2aba4c33d2d02e8008287edff1435efd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2aba4c33d2d02e8008287edff1435efd_JaffaCakes118
Size

792KB
MD5

2aba4c33d2d02e8008287edff1435efd
SHA1

ed7903dbbcee872bdb7378307a8dfded27414ace
SHA256

2feb1dd9dc4b7c1b73755d0f4e0258c1eaf7b68d9587bee7944c03a2cf00be0f
SHA512

c3a20d85d7459dee936db329f63ede3a020fe3afa09659a33a7a4c05ccc6cf01ee3ddb9a5e3508202e1b01d9c7d7998d143c59d77678660993fc21280e97885d
SSDEEP

24576:etaYBf8PiBkUWsD8rljhPs3y1GZegqcvGT:+aYBf+ixkljBiJZegRvG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aba4c33d2d02e8008287edff1435efd_JaffaCakes118

Files

2aba4c33d2d02e8008287edff1435efd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d24d0c3f2ce78eac3b1f79cded9965ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\rskerwrejb.pdb

Imports

advapi32

AbortSystemShutdownW
RegEnumKeyExA
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
ReportEventA
LookupPrivilegeDisplayNameA
LookupSecurityDescriptorPartsA
LookupPrivilegeNameA

user32

ExitWindowsEx
GetClipboardViewer
GetMessageTime
CopyAcceleratorTableA
GetCursorPos
EnumThreadWindows
EnumPropsExW
ModifyMenuA
GetWindowPlacement
DdeInitializeW
CreateWindowStationW
SetWindowLongW
DrawTextW
DestroyMenu
DdeCreateStringHandleW
RegisterClassExA
LoadImageW
DefDlgProcW
SetMessageQueue
GetKeyboardLayoutNameA
CharLowerW
wsprintfW
EndDialog
EnumDesktopsW
BlockInput
VkKeyScanA
PtInRect
DialogBoxParamA
CharLowerA
GetForegroundWindow
DdeSetQualityOfService
GetMonitorInfoA
GetWindowModuleFileNameA
OpenDesktopW
CreateIconFromResourceEx
EnumDesktopWindows
GetMenu
CascadeChildWindows
CallMsgFilterW
EnumPropsA
AdjustWindowRect
DdeQueryStringW
DdeAccessData
EnableScrollBar
IntersectRect
GetMenuState
InflateRect
IsCharUpperA
SetTimer
SetParent
ToAsciiEx
GetShellWindow
RegisterClassA

comctl32

ImageList_Duplicate
MakeDragList
DestroyPropertySheetPage
CreateUpDownControl
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Copy
ImageList_Remove
ImageList_DragEnter
ImageList_SetFlags
ImageList_SetImageCount
ImageList_GetIcon
InitCommonControlsEx
ImageList_Merge
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Create
ImageList_AddIcon
ImageList_LoadImageA
ImageList_AddMasked
CreateStatusWindow
ImageList_BeginDrag
ImageList_DragLeave

comdlg32

GetOpenFileNameA
ChooseFontA

kernel32

GetCurrentProcess
TerminateProcess
GetStdHandle
CreateDirectoryExW
FindResourceExW
WriteConsoleOutputA
CloseHandle
GetConsoleCursorInfo
GetPrivateProfileIntA
GetVolumeInformationW
CompareStringA
ReadFile
GetEnvironmentStrings
GetComputerNameA
DebugBreak
WritePrivateProfileStringW
CreateEventA
GetDateFormatA
GetFileType
InterlockedIncrement
CreateMutexA
GlobalFlags
LeaveCriticalSection
lstrlenW
SetEnvironmentVariableA
IsBadWritePtr
GetSystemInfo
FileTimeToLocalFileTime
GetModuleFileNameW
LocalHandle
OpenMutexA
FormatMessageA
DeleteFileW
GetLocalTime
InitializeCriticalSection
GetStartupInfoW
GetCPInfo
GetCompressedFileSizeW
ExitProcess
GetProcAddress
TlsFree
FreeEnvironmentStringsW
FillConsoleOutputCharacterA
SetFilePointer
GetCurrentThread
HeapReAlloc
lstrcmpW
GetCurrentProcessId
FillConsoleOutputCharacterW
EnumTimeFormatsW
FlushFileBuffers
GetTickCount
SetComputerNameA
GetSystemTimeAsFileTime
GetAtomNameA
GetStartupInfoA
LockResource
GetVersion
GetSystemTime
TerminateThread
CreateNamedPipeA
GetPrivateProfileStringW
ReadFileEx
GlobalSize
LCMapStringA
GetCommandLineA
SetVolumeLabelA
HeapAlloc
GetLastError
VirtualAlloc
SetConsoleTitleA
LocalCompact
TlsGetValue
SetHandleCount
InterlockedDecrement
GetTimeZoneInformation
LCMapStringW
GetPrivateProfileSectionW
SetThreadLocale
LoadLibraryA
WriteConsoleOutputAttribute
GetProcAddress
GetStringTypeW
InterlockedExchangeAdd
OutputDebugStringW
SetConsoleWindowInfo
WriteConsoleA
HeapFree
TlsSetValue
WaitForSingleObject
FindNextChangeNotification
MoveFileA
GetModuleHandleA
IsDebuggerPresent
FreeEnvironmentStringsA
lstrlen
SetFileTime
lstrcatW
VirtualQuery
HeapDestroy
TlsAlloc
QueryPerformanceCounter
SetCriticalSectionSpinCount
EnumResourceTypesW
GetVolumeInformationA
MultiByteToWideChar
GetStringTypeA
FindClose
InterlockedExchange
SetStdHandle
WideCharToMultiByte
FlushViewOfFile
LocalFileTimeToFileTime
EnterCriticalSection
FillConsoleOutputAttribute
WriteFileEx
LoadModule
ReadConsoleOutputW
DeleteCriticalSection
RtlZeroMemory
GetModuleFileNameA
CompareStringW
RtlUnwind
HeapCreate
WriteFile
VirtualAllocEx
VirtualFree
LockFileEx
UnhandledExceptionFilter
IsValidLocale
ExpandEnvironmentStringsA
CreateFileA
GetCurrentThreadId
GetCommandLineW
SetLastError
lstrcmpi
SleepEx
GetEnvironmentStringsW

shell32

FreeIconList
ShellAboutA
RealShellExecuteW

gdi32

PolyBezierTo
SetDIBitsToDevice
CreateDIBitmap
SetBrushOrgEx
CopyEnhMetaFileA
CreatePatternBrush
RealizePalette
CloseEnhMetaFile
PtInRegion
SetPixelFormat
SetEnhMetaFileBits
CreateBitmapIndirect
CopyMetaFileW
GetViewportOrgEx
MoveToEx
CombineRgn
ExtCreateRegion
CreatePen
SetColorSpace
CombineTransform
GetCharABCWidthsFloatA
GetRandomRgn
GetTextCharsetInfo

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d24d0c3f2ce78eac3b1f79cded9965ea

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

comdlg32

kernel32

shell32

gdi32

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 392KB - Virtual size: 389KB

.data Size: 140KB - Virtual size: 160KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 392KB - Virtual size: 389KB

.data
Size: 140KB - Virtual size: 160KB

.rsrc
Size: 20KB - Virtual size: 17KB