266689850b3d0dbb8b49172df8c4309c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

266689850b3d0dbb8b49172df8c4309c_JaffaCakes118
Size

316KB
MD5

266689850b3d0dbb8b49172df8c4309c
SHA1

d81e2ee8ecaaa2d31808a29fd3503e9c21fcc56d
SHA256

862b91ddcad63d11b5fdacefed478113e339386d05dea3a7ad053c0fa099b69d
SHA512

df790c0d4813b09141bb1643888e4098a632260e3b1e4c5166f8e203aca510b66331db5a20907537071c4bc2c8a9f8477b8cc3374f5015ef061d0b77c1bf5256
SSDEEP

6144:tXS9+vIgypJHfMFlV9ULSg/cqpI+DRNyyvfnFL+0dHGwj:0gyJHfYl2pcqpRN53FS4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266689850b3d0dbb8b49172df8c4309c_JaffaCakes118

Files

266689850b3d0dbb8b49172df8c4309c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

32d4dcc6e59913557d84f30bbc60e48e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\KZQ

Imports

user32

FreeDDElParam
WINNLSGetIMEHotkey
GetMenuItemInfoW
GetScrollInfo
DefFrameProcA
AdjustWindowRectEx
OpenWindowStationW
MessageBoxW
DestroyWindow
SetWindowsHookW
RegisterClassExA
SetMenuItemInfoW
SwitchToThisWindow
CharPrevExA
ExcludeUpdateRgn
SetProcessDefaultLayout
GetMessageTime
DefWindowProcW
CharToOemA
RegisterClipboardFormatA
GetDlgItemTextA
RegisterClassA
SetClassWord
SystemParametersInfoA
SetClassLongW
DrawCaption
ShowWindow
CharUpperA
CreateWindowExA
DrawMenuBar
GetMenu
SetCaretPos
WinHelpA
TrackPopupMenuEx
AnyPopup
SendInput

kernel32

InterlockedIncrement
GlobalCompact
GetConsoleCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetHandleCount
CloseHandle
GetSystemTime
MoveFileA
GlobalUnlock
GetTimeZoneInformation
DeleteCriticalSection
CompareStringA
CompareStringW
OpenMutexA
AddAtomA
IsValidLocale
LocalFree
TlsAlloc
GetEnvironmentStrings
HeapCreate
SetThreadLocale
DeleteFileA
HeapAlloc
TerminateProcess
SetLastError
OpenSemaphoreA
GetLastError
ReleaseMutex
TlsSetValue
GetStringTypeExW
GetLocalTime
GlobalGetAtomNameA
lstrcmpW
RtlUnwind
VirtualProtect
GetThreadPriorityBoost
HeapReAlloc
WriteFile
LoadLibraryA
GetStringTypeA
MultiByteToWideChar
SetPriorityClass
FreeLibrary
CreateMailslotA
GetStdHandle
GetPrivateProfileSectionNamesW
InterlockedDecrement
CopyFileA
VirtualQuery
DeleteFileW
VirtualAlloc
InitializeCriticalSection
lstrcmp
GetTickCount
RaiseException
GetModuleFileNameA
GetCurrencyFormatA
FlushFileBuffers
GetUserDefaultLCID
WideCharToMultiByte
ReadFile
FreeEnvironmentStringsW
GetPrivateProfileSectionA
GetCurrentProcessId
LeaveCriticalSection
VirtualFree
SetEnvironmentVariableA
IsBadWritePtr
lstrcpynW
lstrcatA
TlsFree
WriteConsoleA
EnterCriticalSection
ResetEvent
PulseEvent
GetVersion
GetShortPathNameW
GetProfileIntW
GetCommandLineA
GetFileType
SetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
InterlockedExchangeAdd
EnumTimeFormatsA
GetProcAddress
EnumDateFormatsA
GetTimeFormatA
GetModuleHandleA
GetACP
SetConsoleTextAttribute
GetShortPathNameA
GetSystemTimeAsFileTime
GetCPInfo
ExitProcess
GetStringTypeW
GetPrivateProfileSectionW
SetCurrentDirectoryW
HeapDestroy
HeapFree
SetFileAttributesW
SetConsoleCtrlHandler
LCMapStringA
SetCurrentDirectoryA
GetEnvironmentStringsW
GetCurrentProcess
SetFilePointer
GetCurrentThread
UnlockFileEx
TlsGetValue
GetStartupInfoW
LCMapStringW
CreateMutexA
GetCurrentThreadId
InterlockedExchange
GetOEMCP
GetProcAddress
QueryPerformanceCounter

comctl32

ImageList_Destroy
ImageList_SetOverlayImage
DrawStatusTextW
ImageList_GetBkColor
CreateStatusWindow
ImageList_GetImageCount
InitCommonControlsEx
CreateToolbarEx
ImageList_SetImageCount
CreateToolbar
ImageList_GetFlags

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32d4dcc6e59913557d84f30bbc60e48e

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 92KB - Virtual size: 117KB

.rsrc Size: 80KB - Virtual size: 76KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 92KB - Virtual size: 117KB

.rsrc
Size: 80KB - Virtual size: 76KB