28db3105c1dc593be612e9363ad8b682_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28db3105c1dc593be612e9363ad8b682_JaffaCakes118
Size

260KB
MD5

28db3105c1dc593be612e9363ad8b682
SHA1

a6dc96e91a1f2c8c0b941f982a109c099c9f7c19
SHA256

aeec40f3284800495bd77c1aca5e4a882744a59c8508b343cf2af193d6ce67f4
SHA512

9cc1b5fa46941785aef4d6a671294c9aa66de2048ec3fd24f528fba42abf645192d194ded9ee14fa84fa49c613d3c7b87ef6677dda698ce31f6bcc892cc44cba
SSDEEP

6144:uZz3mBH5cDE7EX7FruyHevvHeauf5rPTvp7HmF07gV9L+k:qWBeDT7FruyHee5rPTRaKwi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28db3105c1dc593be612e9363ad8b682_JaffaCakes118

Files

28db3105c1dc593be612e9363ad8b682_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1336cc21127e018e3523feb243be2a06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocString
VarUI4FromStr
SysFreeString

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateGuid

comdlg32

CommDlgExtendedError
GetOpenFileNameW

kernel32

LeaveCriticalSection
FlushInstructionCache
LockResource
GetDateFormatW
LoadLibraryExW
GetSystemTime
GetModuleHandleW
CreateFileA
EnterCriticalSection
SystemTimeToTzSpecificLocalTime
GetFileSize
GetProcessHeap
GetLogicalDrives
SizeofResource
GetCurrentDirectoryW
FindNextFileW
HeapReAlloc
FindFirstFileW
HeapDestroy
DeleteFileW
GetSystemTimeAsFileTime
CloseHandle
VirtualFree
IsProcessorFeaturePresent
SetCurrentDirectoryW
SetEndOfFile
RemoveDirectoryW
LoadResource
lstrcmpiW
WideCharToMultiByte
DeleteCriticalSection
HeapSize
RaiseException
SetFilePointer
FormatMessageW
GetDriveTypeW
CreateFileW
IsDebuggerPresent
LocalAlloc
SystemTimeToFileTime
HeapFree
FindClose
FileTimeToSystemTime
LocalFree
SetUnhandledExceptionFilter
OutputDebugStringW
FreeLibrary
VirtualAlloc
lstrlenW
FindResourceExW
ReadFile
FindResourceW
GetTimeFormatW
HeapAlloc
UnhandledExceptionFilter
WriteFile
GetCurrentThreadId
LoadLibraryW
VirtualAllocEx

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_LoadImageW
ImageList_Create

user32

FindWindowExW
GetWindowPlacement
FlashWindow
AttachThreadInput
CallWindowProcW
GetMessagePos
GetSystemMenu
GetClientRect
MonitorFromPoint
SetWindowTextW
TrackPopupMenuEx
DestroyIcon
EndDialog
SendMessageW
GetForegroundWindow
SetDlgItemTextW
CharNextW
ScreenToClient
IsRectEmpty
DialogBoxParamW
IsWindow
DestroyWindow
GetSystemMetrics
DefWindowProcW
GetDlgItem
GetActiveWindow
GetWindowThreadProcessId
IsIconic
GetParent
ShowWindow
CreateWindowExW
MapDialogRect
LoadCursorW
GetWindow
MonitorFromWindow
GetDesktopWindow
SetCursor
SetForegroundWindow
SetWindowPos
GetMonitorInfoW
MapWindowPoints
GetWindowRect
GetKeyboardType
GetWindowLongW
LoadImageW
SetWindowLongW
EnableWindow
RedrawWindow
ClientToScreen
MoveWindow
UnregisterClassA

esent

JetStopServiceInstance
JetRestore2
JetSetSessionContext
JetSetColumns
JetOpenTable
JetGetColumnInfo
JetIdle
JetResetCounter
JetTerm
JetIntersectIndexes
JetGetVersion
JetCreateDatabase2
JetBeginExternalBackup
JetAttachDatabase2

kbdkaz

KbdLayerDescriptor

Sections

.VYiNFJ
Size: 1KB - Virtual size: 17KB

IMAGE_SCN_MEM_READ

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.KSCJ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JjhNn
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oamox
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.txjER
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ApTdENG
Size: 512B - Virtual size: 199B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XPUnsHl
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lYUgV
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iwbPwgi
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aRtb
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XpzjpM
Size: 1024B - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1336cc21127e018e3523feb243be2a06

Headers

File Characteristics

Imports

oleaut32

ole32

comdlg32

kernel32

comctl32

user32

esent

kbdkaz

Sections

.VYiNFJ Size: 1KB - Virtual size: 17KB

.text Size: 17KB - Virtual size: 17KB

.KSCJ Size: 3KB - Virtual size: 2KB

.JjhNn Size: 1KB - Virtual size: 1KB

.oamox Size: 2KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 228KB

.txjER Size: 3KB - Virtual size: 2KB

.ApTdENG Size: 512B - Virtual size: 199B

.rdata Size: 209KB - Virtual size: 209KB

.XPUnsHl Size: 1KB - Virtual size: 1KB

.lYUgV Size: 1KB - Virtual size: 1KB

.iwbPwgi Size: 3KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 3KB

.aRtb Size: 1KB - Virtual size: 1KB

.XpzjpM Size: 1024B - Virtual size: 969B

.VYiNFJ
Size: 1KB - Virtual size: 17KB

.text
Size: 17KB - Virtual size: 17KB

.KSCJ
Size: 3KB - Virtual size: 2KB

.JjhNn
Size: 1KB - Virtual size: 1KB

.oamox
Size: 2KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 228KB

.txjER
Size: 3KB - Virtual size: 2KB

.ApTdENG
Size: 512B - Virtual size: 199B

.rdata
Size: 209KB - Virtual size: 209KB

.XPUnsHl
Size: 1KB - Virtual size: 1KB

.lYUgV
Size: 1KB - Virtual size: 1KB

.iwbPwgi
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 3KB

.aRtb
Size: 1KB - Virtual size: 1KB

.XpzjpM
Size: 1024B - Virtual size: 969B