW
SetHandleCount
ReadConsoleOutputAttribute
WideCharToMultiByte
GetTimeZoneInformation
ExitThread
InterlockedDecrement
HeapReAlloc
GetConsoleOutputCP
VirtualUnlock
GetDateFormatA
HeapAlloc
GetCommandLineW
GetSystemDirectoryA
lstrcmpiA
SetConsoleTextAttribute
GetWindowsDirectoryW
SetUnhandledExceptionFilter
ExpandEnvironmentStringsA
UnhandledExceptionFilter
WaitForDebugEvent
SetEnvironmentVariableA
ExitProcess
IsValidCodePage
HeapCreate
GetVersionExW
GetCurrentProcessId
GetACP
GetCurrentThreadId
TlsFree
WriteConsoleA
LCMapStringW
RtlUnwind
GlobalAlloc
FindResourceW
WritePrivateProfileStructW
GetStringTypeA
LoadLibraryA
GetStartupInfoW
LCMapStringA
VirtualProtect
GetSystemInfo
EnumSystemLocalesA
GetCommandLineA
QueryPerformanceCounter
GetVolumeInformationA
LoadLibraryExA
GetFileType
GetThreadSelectorEntry
MoveFileW
GetSystemTimeAsFileTime
WaitNamedPipeA
GetLastError
FreeLibrary
WaitCommEvent
GetEnvironmentStringsW
InterlockedIncrement
GetCurrentThread
SetVolumeLabelW
MoveFileExA
DeleteCriticalSection
CreateSemaphoreA
GetStdHandle

comctl32

InitCommonControlsEx
ImageList_SetFilter
CreatePropertySheetPageA

user32

IsZoomed
IsChild
RegisterClassExA
GetClassNameA
BlockInput
DdeFreeStringHandle
GetUserObjectInformationW
DestroyAcceleratorTable
GetClassInfoA
MessageBoxW
CreateDialogIndirectParamW
GetDCEx
AttachThreadInput
GetClassInfoExA
DragDetect
FlashWindowEx
CreateWindowExA
EnumDisplayDevicesW
SendMessageA
CharLowerBuffW
GetDlgItem
SendNotifyMessageW
CreateMDIWindowA
SetMenuItemInfoW
DdeCreateStringHandleA
ReplyMessage
ActivateKeyboardLayout
DefWindowProcA
GetNextDlgTabItem
DrawStateA
DispatchMessageW
DrawFocusRect
CheckDlgButton
UnhookWindowsHookEx
EnumPropsExA
DestroyWindow
GetGUIThreadInfo
RegisterClassA
GetListBoxInfo
DrawTextExW
ShowWindow
GetInputDesktop
GetDlgItemTextW
GetWindowInfo
DialogBoxIndirectParamA
IsDlgButtonChecked

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21fd633edb3545fb99c86d76f7aecad8

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 92KB - Virtual size: 94KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 92KB - Virtual size: 94KB

.rsrc
Size: 40KB - Virtual size: 38KB