2c6f39685ece2cd80691476827c792ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c6f39685ece2cd80691476827c792ab_JaffaCakes118
Size

360KB
MD5

2c6f39685ece2cd80691476827c792ab
SHA1

ef39a866a7d9af6365790487e5a5493a0ef2258a
SHA256

ba3087265be366d0f7855228cfdcf18895c48888c38105497ce9f329071207cb
SHA512

a8d25dce3207ec28851e3aa3dedb63483fb3f38845d74ad2e76addb381c671760fec96ac5fd12a4637fffd59d0348fa4faf8e8781372c83d4c012f19c277ddf9
SSDEEP

6144:OPix09upPNsgV8BNxQOAVM0SEjlRaMe/F+ZKtxineIkvMTI/iOUJs8Ua0Kwl:OPix0IppViTQxM1+al/F+ZKtkneLUTCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6f39685ece2cd80691476827c792ab_JaffaCakes118

Files

2c6f39685ece2cd80691476827c792ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b22eb94d74409b41a9241adc94c472f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\oqkpbabb\xoo\kovzgt\zgnl\fjgjxf\exdlmo.pdb

Imports

comctl32

ImageList_BeginDrag
ImageList_GetFlags
ImageList_SetIconSize
CreatePropertySheetPageW
ImageList_EndDrag
DrawInsert
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_Draw
_TrackMouseEvent
InitCommonControlsEx
ImageList_Replace
ImageList_GetImageRect
GetEffectiveClientRect
ImageList_DragShowNolock
ImageList_Merge
MakeDragList

wininet

FtpGetFileW
IsUrlCacheEntryExpiredA
DeleteUrlCacheEntryW
FtpFindFirstFileW
FtpCreateDirectoryW
FtpSetCurrentDirectoryW
InternetGoOnline
ReadUrlCacheEntryStream
InternetOpenA

comdlg32

FindTextA

user32

DlgDirSelectExA
MessageBoxW
InsertMenuItemW
IsChild
CreateWindowExA
LoadMenuW
CreateWindowStationA
PeekMessageW
InvalidateRgn
InSendMessageEx
DialogBoxParamW
ScrollWindowEx
GetAltTabInfo
SetMenuInfo
SetRect
ValidateRect
OpenDesktopA
DdeAccessData
OpenIcon
CheckMenuRadioItem
OemKeyScan
LoadImageA
UnhookWindowsHook
GetSystemMenu
SetShellWindow
SetWindowsHookExA
RegisterClassA
VkKeyScanExA
CreateDesktopW
GetSysColorBrush
SetUserObjectInformationA
IsCharAlphaNumericA
SetWindowLongW
DrawTextExW
SetCursorPos
ShowWindow
GetClassInfoW
DdeQueryStringW
CloseClipboard
DrawEdge
CheckMenuItem
DlgDirListA
GetCapture
GetWindowPlacement
wsprintfA
BroadcastSystemMessageA
GetDlgItemTextA
SetCapture
RegisterClassExA
SetWindowLongA
CharUpperBuffA
DdeQueryStringA
DefDlgProcW
SetMenuDefaultItem
LoadMenuIndirectW
CountClipboardFormats
DeferWindowPos
TranslateMessage
AnimateWindow
RealChildWindowFromPoint
ChildWindowFromPoint
SendDlgItemMessageA
SetDlgItemTextA
MapVirtualKeyExW
SetClassWord
SetMessageQueue
DdeCreateDataHandle
DestroyWindow
SendIMEMessageExW
GetScrollBarInfo
OpenWindowStationW
GetNextDlgGroupItem
GetDlgCtrlID
PtInRect
DefWindowProcW
UnregisterClassA
GetMenuStringA
GetParent
GetTabbedTextExtentW
FindWindowW
DefMDIChildProcA
GetCursor
OemToCharBuffW
GetMenuContextHelpId
DefWindowProcA
GetMonitorInfoA
InsertMenuA
DlgDirSelectComboBoxExW
GetDlgItemTextW
EnableScrollBar
SetTimer
SetWindowsHookA
ShowOwnedPopups
SetForegroundWindow
AppendMenuW
CascadeChildWindows
EnumClipboardFormats
RegisterDeviceNotificationA
DdeSetQualityOfService
CreateDialogParamA

shell32

SHAppBarMessage
DragQueryFileAorW
ExtractIconA
SHFileOperation

kernel32

IsBadReadPtr
GetEnvironmentStrings
LeaveCriticalSection
HeapFree
LoadLibraryA
TlsAlloc
CompareStringA
HeapDestroy
GetSystemTime
CloseHandle
GetCurrentThread
TlsFree
GetACP
VirtualQuery
CreateMutexA
GetTimeZoneInformation
GetWindowsDirectoryA
OutputDebugStringA
GetStartupInfoA
DeleteCriticalSection
GetStdHandle
HeapLock
LCMapStringA
GetPrivateProfileStringW
GetProfileSectionA
GetTickCount
TlsSetValue
GetProcAddress
GetCurrentProcess
EnterCriticalSection
SetConsoleCtrlHandler
GetCPInfo
TerminateProcess
ExitProcess
GetCommandLineA
HeapCreate
GetNamedPipeInfo
SetEnvironmentVariableA
SetStdHandle
CreateProcessA
lstrcpynW
VirtualFree
SetFilePointer
InterlockedExchange
FlushFileBuffers
IsBadWritePtr
HeapAlloc
QueryPerformanceCounter
GetFileType
RtlUnwind
WideCharToMultiByte
InterlockedIncrement
SetLastError
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetEnvironmentVariableA
FreeEnvironmentStringsA
GetModuleFileNameA
WaitForDebugEvent
WritePrivateProfileSectionA
GetOEMCP
ReadFile
GetCurrentThreadId
LockResource
GetStringTypeA
GetEnvironmentStringsW
GetVersion
ResumeThread
InitializeCriticalSection
GetModuleHandleA
HeapReAlloc
FreeEnvironmentStringsW
GetLocalTime
LCMapStringW
TlsGetValue
FindClose
HeapValidate
CompareStringW
GetCurrentProcessId
GetLastError
VirtualAlloc
InterlockedDecrement
OpenMutexA
GetEnvironmentStringsA
WriteFile
SetHandleCount
GetStringTypeW
MultiByteToWideChar
DebugBreak

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b22eb94d74409b41a9241adc94c472f6

Headers

File Characteristics

PDB Paths

Imports

comctl32

wininet

comdlg32

user32

shell32

kernel32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 72KB - Virtual size: 70KB

.data Size: 92KB - Virtual size: 117KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 72KB - Virtual size: 70KB

.data
Size: 92KB - Virtual size: 117KB

.rsrc
Size: 48KB - Virtual size: 46KB