1a141be027ca34d249b36b9064e0a38d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a141be027ca34d249b36b9064e0a38d_JaffaCakes118
Size

542KB
MD5

1a141be027ca34d249b36b9064e0a38d
SHA1

641c31a0099e9b5641b73c794058ef354281255e
SHA256

682b574110af0e9e4c49130162e38703a41ec2b875ea9d365ea66bbae90ca5ad
SHA512

c591bd434461b3f520e7a5523f77565c6791ae1b76059492c2e52f3f447b65788eef37c974ea98099903dac61d36375ff0eedd2805a8eb8b6e8bc92b41a37e75
SSDEEP

12288:1Jmu30DkC8G5a3/MnUWYFzGARV/qF54JowYx2/F:SuktJa3UnUWMaARxqgOwAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a141be027ca34d249b36b9064e0a38d_JaffaCakes118

Files

1a141be027ca34d249b36b9064e0a38d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

291c076152faaf38a12a17d0705a8fca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\jzgp\sesxhe.pdb

Imports

comctl32

ImageList_DrawIndirect
CreatePropertySheetPage
CreateToolbarEx
CreateMappedBitmap
ImageList_Copy
ImageList_BeginDrag
ImageList_LoadImage
ImageList_SetOverlayImage
ImageList_AddIcon
ImageList_Duplicate
DrawStatusTextA
ImageList_ReplaceIcon
ImageList_SetFilter
InitMUILanguage
DrawStatusText
ImageList_Add
ImageList_GetDragImage
InitCommonControlsEx
ImageList_DragEnter

kernel32

CompareStringA
GetThreadSelectorEntry
LCMapStringA
QueryPerformanceCounter
HeapReAlloc
EnumSystemLocalesA
LeaveCriticalSection
GetCommandLineW
TlsSetValue
HeapFree
GetTimeFormatA
GetProcAddress
OpenMutexA
CreateFileW
InitializeCriticalSection
WriteFile
GlobalHandle
SetFilePointer
GetFileType
VirtualQuery
GetEnvironmentStrings
InterlockedExchange
GetCurrentThread
GetStdHandle
GetVersionExA
GetCurrentProcess
SetStdHandle
RtlUnwind
CompareStringW
GetModuleFileNameA
FreeEnvironmentStringsW
GetLongPathNameW
CloseHandle
LocalFlags
GetUserDefaultLCID
GetStartupInfoW
GetCurrentDirectoryW
SetLastError
AddAtomW
CreateProcessW
SetEnvironmentVariableA
GetCurrentThreadId
GetSystemTimeAsFileTime
TlsAlloc
GetNamedPipeHandleStateW
MultiByteToWideChar
GetACP
LoadLibraryA
GetCurrentProcessId
GetModuleFileNameW
IsValidLocale
GetEnvironmentStringsW
HeapSize
GetTickCount
GetStringTypeW
GetDateFormatA
ConvertDefaultLocale
UnhandledExceptionFilter
TlsGetValue
GetCPInfo
EnterCriticalSection
ReadFile
WideCharToMultiByte
HeapAlloc
CreateMutexA
ExitProcess
DeleteCriticalSection
GetStartupInfoA
LCMapStringW
IsBadWritePtr
GetLocaleInfoW
SetHandleCount
GetCommandLineA
IsValidCodePage
VirtualProtect
GetLastError
TlsFree
TerminateProcess
HeapDestroy
LocalLock
lstrcmpi
VirtualFree
GetSystemInfo
FreeEnvironmentStringsA
GetStringTypeA
HeapCreate
GetTimeZoneInformation
GetLocaleInfoA
VirtualAlloc
GetOEMCP
GetModuleHandleA
FlushFileBuffers

user32

ShowWindow
MessageBoxW
RegisterClassExA
LoadBitmapW
FrameRect
RegisterClassA
GetMenuState
CreateMDIWindowW
DefWindowProcA
GetWindowRect
CreateWindowExA
DestroyWindow
ToAscii

gdi32

StrokeAndFillPath
DeleteObject
GetEnhMetaFileBits
SetICMMode
CreatePolygonRgn
GdiPlayDCScript
AddFontResourceA
PolyBezier
SetMapMode
PtVisible
GetObjectA
DeleteEnhMetaFile
FixBrushOrgEx
GetFontLanguageInfo
GetDeviceCaps
CreateDCW
RectInRegion
DrawEscape
CreateRectRgnIndirect
DeleteDC
DeleteColorSpace
BitBlt
SetTextAlign

advapi32

RegRestoreKeyA
RegQueryMultipleValuesA
CreateServiceW
RegQueryValueExA
CryptGenRandom
RegEnumKeyExA
DuplicateToken
RegOpenKeyExW
LogonUserW
RegConnectRegistryW

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

291c076152faaf38a12a17d0705a8fca

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 317KB - Virtual size: 316KB

.rdata Size: 67KB - Virtual size: 86KB

.data Size: 111KB - Virtual size: 110KB

.rsrc Size: 46KB - Virtual size: 45KB

.text
Size: 317KB - Virtual size: 316KB

.rdata
Size: 67KB - Virtual size: 86KB

.data
Size: 111KB - Virtual size: 110KB

.rsrc
Size: 46KB - Virtual size: 45KB