216f577bf71c31a753b2350ce38790b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

216f577bf71c31a753b2350ce38790b3_JaffaCakes118
Size

908KB
MD5

216f577bf71c31a753b2350ce38790b3
SHA1

cb2d46c0ba1f61a3fe7e29dbe6a3f10db36c1fc1
SHA256

be23fa8bbb21ab794f2c4ac4e42e5b6043cb2414ddf676923b549e3fe1a20886
SHA512

650f42a36d184000f8a665c53ce5de06d8d2becc7d404d185272b341c27b754b96caee44298bc62d4355642dadb6e494adbe446305fca29ce91ea1a70da199a3
SSDEEP

12288:QjDIybkeeQfEL91TicsiZOVnSR6mKiTRGELJXYKWBE6xZTQr/B8ut/qt84njF7hw:QfVeQSTvsiIdUhJIK0EjtyttjbOMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
216f577bf71c31a753b2350ce38790b3_JaffaCakes118

Files

216f577bf71c31a753b2350ce38790b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

982b5ab548b2328c06be8e192eee08cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\eqbstrtet\bwerjq.PDB

Imports

gdi32

Rectangle
GetWindowExtEx
Escape
CreatePen
RestoreDC
ExtTextOutW
CreateRectRgn
OffsetViewportOrgEx
ScaleWindowExtEx
Polyline
GetClipBox
ExtFloodFill
MoveToEx
SetDIBitsToDevice
CreateDIBSection
RectVisible
CreateRectRgnIndirect
SaveDC
GetPixel
GetRgnBox
GetTextColor
DPtoLP
IntersectClipRect
GetTextExtentPoint32W
BitBlt
SetPolyFillMode
CopyMetaFileW
CreateFontIndirectW
OffsetClipRgn
GetTextCharsetInfo
CreatePolygonRgn
SetStretchBltMode
GetBkMode
SelectPalette
ScaleViewportExtEx
CreateCompatibleDC
GetObjectW
GetViewportExtEx
GetDIBits
CreateBitmap
GetBkColor
LPtoDP
PtInRegion
CombineRgn
FrameRgn
StartPage
SetTextColor
CreateDIBitmap
SelectObject
StretchBlt
LineTo
EndPage
CreateCompatibleBitmap
OffsetRgn
CreateSolidBrush
Polygon
TextOutW
CreateFontW
CreateRoundRectRgn
SetRectRgn
GetMapMode
SelectClipRgn
ExcludeClipRect
ExtSelectClipRgn
GetBoundsRect
SetTextAlign
GetTextMetricsA
SetWindowOrgEx
StretchDIBits
SetBkColor
CreatePatternBrush
SetROP2
DeleteDC
SetViewportExtEx
DeleteObject
OffsetWindowOrgEx
GetTextMetricsW
Ellipse
SetViewportOrgEx
GetTextExtentPoint32A
GetDeviceCaps
SetMapMode
GetStockObject
PtVisible
SetWindowExtEx
EndDoc
RoundRect
SetBkMode
RealizePalette
PatBlt
FillRgn
SetAbortProc
SetPixel

advapi32

RegQueryValueExA
CryptEncrypt
SetFileSecurityA
RegDeleteValueA
RegOpenKeyExA
CryptDecrypt
RegOpenKeyA
GetFileSecurityA
RegSetValueExA

comctl32

CreateToolbarEx
ord17
ImageList_Destroy
_TrackMouseEvent
InitCommonControlsEx

mfc42

ord1576

shell32

SHAppBarMessage
SHGetMalloc
ord155
SHGetFileInfoA

user32

LoadAcceleratorsW
MessageBoxW
RegisterClassExW
DefWindowProcW
DestroyWindow
ShowWindow
LoadStringW
RegisterClassW
LoadBitmapW
LoadIconW
CreateWindowExW
DestroyAcceleratorTable

kernel32

HeapFree
CreateFileA
HeapDestroy
WideCharToMultiByte
DebugBreak
IsBadReadPtr
HeapSize
HeapValidate
GetConsoleCP
LCMapStringW
CompareStringW
LCMapStringA
GetConsoleMode
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetDateFormatA
InitializeCriticalSectionAndSpinCount
WriteFile
RaiseException
FlushFileBuffers
InterlockedIncrement
GetOEMCP
Sleep
GetModuleHandleW
ExitProcess
GetModuleFileNameA
GetTimeZoneInformation
DeleteCriticalSection
GetFileType
CreateMutexW
SetLastError
GetACP
SetConsoleCtrlHandler
TlsSetValue
WriteConsoleA
QueryPerformanceCounter
TlsFree
GetStringTypeA
GetConsoleOutputCP
GetSystemTimeAsFileTime
GetModuleHandleA
MultiByteToWideChar
SetEnvironmentVariableA
GetModuleFileNameW
GetLastError
GetTimeFormatA
LeaveCriticalSection
LoadLibraryA
GetStartupInfoA
GetCommandLineW
SetFilePointer
GetStdHandle
InterlockedExchange
GetCurrentProcessId
LoadLibraryW
InterlockedDecrement
GetCurrentProcess
GetProcAddress
HeapCreate
FreeEnvironmentStringsW
VirtualQuery
VirtualFree
GetTickCount
OutputDebugStringW
SetUnhandledExceptionFilter
CloseHandle
GetCPInfo
SetHandleCount
GetStartupInfoW
IsValidCodePage
WriteConsoleW
OutputDebugStringA
VirtualAlloc
CompareStringA
TlsAlloc
GetLocaleInfoA
IsDebuggerPresent
GetCurrentThreadId
HeapAlloc
SetStdHandle
HeapReAlloc
EnterCriticalSection
InitializeCriticalSection
GetStringTypeW
ReadFile
GetEnvironmentStringsW
TlsGetValue

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

982b5ab548b2328c06be8e192eee08cb

Headers

File Characteristics

PDB Paths

Imports

gdi32

advapi32

comctl32

mfc42

shell32

user32

kernel32

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 507KB - Virtual size: 506KB

.data Size: 110KB - Virtual size: 132KB

.rsrc Size: 67KB - Virtual size: 67KB

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 507KB - Virtual size: 506KB

.data
Size: 110KB - Virtual size: 132KB

.rsrc
Size: 67KB - Virtual size: 67KB