2d69eef94a2ac371d4ed1c6fd082baa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d69eef94a2ac371d4ed1c6fd082baa3_JaffaCakes118
Size

720KB
MD5

2d69eef94a2ac371d4ed1c6fd082baa3
SHA1

bf282be358cef4f32ae3bfd1ae51d5112ddbbe8b
SHA256

8d3a79975a79f03d1e69a18be88edd41b0215fa5fce26ce129fd784c785c90d4
SHA512

635222437800656b2c4d57641587040322eda6a60522da1884938552c8d8c54dcac2dd724db8a1f0327701dde0bd60a71a632558674217f160ede494a231e392
SSDEEP

12288:zZBKxYC8T5g6drByhhXqCp08y73aIBbmXEcxMaYYHozQwBzvmLSO7eRXD:FAR8T5a5Vpx7PavmLSjX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d69eef94a2ac371d4ed1c6fd082baa3_JaffaCakes118

Files

2d69eef94a2ac371d4ed1c6fd082baa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f95696f356afcce5e57b18be03156526

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\tyegaso.PDB

Imports

comctl32

ImageList_GetImageInfo
ImageList_GetDragImage
InitCommonControlsEx

user32

CharToOemBuffA
CharPrevA
ToAsciiEx
GetDlgItemInt
DdeUnaccessData
EnumPropsW
DestroyWindow
SendMessageTimeoutW
RemoveMenu
GetDialogBaseUnits
GetCapture
ScrollWindow
CreateWindowExW
CharUpperA
InvertRect
EnumChildWindows
CallWindowProcW
ImpersonateDdeClientWindow
LoadAcceleratorsA
GetCursorInfo
MonitorFromRect
OpenWindowStationW
SetMenu
GetSysColor
SubtractRect
ModifyMenuA
DdeClientTransaction
GetUserObjectInformationW
DdeAbandonTransaction
SendNotifyMessageW
GetIconInfo
MonitorFromPoint
WINNLSGetEnableStatus
GetClassNameW
LoadIconA
MessageBoxA
SetMenuDefaultItem
DialogBoxIndirectParamA
EnumDisplaySettingsW
ShowScrollBar
GetTabbedTextExtentW
DefWindowProcW
InsertMenuA
EnumWindowStationsW
MessageBoxExA
RegisterClassW
RegisterClassA
LoadKeyboardLayoutA
GetClipboardOwner
ScrollWindowEx
ShowWindow
MapVirtualKeyExA
CopyImage
TranslateAccelerator
DrawFrameControl
CallMsgFilter
DdeConnect
MapDialogRect
GetInputState
SetWindowPlacement
SetSystemCursor
CreateMenu
MapWindowPoints
GetCaretBlinkTime
RegisterClassExA
DestroyMenu
OpenWindowStationA
BringWindowToTop
DdeCreateDataHandle
SetFocus

kernel32

IsValidCodePage
lstrlenA
lstrcpyA
AllocConsole
LCMapStringA
SetLastError
GetFileType
CreateMutexW
lstrcmpA
ReadConsoleOutputCharacterW
WritePrivateProfileSectionA
GetCurrentProcessId
GetConsoleCP
RaiseException
ExitProcess
GlobalGetAtomNameW
GetModuleHandleA
GetLastError
GetCurrentDirectoryW
FindResourceA
OutputDebugStringW
OpenSemaphoreA
InterlockedIncrement
WriteProfileStringW
LeaveCriticalSection
LoadLibraryExA
GetSystemDirectoryW
Sleep
FileTimeToDosDateTime
GetCurrentThreadId
SetStdHandle
GetDiskFreeSpaceA
EnumCalendarInfoA
GetCommandLineW
GetUserDefaultLCID
SetFilePointer
CreateMailslotW
IsBadReadPtr
WaitForMultipleObjects
HeapSize
VirtualAllocEx
IsDebuggerPresent
GetCurrentProcess
LoadLibraryA
InterlockedDecrement
GetLogicalDriveStringsW
LocalCompact
OpenMutexA
SleepEx
IsValidLocale
CreateWaitableTimerA
ReadFileEx
CreateMutexA
MapViewOfFile
LoadModule
GetCurrencyFormatW
GetEnvironmentStringsW
OpenFile
GetDateFormatW
EnumResourceLanguagesA
CreateProcessA
LoadResource
WritePrivateProfileStructW
UnlockFile
SetConsoleMode
SetConsoleCtrlHandler
WideCharToMultiByte
HeapReAlloc
GetStringTypeW
DosDateTimeToFileTime
SuspendThread
LocalSize
TlsGetValue
GlobalFlags
EnumSystemLocalesA
HeapAlloc
TlsFree
GetTickCount
GetProfileSectionA
GetFileTime
GetCommandLineA
WritePrivateProfileStringW
SetEnvironmentVariableA
EnumDateFormatsExA
ReadConsoleW
VirtualProtect
GetCPInfo
GetStringTypeA
WriteConsoleOutputCharacterW
LockFileEx
DebugBreak
WriteConsoleA
GetModuleHandleW
GetDateFormatA
GetModuleFileNameA
DeleteCriticalSection
GlobalFree
LoadLibraryW
LocalFileTimeToFileTime
LCMapStringW
GetACP
WriteConsoleW
FindResourceW
GetTimeFormatA
GetProcessHeap
CompareStringW
FillConsoleOutputCharacterW
MultiByteToWideChar
EnterCriticalSection
UnhandledExceptionFilter
lstrcat
GetThreadLocale
HeapFree
VirtualAlloc
HeapCreate
GetSystemTimeAsFileTime
GetConsoleOutputCP
SetHandleCount
CloseHandle
VirtualQuery
SetConsoleCursorPosition
GetStdHandle
WriteFile
GlobalUnlock
SetUnhandledExceptionFilter
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
TerminateProcess
QueryPerformanceCounter
LocalAlloc
OpenMutexW
GetModuleFileNameW
FreeEnvironmentStringsW
TlsSetValue
LocalHandle
InterlockedExchange
WriteProfileSectionW
CreateToolhelp32Snapshot
VirtualFree
SetThreadAffinityMask
SetVolumeLabelA
GetCurrentThread
HeapLock
ReadFile
HeapValidate
TlsAlloc
GetLocaleInfoA
OutputDebugStringA
GetOEMCP
CreateFileA
HeapDestroy
GetLocaleInfoW
FreeLibrary
InterlockedCompareExchange
CompareStringA
RtlUnwind
GetStartupInfoA
WritePrivateProfileSectionW
WriteConsoleOutputW
FlushFileBuffers
GetConsoleMode
lstrcpynA
GetProcAddress
GetStartupInfoW

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f95696f356afcce5e57b18be03156526

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 296KB - Virtual size: 294KB

.data Size: 112KB - Virtual size: 140KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 296KB - Virtual size: 294KB

.data
Size: 112KB - Virtual size: 140KB

.rsrc
Size: 12KB - Virtual size: 11KB