28ef63b03f18c4e9a923dfc7506368fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28ef63b03f18c4e9a923dfc7506368fa_JaffaCakes118
Size

576KB
MD5

28ef63b03f18c4e9a923dfc7506368fa
SHA1

1ecce56e93eebf5eed03f59b5c000e0239ff4bbf
SHA256

ef957b759f8a5e4a9ee01dcf0253e712be20960fbc9ddf7f7bf9fd7e6b22b5e1
SHA512

86e8ef07f6105f91b58865ee41ce761e95cf5128bd0ed5fd6562663d886cacc9d70e1b8c1b1ff2ff03e09c621dd0f15a629581c242ccc16c89e5a2812fe57b90
SSDEEP

12288:vtO4cWeog2tXDVX5uUFOCNuh9ak8UGxc/oWFqJ4AKxdn40jfYr:vtrqorXDPFOCNuh9PMxNO05Gn40jK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ef63b03f18c4e9a923dfc7506368fa_JaffaCakes118

Files

28ef63b03f18c4e9a923dfc7506368fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53ae7089c32c94f121341ea519c07d65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\asxwv\syexuejqwg\uto\parcom\skcyj\

Imports

kernel32

FindClose
GetModuleFileNameA
GetDiskFreeSpaceW
FreeLibrary
RtlUnwind
LockFileEx
GetSystemTimeAsFileTime
SetTimeZoneInformation
EnumResourceNamesW
LocalHandle
FreeEnvironmentStringsA
GetFileAttributesA
FindResourceExW
OpenFileMappingW
GetCommandLineW
GetVersionExA
CompareStringA
TlsFree
GetEnvironmentStringsW
GetCurrentThreadId
SetThreadLocale
LoadLibraryA
GetConsoleCursorInfo
CompareFileTime
HeapCreate
Sleep
TryEnterCriticalSection
lstrcpynW
GetConsoleCP
FlushFileBuffers
TlsGetValue
GetOEMCP
ConnectNamedPipe
ReadConsoleA
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStrings
OpenMutexA
GetLongPathNameA
GetLocalTime
WriteConsoleA
IsValidLocale
VirtualQuery
InterlockedCompareExchange
WideCharToMultiByte
SetConsoleCtrlHandler
WriteFile
LCMapStringW
VirtualQueryEx
RtlZeroMemory
GetEnvironmentStringsA
LeaveCriticalSection
GetStringTypeW
GlobalFlags
SetLastError
GetFileAttributesExA
EnumSystemLocalesA
InterlockedDecrement
MoveFileW
HeapSize
CompareStringW
GlobalAddAtomA
GetConsoleMode
SetFileAttributesW
GetFileTime
TlsSetValue
lstrcpy
GetProcessHeap
WaitNamedPipeW
GetPrivateProfileStringW
GetModuleFileNameW
GetCurrentProcessId
GetTempPathA
InterlockedExchange
WaitForMultipleObjects
HeapDestroy
FreeResource
TlsAlloc
GetTempPathW
CreateMutexA
GetCPInfo
GetTickCount
MoveFileA
GetSystemDirectoryA
HeapReAlloc
InitializeCriticalSection
GetLocaleInfoA
CreateNamedPipeA
CloseHandle
FreeEnvironmentStringsW
lstrcat
MoveFileExA
GetPrivateProfileSectionNamesW
GetACP
GetDriveTypeA
GetCurrentProcess
TerminateThread
HeapFree
GetStringTypeA
LockFile
DeleteCriticalSection
GetProcAddress
SetFilePointer
SetConsoleOutputCP
ReadFile
GetLocaleInfoW
GetTimeZoneInformation
TerminateProcess
GetModuleHandleA
WriteConsoleW
GetPrivateProfileSectionA
SetUnhandledExceptionFilter
CreateFileA
HeapAlloc
GetCommandLineA
WritePrivateProfileStringA
LocalSize
ReleaseMutex
GetComputerNameA
InterlockedIncrement
FindAtomW
VirtualFree
GetStdHandle
GetComputerNameW
GetConsoleTitleA
SetStdHandle
MultiByteToWideChar
GetSystemTime
EnterCriticalSection
GetLastError
VirtualAlloc
GetUserDefaultLCID
GetNamedPipeHandleStateA
DeleteFileW
GetConsoleOutputCP
IsValidCodePage
LCMapStringA
GetCurrentThread
ReadFileEx
IsDebuggerPresent
EnumResourceLanguagesA
GetStartupInfoA
GetFileType
OpenFile
GetVersionExW
ExitProcess
UnhandledExceptionFilter
ExitThread
GetDateFormatA
SetEnvironmentVariableA
GetTimeFormatA

