2de8f0a2704242e360821f2a92c3adab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2de8f0a2704242e360821f2a92c3adab_JaffaCakes118
Size

596KB
MD5

2de8f0a2704242e360821f2a92c3adab
SHA1

57b7ac59531d5c192bc6bb458011fd10157f2ad9
SHA256

199828c0e44703101577d994ae77d317f5668fe97cdaeeb2f109adbf523d6c40
SHA512

7af99469c1fc7c25780e753aceee03b6926ed4da0cd8e77c698f1985af41df44e5d9adf7bf5d78a3cac6311513ad6054df58a3a656f44d0dc8a35d94bebaaf67
SSDEEP

12288:xWUG5++0tOynLkYeaFuq5F1bsuMRmmbFvRRIA56c9/:EUG5++0tOynLUaFB1bwVFkA56C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de8f0a2704242e360821f2a92c3adab_JaffaCakes118

Files

2de8f0a2704242e360821f2a92c3adab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6decc0be069b44d9f23b549835f47d61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\NDYXP\PQTEEOTT\ENXZBCRDCS\FEAECVPDGO\DSMKY

Imports

advapi32

CryptCreateHash
RegCreateKeyW
GetUserNameW
StartServiceA
RegDeleteKeyA
RegQueryMultipleValuesW
RegEnumValueA
CryptGenKey
RegSaveKeyA
CryptDuplicateHash

user32

SetRectEmpty
ShowCaret
InvalidateRgn
CreateMenu
wsprintfW
RegisterClassA
ChangeMenuA
IsMenu
GetMonitorInfoA
DdeQueryConvInfo
DdeDisconnectList
GetListBoxInfo
RegisterClassExA
GetWindowWord
TranslateAccelerator
UpdateWindow
LoadImageA
MessageBoxExA
GetMessageTime
RegisterClipboardFormatW
EnumDisplaySettingsExA
ClientToScreen
DlgDirSelectExW
GetKeyNameTextA
MessageBoxExW
UnregisterDeviceNotification
GetMenuCheckMarkDimensions
UnpackDDElParam
MonitorFromPoint
GetMessageW
DdeConnect

comctl32

CreateStatusWindow
CreateStatusWindowA
DrawStatusText
InitCommonControlsEx
ImageList_DragLeave
ImageList_GetFlags
InitMUILanguage
ImageList_Duplicate
ImageList_SetOverlayImage
ImageList_Write
GetEffectiveClientRect
DrawStatusTextA
ImageList_AddMasked
ImageList_BeginDrag

kernel32

SetStdHandle
GetStartupInfoA
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
SetHandleCount
SetFilePointer
EnumCalendarInfoW
GetACP
UnmapViewOfFile
GetCurrentProcessId
TlsAlloc
InterlockedExchange
FreeLibrary
HeapFree
WideCharToMultiByte
WriteConsoleA
MultiByteToWideChar
CreateToolhelp32Snapshot
FreeEnvironmentStringsA
EnterCriticalSection
HeapSize
IsDebuggerPresent
HeapAlloc
HeapDestroy
Sleep
GlobalAlloc
DeleteCriticalSection
GetOEMCP
GetModuleHandleA
HeapReAlloc
GetModuleFileNameA
GetDriveTypeW
GetConsoleTitleA
WaitForMultipleObjectsEx
GetCurrentThread
GetConsoleMode
CloseHandle
IsValidLocale
EnumCalendarInfoExW
ReadFile
SetThreadAffinityMask
TlsSetValue
GlobalGetAtomNameA
SetUnhandledExceptionFilter
LocalAlloc
GetCommandLineA
SetLastError
UnhandledExceptionFilter
EnumSystemLocalesA
TlsFree
GetTimeFormatA
CompareStringW
GetEnvironmentStrings
QueryPerformanceCounter
GetLastError
VirtualQuery
SetCurrentDirectoryA
GetLocaleInfoW
RtlUnwind
CompareStringA
GetStdHandle
CreateNamedPipeA
VirtualFree
lstrcpynA
GetCPInfo
InterlockedDecrement
GetStringTypeA
GetVersionExA
WriteFile
GetStartupInfoW
GetLogicalDriveStringsA
VirtualAlloc
GetEnvironmentVariableW
GetTickCount
IsValidCodePage
GetAtomNameA
FlushFileBuffers
GetUserDefaultLCID
InitializeCriticalSection
GetEnvironmentStringsW
WriteConsoleW
LCMapStringW
HeapCreate
ExitProcess
CreateMutexA
SetConsoleTextAttribute
GetProcAddress
LCMapStringA
GlobalReAlloc
GetConsoleCP
CreateFileA
CreateWaitableTimerA
CopyFileExA
GetModuleFileNameW
GetCurrentProcess
LeaveCriticalSection
GetProcessHeap
GetConsoleOutputCP
GetDiskFreeSpaceW
TerminateProcess
GetDateFormatA
GetCommandLineW
GetTimeZoneInformation
GetStringTypeW
OpenMutexA
SetFileAttributesW
LoadLibraryA
FreeEnvironmentStringsW
GetDiskFreeSpaceExW
GetCurrentThreadId
GetFileType
TlsGetValue
GetLocaleInfoA
SetEnvironmentVariableA
InterlockedIncrement
OpenFileMappingW

wininet

HttpSendRequestExA
GetUrlCacheEntryInfoExA

shell32

SHGetSpecialFolderPathA
SHQueryRecycleBinW
SHChangeNotify

Sections

.text
Size: 188KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6decc0be069b44d9f23b549835f47d61

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

kernel32

wininet

shell32

Sections

.text Size: 188KB - Virtual size: 184KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 116KB - Virtual size: 132KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 188KB - Virtual size: 184KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 116KB - Virtual size: 132KB

.rsrc
Size: 36KB - Virtual size: 34KB