230adc5eff147997b2405f1f36be2f04_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

230adc5eff147997b2405f1f36be2f04_JaffaCakes118
Size

412KB
MD5

230adc5eff147997b2405f1f36be2f04
SHA1

fba7b211b959652754c7280325d939b4f54479f9
SHA256

5e70aef8756b10e4ae34597e71654f3700eee41b733c89a6d30d49bfc65a8aee
SHA512

82e268b9bbb654ffc1d39a409891d598deb9ea1d29e077093458aa2c083ff5271ba79030499304c28efeb8770427862266df964324aabdc8d13d619dace1ee44
SSDEEP

6144:2Us1pSRO+yrkpuwK+wr04lhlOSUfjN7aPyMAxSGknJ:2h1pSgaugqjvZUfE4unJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
230adc5eff147997b2405f1f36be2f04_JaffaCakes118

Files

230adc5eff147997b2405f1f36be2f04_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9fb412dab4a026762821cb888951e6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\bezch\dbckmgdcd.pdb

Imports

user32

SetDlgItemTextA
CreateWindowExA
AppendMenuW
WaitForInputIdle
DestroyWindow
GetMenuContextHelpId
CascadeChildWindows
ModifyMenuW
SetMenu
MoveWindow
RegisterClassExA
ShowWindow
SendInput
IsDialogMessageW
MapVirtualKeyA
DestroyAcceleratorTable
DlgDirSelectExA
FillRect
MessageBoxW
DdeFreeStringHandle
ScrollWindow
SetMenuItemInfoA
ChangeDisplaySettingsExW
CallMsgFilterW
ReleaseDC
RegisterClassA
CreateWindowStationW
InvertRect
DefFrameProcW
AnyPopup
EnumDisplayDevicesW
ShowOwnedPopups
DdePostAdvise
LoadAcceleratorsW
DefWindowProcA

comctl32

MakeDragList
ImageList_Copy
ImageList_DragEnter
ImageList_SetOverlayImage
CreateStatusWindowA
ImageList_GetIconSize
InitCommonControlsEx
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_Duplicate
ImageList_GetImageInfo
ImageList_SetIconSize
CreateUpDownControl

gdi32

CreateRectRgn
GetPolyFillMode
SetEnhMetaFileBits
EndDoc
GetTextCharacterExtra
CreateICW
SetBoundsRect
GetWinMetaFileBits
PolyTextOutW
PlayEnhMetaFile
CreateCompatibleDC
CreateScalableFontResourceW
LineDDA

kernel32

CloseHandle
GetLocaleInfoW
lstrcpynA
TerminateProcess
HeapCreate
TlsFree
TlsGetValue
FindClose
GetStdHandle
LCMapStringA
LoadLibraryA
GetEnvironmentStringsW
GetLocaleInfoA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetSystemDirectoryW
InitializeCriticalSection
GetModuleFileNameA
GetStringTypeA
SetFilePointer
ReadFile
GetFileSize
lstrlen
OpenMutexA
GetCurrentThread
HeapAlloc
WriteConsoleOutputAttribute
DeleteAtom
GetProcAddress
GetDateFormatA
GetFileAttributesW
SetCurrentDirectoryW
FindNextFileA
SetStdHandle
FlushFileBuffers
DeleteCriticalSection
OpenWaitableTimerW
CommConfigDialogA
lstrcpyn
TlsSetValue
WritePrivateProfileStructW
LeaveCriticalSection
SetLastError
EnterCriticalSection
VirtualProtect
GetStartupInfoW
SetThreadLocale
FindFirstFileExW
GetSystemDefaultLangID
IsValidCodePage
WritePrivateProfileStringW
GetLastError
lstrcmp
EnumSystemLocalesA
EnumDateFormatsA
EnumCalendarInfoA
InterlockedIncrement
SetConsoleCursorPosition
GetTickCount
GetACP
HeapDestroy
IsBadWritePtr
InterlockedExchange
GetStringTypeW
GetCurrentThreadId
GetVersion
FreeEnvironmentStringsA
SetVolumeLabelA
CompareFileTime
FindResourceA
VirtualUnlock
GetModuleFileNameW
GetEnvironmentStrings
FileTimeToLocalFileTime
HeapReAlloc
GetCurrentProcessId
WideCharToMultiByte
GetOEMCP
FillConsoleOutputCharacterA
ReadConsoleInputW
ExitProcess
VirtualLock
FormatMessageA
GetNamedPipeInfo
SetEnvironmentVariableA
GetCPInfo
CreateMailslotA
UnhandledExceptionFilter
SetHandleCount
GetSystemDefaultLCID
CreateDirectoryA
GetTimeFormatA
CreateMutexA
GetVersionExA
GetLogicalDriveStringsA
VirtualAlloc
VirtualFree
ExpandEnvironmentStringsW
WaitNamedPipeW
CompareStringA
GlobalLock
RtlUnwind
CommConfigDialogW
GetModuleHandleW
VirtualQuery
CreateNamedPipeW
IsValidLocale
LockResource
ExitThread
GetUserDefaultLCID
GetCommandLineA
GetFileType
SetFileTime
VirtualProtectEx
GetCommandLineW
GetThreadTimes
GetModuleHandleA
SetConsoleScreenBufferSize
WriteConsoleA
GetCurrentProcess
lstrcpynW
GetExitCodeThread
GetTimeZoneInformation
LCMapStringW
CompareStringW
GetNumberFormatW
GetNamedPipeHandleStateA
EnumSystemCodePagesA
WaitForDebugEvent
GetVolumeInformationW
HeapFree
TlsAlloc
FreeEnvironmentStringsW
MultiByteToWideChar
GetProfileIntW
GetStartupInfoA
GetSystemInfo
LocalReAlloc
HeapSize
WriteFile

Sections

.text
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9fb412dab4a026762821cb888951e6e

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

Sections

.text Size: 148KB - Virtual size: 145KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 92KB - Virtual size: 109KB

.rsrc Size: 88KB - Virtual size: 84KB

.text
Size: 148KB - Virtual size: 145KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 92KB - Virtual size: 109KB

.rsrc
Size: 88KB - Virtual size: 84KB