28e102f366f85b93e1d85bbae83119ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28e102f366f85b93e1d85bbae83119ca_JaffaCakes118
Size

633KB
MD5

28e102f366f85b93e1d85bbae83119ca
SHA1

e0d7958214bd02a3bd7b05819fc98ebb09736a22
SHA256

9f4cb725025d592cb46d0baacc142c245a40d1ba369f3684e5a642dd5ab784ab
SHA512

152a26a849a193cd9810e1a4052c42b005dd7064ad9df9b5ef0e61c7b37ff2ebaea6a9162d2f755132c118e932ed67e8292e3583aafb8960e2bb99e87875990a
SSDEEP

12288:y6cG3ST4ocR9dWLAX/gZdi7gp+8cpaUJOVb79:vM4oyzW0Z757OVbh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28e102f366f85b93e1d85bbae83119ca_JaffaCakes118

Files

28e102f366f85b93e1d85bbae83119ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccece62efd7284ab5a92a001fa1e5538

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\qozlnvfc\edi\urne

Imports

user32

RegisterClassA
MessageBoxW
SetLastErrorEx
CreateWindowExW
ShowWindow
RegisterClassExA

comctl32

ImageList_SetImageCount
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_Duplicate
GetEffectiveClientRect
MakeDragList
ImageList_SetOverlayImage
ImageList_AddIcon
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_SetIconSize
CreateStatusWindowA
ImageList_Write
ImageList_GetImageCount
ImageList_Copy
DrawStatusText
InitCommonControlsEx
ImageList_AddMasked
ImageList_Merge

kernel32

LCMapStringA
OpenMutexA
GetEnvironmentStringsW
FindFirstFileW
SetLastError
HeapFree
GetExitCodeProcess
WriteConsoleW
UnhandledExceptionFilter
FreeEnvironmentStringsA
WriteConsoleA
RtlUnwind
IsValidCodePage
MultiByteToWideChar
WriteProfileSectionW
SetEnvironmentVariableA
GetDateFormatA
GetCurrentProcess
EnterCriticalSection
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
SetConsoleCtrlHandler
TlsSetValue
WideCharToMultiByte
HeapCreate
GetConsoleMode
HeapSize
LCMapStringW
GetStringTypeW
SetComputerNameW
TlsAlloc
GetConsoleCP
GetTimeZoneInformation
SetPriorityClass
GetCommandLineA
GetModuleFileNameA
VirtualQuery
lstrcpynA
GetConsoleOutputCP
QueryPerformanceCounter
CreateFileA
FindAtomW
CompareStringW
GetUserDefaultLCID
GetProfileStringW
CreateMutexA
InterlockedDecrement
InterlockedExchange
VirtualFree
LeaveCriticalSection
FreeLibrary
GetLastError
VirtualAlloc
GetSystemTimeAsFileTime
GetLocaleInfoA
GetCurrentThreadId
SetStdHandle
TerminateProcess
FileTimeToDosDateTime
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetCurrentThread
ExitProcess
GetProcAddress
HeapReAlloc
GetStringTypeA
GetTickCount
GetPriorityClass
ReadFile
GetEnvironmentStrings
TlsGetValue
DeleteCriticalSection
HeapAlloc
SetHandleCount
GetTimeFormatA
GetCurrentProcessId
LoadLibraryA
SetVolumeLabelW
GetOEMCP
IsValidLocale
GetFileType
SetThreadAffinityMask
HeapDestroy
CloseHandle
GetStdHandle
ReadConsoleOutputCharacterA
ReadConsoleOutputAttribute
SetUnhandledExceptionFilter
CompareStringA
SetFilePointer
FoldStringA
GetStartupInfoA
GetACP
InterlockedIncrement
FlushFileBuffers
LocalFree
Sleep
FreeEnvironmentStringsW
TlsFree
VirtualAllocEx
WriteFile
EnumSystemLocalesA
GetModuleHandleW

shell32

SHGetNewLinkInfo
DragQueryFile
SHGetSpecialFolderLocation
ShellAboutW

comdlg32

ChooseFontA
GetFileTitleW

wininet

IncrementUrlCacheHeaderData
FindFirstUrlCacheEntryA
InternetGoOnlineA

gdi32

FrameRgn
CreateColorSpaceA
GetTextMetricsA
SetBrushOrgEx
SetTextCharacterExtra
PolyBezier
PtVisible
RectInRegion
GetSystemPaletteEntries
GetMetaFileW
GetTextExtentPoint32W
EnumFontsW
DeleteDC
SetWorldTransform
CreateCompatibleBitmap
RealizePalette
CreateDCA
Ellipse
CloseMetaFile
SetICMProfileA
GetCharABCWidthsW
CombineTransform
GetClipBox
MoveToEx
GetDeviceCaps
OffsetRgn

Sections

.text
Size: 382KB - Virtual size: 381KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccece62efd7284ab5a92a001fa1e5538

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

shell32

comdlg32

wininet

gdi32

Sections

.text Size: 382KB - Virtual size: 381KB

.rdata Size: 51KB - Virtual size: 68KB

.data Size: 114KB - Virtual size: 114KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 382KB - Virtual size: 381KB

.rdata
Size: 51KB - Virtual size: 68KB

.data
Size: 114KB - Virtual size: 114KB

.rsrc
Size: 84KB - Virtual size: 84KB