2edd6052d07e3cfa96f5c855598245ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2edd6052d07e3cfa96f5c855598245ea_JaffaCakes118
Size

408KB
MD5

2edd6052d07e3cfa96f5c855598245ea
SHA1

c80e168792a56f272b47a841ff8d1e43caa5fedf
SHA256

8abbbdda2b6ac05abe0e4fc8f6d4095305e1c3f4cf1087f7b7f471d09d32a8d6
SHA512

65499dd81c5ce0cf3f04dcbbaa95605ae60223f2f07a4c4507ebc4eb39be9ca7bf3a14df84337b5e8703bee08a81c63b0d443d02916d8e34b7a262ca3872c144
SSDEEP

6144:zkeL6s6Q3MlyQ7fRKNAL/VAA0fvZabI3utVBe3GQdXyK6KO7ZCW:lL6s6Q3MlNdKNG2Q0+tVBrPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2edd6052d07e3cfa96f5c855598245ea_JaffaCakes118

Files

2edd6052d07e3cfa96f5c855598245ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

acbe63e15423e7451cafff78d2e122e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\drly\ehgw\urjjnjxx\phetige.pdb

Imports

comctl32

CreateStatusWindow
CreateToolbar
ImageList_SetIconSize
ImageList_Read
ImageList_Create
ImageList_Merge
ImageList_DrawIndirect
DrawStatusTextA
MakeDragList
ImageList_Remove
ImageList_GetFlags
ImageList_SetFlags
ImageList_AddIcon
ImageList_Add
CreateStatusWindowW
CreateMappedBitmap
ImageList_SetFilter
_TrackMouseEvent
ImageList_SetDragCursorImage
GetEffectiveClientRect
InitCommonControlsEx
ImageList_Copy
ImageList_SetBkColor

kernel32

CreateFileA
ExitProcess
TlsAlloc
GetStringTypeA
GetUserDefaultLCID
GetCurrentThreadId
GetCPInfo
GetModuleFileNameA
TlsFree
GetConsoleTitleA
GetTempPathW
SetEnvironmentVariableA
EnterCriticalSection
GetCurrencyFormatW
GetCommandLineW
GetSystemTimeAsFileTime
GlobalFindAtomA
IsValidCodePage
UnlockFileEx
VirtualFree
InterlockedCompareExchange
WideCharToMultiByte
VirtualProtectEx
GetCurrentProcess
GetProcAddress
HeapCreate
VirtualAlloc
TerminateProcess
CreateDirectoryExW
IsValidLocale
MultiByteToWideChar
GetCommandLineA
GetLongPathNameW
WriteConsoleA
GetSystemDirectoryW
UnhandledExceptionFilter
GetTimeZoneInformation
ReadFile
SetConsoleCtrlHandler
WriteConsoleW
GetDateFormatA
GetACP
GetNamedPipeHandleStateW
SetStdHandle
GetCurrentThread
SetLastError
QueryPerformanceCounter
Sleep
CreateMutexA
HeapReAlloc
HeapDestroy
WritePrivateProfileSectionW
MoveFileExW
FillConsoleOutputCharacterA
LeaveCriticalSection
HeapAlloc
GetVersionExW
VirtualProtect
CloseHandle
TlsSetValue
GetSystemDefaultLangID
FlushFileBuffers
EnumSystemLocalesA
GetLastError
CompareStringW
GetStartupInfoW
GetFileType
GetCurrentProcessId
EnumResourceNamesW
SetHandleCount
GlobalSize
LCMapStringA
IsDebuggerPresent
AddAtomA
GetConsoleOutputCP
CreateFileMappingW
GetPriorityClass
VirtualQuery
HeapSize
EnumCalendarInfoW
ReadConsoleOutputCharacterW
CreateNamedPipeA
GetLocaleInfoW
SetConsoleTitleA
SetFileAttributesA
EnumResourceTypesW
SetConsoleCursorPosition
WriteProfileStringW
GetEnvironmentStringsW
OpenMutexA
EnumDateFormatsExA
GetModuleFileNameW
GetProfileStringW
InterlockedExchange
CreateToolhelp32Snapshot
GetEnvironmentStrings
GetLogicalDriveStringsW
LCMapStringW
LoadLibraryA
GetOEMCP
GetStartupInfoA
HeapFree
FreeLibrary
CompareStringA
GlobalHandle
OpenFileMappingW
GetStringTypeW
ReadConsoleOutputW
InterlockedDecrement
InterlockedIncrement
WriteFile
TlsGetValue
FreeEnvironmentStringsA
GetConsoleMode
FreeEnvironmentStringsW
DeleteCriticalSection
GetModuleHandleA
GetTimeFormatA
GetLocaleInfoA
GetTickCount
GetProcessHeaps
EnumSystemCodePagesA
RtlUnwind
GetProcessHeap
GetThreadPriorityBoost
SetFilePointer
GetConsoleCP
GetPrivateProfileStringW
CreateFileW
HeapLock
GetStdHandle
InitializeCriticalSection
GetVersionExA
CreateRemoteThread
SetUnhandledExceptionFilter
GetPrivateProfileSectionNamesW
FindResourceExW
MoveFileA
WriteConsoleOutputW
OpenSemaphoreA

user32

ToUnicode
GetPropA
GetMenuDefaultItem
CheckMenuRadioItem
TileWindows
SetWindowsHookExW
PtInRect
PostThreadMessageA
GetKeyboardLayout
SetScrollPos
CreateDialogParamA
CharUpperA
GetPropW
GetDC
InflateRect
TileChildWindows
GetWindowLongW
DeleteMenu
DdeConnectList
RegisterClassExA
GetProcessDefaultLayout
AdjustWindowRect
DefDlgProcW
GetDoubleClickTime
CreateAcceleratorTableA
UnregisterClassW
RegisterClassA
SetWindowLongA
ShowWindow
MessageBoxW
DdeKeepStringHandle
CascadeChildWindows
GetActiveWindow
CreateWindowExA
RemovePropW
CharUpperW
GetKeyNameTextW
GetWindowContextHelpId
ReleaseCapture
GetAltTabInfo
GetMenuBarInfo
DefWindowProcA
SetWindowLongW
SendDlgItemMessageW
DestroyWindow
GetUserObjectInformationW
SendMessageW
UnloadKeyboardLayout

gdi32

DeleteDC
CreateCompatibleDC
GetCharWidth32A
GetBkMode
GetWinMetaFileBits
GetTextCharsetInfo
GetDeviceCaps
ExtSelectClipRgn
UpdateICMRegKeyA
StrokePath
SetICMMode
GetLogColorSpaceA
CreateDCA
RectVisible
GetDIBits
DeleteObject
ExtEscape
CreatePenIndirect
SetStretchBltMode
GetColorSpace
SelectObject
GetCharWidthW
DeleteEnhMetaFile
GetClipBox
Polyline
GetObjectA
SetWindowExtEx

advapi32

RegCreateKeyExW
LookupAccountNameA
LogonUserA
RegReplaceKeyA
CryptSignHashW
CryptAcquireContextW
RegQueryInfoKeyW

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acbe63e15423e7451cafff78d2e122e8

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 76KB - Virtual size: 73KB

.data Size: 96KB - Virtual size: 103KB

.rsrc Size: 84KB - Virtual size: 82KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 76KB - Virtual size: 73KB

.data
Size: 96KB - Virtual size: 103KB

.rsrc
Size: 84KB - Virtual size: 82KB