21bd381d9108e53f6000802bf79ab582_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21bd381d9108e53f6000802bf79ab582_JaffaCakes118
Size

597KB
MD5

21bd381d9108e53f6000802bf79ab582
SHA1

e160884f63c8fa1f2452b6d9bd665d283872719c
SHA256

e7eb1c9fe0d829deb13286bdf73e67996c4432dd7b170cc1962dfe84d05832ac
SHA512

8a877b8c6f53a4ec9b3c684b05a6cc36b31f2ece59088d59177fea08bf6fc7c8bbe1cdf81deaf869079b4abc7ab488aea9bae0f525baeeb2c8344d48a4db0746
SSDEEP

12288:vafoU42C+5W5fnZZFL+/IrP+MWV5ZjgjfCe:b5oWNhL+/wBWVjjgjJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21bd381d9108e53f6000802bf79ab582_JaffaCakes118

Files

21bd381d9108e53f6000802bf79ab582_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ed7412ff66dea2d47dc6f1bea8893f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dcsmhbxy\exptr

Imports

user32

GetDlgItemTextA
GetWindowModuleFileNameW
SetMenuItemInfoA
UnregisterClassA
FindWindowA
SetMenuItemBitmaps
SetWindowLongW
CharLowerA
LoadMenuIndirectA
GetMenu
GetClassNameW
SetWindowWord
DestroyCursor
GetMessageW
DestroyCaret
GetMenuStringA
SendMessageTimeoutA
CascadeWindows
SetWindowsHookW
DialogBoxIndirectParamA
RegisterClassA
ModifyMenuA
CharToOemA
GetMenuContextHelpId
RegisterClassExA
CharUpperBuffW

kernel32

GetCPInfo
TlsGetValue
LoadLibraryA
TerminateProcess
GetModuleFileNameA
SetCurrentDirectoryA
ExpandEnvironmentStringsW
CreateMutexA
GetModuleHandleW
EnterCriticalSection
GetUserDefaultLCID
CompareStringW
IsValidLocale
FreeEnvironmentStringsA
GetSystemInfo
GetACP
QueryPerformanceCounter
HeapSize
VirtualProtect
HeapDestroy
UnhandledExceptionFilter
GetPrivateProfileStringW
CompareStringA
LocalFlags
GetTimeFormatA
LCMapStringW
SetStdHandle
HeapReAlloc
SetHandleCount
GetCommandLineA
HeapFree
LeaveCriticalSection
CloseHandle
GetSystemTimeAsFileTime
GetFileType
GetCurrentThreadId
GetStartupInfoA
SetConsoleMode
GetLocaleInfoA
GetStdHandle
GetConsoleTitleW
GetLogicalDrives
GetTickCount
FreeEnvironmentStringsW
GetStringTypeA
SetLastError
lstrcmpW
VirtualAlloc
IsBadWritePtr
TlsSetValue
GetLastError
IsBadReadPtr
SetFilePointer
ExitProcess
GetProcAddress
EnumSystemLocalesA
SetEnvironmentVariableA
GetStringTypeW
VirtualFree
GetTimeZoneInformation
GetDateFormatA
GetVersionExA
GetEnvironmentStrings
FlushFileBuffers
FileTimeToLocalFileTime
ReadFile
LCMapStringA
GetCompressedFileSizeA
SetConsoleWindowInfo
MultiByteToWideChar
WideCharToMultiByte
IsValidCodePage
DeleteCriticalSection
GetOEMCP
InitializeCriticalSection
GetEnvironmentStringsW
InterlockedExchange
GetConsoleCP
TlsAlloc
GetDriveTypeA
FlushViewOfFile
VirtualQuery
HeapAlloc
GetLocaleInfoW
EnumSystemCodePagesW
OutputDebugStringA
ReadConsoleOutputCharacterA
HeapCreate
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetModuleHandleA
TlsFree
RtlUnwind
WriteFile
OpenMutexA

comctl32

ImageList_GetFlags
ImageList_SetFilter
ImageList_Replace
ImageList_SetFlags
CreatePropertySheetPage
CreateToolbarEx
ImageList_AddIcon
ImageList_LoadImageW
ImageList_Read
DrawInsert
CreateStatusWindowA
GetEffectiveClientRect
ImageList_SetImageCount
InitCommonControlsEx
CreateUpDownControl
ImageList_Duplicate
ImageList_Write
ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_Merge
CreatePropertySheetPageA
MakeDragList

wininet

FtpOpenFileW
IsUrlCacheEntryExpiredW
FtpRenameFileA
FindNextUrlCacheEntryW
CreateUrlCacheEntryW
GetUrlCacheConfigInfoA

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ed7412ff66dea2d47dc6f1bea8893f9

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

wininet

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 109KB - Virtual size: 114KB

.rsrc Size: 70KB - Virtual size: 70KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 109KB - Virtual size: 114KB

.rsrc
Size: 70KB - Virtual size: 70KB