1b2d4d00af5520bd98f95e36140e824d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b2d4d00af5520bd98f95e36140e824d_JaffaCakes118
Size

564KB
MD5

1b2d4d00af5520bd98f95e36140e824d
SHA1

cb65002eff7c60bb42b8895b88e6471c761a817f
SHA256

542996010a2f164d41d46e4026dcabe98c39aa58b65c391f1d7a8f38b4e01c8a
SHA512

3322be7410ec04bb64d0a836575ba8904a2d95909c7b79e8d7a01ae99275baa9e1f79315e68f86ba63b5fadf70e621303ed152960ac30e025877388022712dc4
SSDEEP

12288:B8WOCo1eynFQj6Ao8BRqqG3U2L/4VBXNxTXUW:tOteyF7Ao8BRzKjL/49

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b2d4d00af5520bd98f95e36140e824d_JaffaCakes118

Files

1b2d4d00af5520bd98f95e36140e824d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3316f16bcd04815f45b7b6f91db5e7a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\goptvz

Imports

comctl32

ImageList_EndDrag
ImageList_LoadImageA
ImageList_GetIconSize
CreateStatusWindowW
DrawStatusText
ImageList_DrawIndirect
ImageList_SetFilter
CreatePropertySheetPageA
CreateMappedBitmap
CreateToolbar
ImageList_LoadImage
CreateStatusWindow
ImageList_Draw
CreateToolbarEx
CreateStatusWindowA
ImageList_Remove
ImageList_Create
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_Replace
CreateUpDownControl
InitMUILanguage
InitCommonControlsEx

user32

CallMsgFilterA
CreateDialogParamA
DrawFrame
CopyIcon
ChangeDisplaySettingsExW
CreateCursor
CreateWindowExA
GetWindowModuleFileNameW
LoadAcceleratorsA
GetClassWord
SetWindowPos
LoadCursorFromFileA
WinHelpW
SetScrollPos
ReleaseDC
RegisterClassA
InsertMenuItemW
RegisterClassExA
GetUserObjectInformationA
GetClientRect
EnumDisplaySettingsW
TileWindows
DlgDirSelectExW
UnloadKeyboardLayout
SetUserObjectInformationW
PostQuitMessage
CreateIconFromResource
SetUserObjectInformationA
FrameRect
GetClipboardFormatNameW
GetClassLongW
NotifyWinEvent
GetClassInfoA
MessageBoxW
ShowWindow
MapVirtualKeyA
DefDlgProcW
RegisterDeviceNotificationA
OemToCharA
DeleteMenu
HideCaret
InsertMenuItemA
DestroyWindow
UnregisterHotKey
GetAltTabInfo
LoadMenuA
RegisterClassW
DdeDisconnectList
GrayStringA
FillRect
FindWindowExA
CallNextHookEx
GetDlgItemInt
DdeReconnect
DefWindowProcA
EndTask
GetMonitorInfoA
EnumDesktopsA
TrackPopupMenu
GetDoubleClickTime
GetDlgItemTextA
SetWindowPlacement
DlgDirSelectComboBoxExW
EnumThreadWindows
CreateWindowStationA

kernel32

FileTimeToDosDateTime
GetCurrentProcessId
RtlUnwind
HeapFree
LocalFileTimeToFileTime
LocalHandle
GetFileAttributesExW
ExitProcess
DeleteAtom
VirtualQuery
GetSystemTimeAsFileTime
GlobalUnlock
GetTimeFormatA
GetTempPathA
GetFileAttributesExA
GetModuleFileNameW
HeapDestroy
GetModuleHandleA
ReadConsoleA
WideCharToMultiByte
GetStringTypeW
GetModuleFileNameA
GetLocaleInfoA
OpenMutexA
CreateEventW
GetVersionExA
GetConsoleTitleA
GetProcAddress
GetFileType
SetThreadIdealProcessor
GetUserDefaultLCID
GetConsoleScreenBufferInfo
OpenFileMappingW
TlsAlloc
GetTickCount
CompareStringW
GetFileTime
CloseHandle
WriteFile
HeapSize
EnumSystemLocalesW
InterlockedExchange
EnumSystemLocalesA
GetStdHandle
VirtualProtect
SetStdHandle
OpenProcess
SetHandleCount
GetOEMCP
GetTimeZoneInformation
GetCurrentProcess
SetWaitableTimer
GlobalFree
CreateMutexA
GetCurrentThreadId
FlushFileBuffers
GetTempPathW
FreeEnvironmentStringsW
GetStartupInfoA
GetStartupInfoW
FreeEnvironmentStringsA
SetCriticalSectionSpinCount
GetDiskFreeSpaceW
DeleteCriticalSection
HeapAlloc
GetEnvironmentStrings
GetStringTypeExW
lstrcmpi
SetLocalTime
CompareStringA
SetConsoleScreenBufferSize
VirtualAlloc
GetCurrentThread
UnlockFileEx
TlsGetValue
EnumResourceLanguagesA
SetEnvironmentVariableA
GetDateFormatA
GlobalAddAtomA
CreateMutexW
IsValidCodePage
GetCPInfo
ReadFile
RemoveDirectoryA
OpenEventA
GetEnvironmentStringsW
UnhandledExceptionFilter
LoadLibraryA
GetCommandLineA
LeaveCriticalSection
MultiByteToWideChar
HeapCreate
TlsSetValue
EnumCalendarInfoW
LCMapStringA
GetCommandLineW
SetLastError
GetLastError
SetFilePointer
GetLocaleInfoW
GetPrivateProfileStructA
TerminateProcess
HeapReAlloc
LCMapStringW
FillConsoleOutputCharacterW
GetStringTypeA
QueryPerformanceCounter
ReadConsoleInputW
SetThreadPriority
GetEnvironmentVariableW
TlsFree
lstrcat
GetACP
GetLogicalDriveStringsW
GetPrivateProfileStructW
IsBadWritePtr
WriteConsoleA
EnterCriticalSection
lstrcpyn
GetSystemInfo
GetCompressedFileSizeW
FindResourceExW
InitializeCriticalSection
GetThreadTimes
IsValidLocale
VirtualFree
TerminateThread
GetThreadContext
GetPrivateProfileIntA

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3316f16bcd04815f45b7b6f91db5e7a2

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 129KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 129KB

.rsrc
Size: 16KB - Virtual size: 12KB