comctl32

DrawStatusText
DrawStatusTextA
ImageList_DragMove
ImageList_LoadImageA
ImageList_GetImageRect
ImageList_SetOverlayImage
DestroyPropertySheetPage
CreatePropertySheetPage
CreateStatusWindow
ImageList_GetImageInfo
ImageList_Replace
ImageList_Create
InitCommonControlsEx

comdlg32

GetOpenFileNameW
FindTextA
PageSetupDlgA
ReplaceTextW

gdi32

GetCharWidthFloatW
GetStretchBltMode
RectInRegion
GetTextFaceA
ResetDCW
GetClipBox
gdiPlaySpoolStream
GetEnhMetaFileHeader
RoundRect
GetObjectW
SelectClipRgn
GetTextExtentExPointA

shell32

ExtractIconExA

user32

SetMenuContextHelpId
DlgDirSelectComboBoxExA
GetListBoxInfo
DdeCmpStringHandles
MapVirtualKeyA
LoadAcceleratorsW
RegisterClassExA
DefWindowProcW
CreateWindowStationW
GetWindowRect
EnableMenuItem
EnumPropsA
SetMenu
DestroyMenu
DdeUnaccessData
GetTabbedTextExtentW
GetWindowModuleFileNameA
CreateIconFromResource
RealChildWindowFromPoint
SetClassLongW
IsWindowEnabled
DrawStateW
CharNextW
ActivateKeyboardLayout
SetCaretBlinkTime
SetMenuItemInfoW
SetCaretPos
SetCapture
GetMenuCheckMarkDimensions
GetClipboardFormatNameA
GetCursor
InSendMessage
RegisterClassExW
CreateAcceleratorTableW
SetMessageExtraInfo
GetClipboardFormatNameW
EnumClipboardFormats
DestroyWindow
CharLowerBuffW
SetScrollInfo
wvsprintfA
SetWindowWord
MessageBoxW
OpenWindowStationA
GetMessageExtraInfo
RedrawWindow
WaitMessage
GetScrollInfo
GetShellWindow
GetScrollBarInfo
LoadCursorFromFileW
ShowWindowAsync
SetWindowRgn
DialogBoxParamW
GetUpdateRect
CharToOemBuffA
GetWindowTextA
GrayStringA
SetTimer
GetCursorPos
InsertMenuItemW
DefDlgProcA
DdeDisconnect
CreateWindowExA
AnyPopup
TrackPopupMenu
GetProcessWindowStation
CharLowerA
ScrollWindowEx
LockWindowUpdate
CreateIconFromResourceEx
SetMenuItemBitmaps
MoveWindow
ChangeDisplaySettingsA
GetDlgCtrlID
RegisterHotKey
SetWindowPos
ScreenToClient
DrawTextW
MapDialogRect
DefFrameProcW
SetWindowLongW
LookupIconIdFromDirectoryEx
BringWindowToTop
CreateDialogParamW
DispatchMessageA
PeekMessageW
CharPrevExA
RegisterClassA
SetClassLongA
DdeQueryNextServer
TrackPopupMenuEx
MsgWaitForMultipleObjects
IsDlgButtonChecked
GetInputState
ShowWindow
CloseClipboard
GetWindowLongW
SetDoubleClickTime
PtInRect

wininet

HttpCheckDavCompliance
ShowX509EncodedCertificate
InternetConnectA
DeleteUrlCacheEntry
GopherGetAttributeA
InternetCombineUrlA
InternetCanonicalizeUrlW

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53ae7089c32c94f121341ea519c07d65

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

comdlg32

gdi32

shell32

user32

wininet

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 139KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 139KB

.rsrc
Size: 20KB - Virtual size: 18KB