263072f4439faa974a75f21d7759afaa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

263072f4439faa974a75f21d7759afaa_JaffaCakes118
Size

528KB
MD5

263072f4439faa974a75f21d7759afaa
SHA1

ef7e7ffc1413c2917a8788549a4fd50ee38c772d
SHA256

ca7212991e5948ffa610d9c4147dc6d62643d06973297b391f479d51ef5efe77
SHA512

de647e89e6edea1b617c3363fb6a0485de2231ab28ffdc2a32100300fb5d48da63d3ca5f8ac843c870edebbcf458df7521b2ab8286857601bcde3904c51aec91
SSDEEP

12288:EVOHx0uijJ4Ipm/rlLZ7J2PxREjEoiSaQKT:EVOHx0uiCc6R17JUEgzQY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
263072f4439faa974a75f21d7759afaa_JaffaCakes118

Files

263072f4439faa974a75f21d7759afaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d292e855b760e4714df920b5f64130d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\scg\bpbaeef\qbtsioy.PDB

Imports

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseColorA

kernel32

WideCharToMultiByte
SetStdHandle
CompareStringA
MoveFileA
HeapDestroy
GetModuleHandleW
GetProfileStringA
LCMapStringA
GetCurrentThreadId
FreeEnvironmentStringsA
WriteFile
CreateEventA
OpenMutexA
TerminateProcess
InterlockedDecrement
AllocConsole
TlsGetValue
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
CreateMutexA
GetLongPathNameW
GetLastError
SetLastError
GetLocaleInfoA
QueryPerformanceCounter
GetCurrentProcess
Sleep
HeapFree
IsDebuggerPresent
GetCurrentThread
TlsFree
SetConsoleCtrlHandler
GetOEMCP
LCMapStringW
VirtualAlloc
LoadLibraryA
GetACP
LeaveCriticalSection
GetConsoleCP
GetThreadContext
WriteConsoleW
WriteConsoleOutputAttribute
EnumResourceLanguagesW
IsValidLocale
InterlockedExchange
FreeEnvironmentStringsW
FlushFileBuffers
GetPrivateProfileSectionW
HeapAlloc
GetProcessHeap
GetCommandLineA
SetUnhandledExceptionFilter
EnumSystemLocalesA
RtlUnwind
GetStringTypeA
GetProfileSectionA
GetTickCount
IsValidCodePage
SetHandleCount
GetUserDefaultLCID
GetDateFormatA
GetTimeZoneInformation
GetLocaleInfoW
GetModuleFileNameA
GetCurrentProcessId
SetEnvironmentVariableA
GetConsoleMode
TlsAlloc
GetVersionExA
CreateFileA
EnterCriticalSection
VirtualQueryEx
CommConfigDialogW
TlsSetValue
CreateWaitableTimerA
GetEnvironmentStringsW
FreeLibrary
CloseHandle
GetEnvironmentStrings
ReadFile
GetTimeFormatA
GetEnvironmentVariableA
HeapCreate
WriteConsoleA
FindResourceW
HeapSize
GetStartupInfoA
GetPrivateProfileStructW
VirtualFree
GetConsoleOutputCP
MultiByteToWideChar
VirtualQuery
GetFileType
GetCurrentDirectoryA
SystemTimeToTzSpecificLocalTime
GetProcAddress
GetSystemTimeAsFileTime
GetStdHandle
SetFilePointer
CompareStringW
GlobalSize
HeapReAlloc
GetStringTypeW
GetCPInfo
GetModuleHandleA
UnhandledExceptionFilter
ExitProcess

comctl32

InitCommonControlsEx
InitMUILanguage
ImageList_SetOverlayImage
CreateStatusWindow

user32

RegisterClassExA
CreateIconFromResource
CreateDialogParamW
TranslateAcceleratorA
LookupIconIdFromDirectoryEx
WaitMessage
GetClassLongA
DdeAbandonTransaction
CheckMenuRadioItem
ShowWindow
DdeGetLastError
GetNextDlgGroupItem
GetAltTabInfo
DefFrameProcW
SetMenuInfo
IsChild
GetWindowModuleFileNameA
ReleaseDC
GetClassNameW
DestroyWindow
IsDlgButtonChecked
MessageBoxA
RegisterClassA
LoadStringA
CreateWindowExA
DrawStateA
DrawStateW
InsertMenuW
GetMenuItemRect
LoadImageW
DefWindowProcW
DdeInitializeA
EnumThreadWindows
CreateCaret
MessageBoxIndirectA
ChildWindowFromPointEx
ScreenToClient
GetCaretBlinkTime
EndDialog
UnhookWindowsHookEx
UpdateWindow

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d292e855b760e4714df920b5f64130d

Headers

File Characteristics

PDB Paths

Imports

comdlg32

kernel32

comctl32

user32

Sections

.text Size: 108KB - Virtual size: 105KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 138KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 108KB - Virtual size: 105KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 138KB

.rsrc
Size: 48KB - Virtual size: 44KB