32c6ab4213e7071b1928c18d3b4f495b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32c6ab4213e7071b1928c18d3b4f495b_JaffaCakes118
Size

376KB
MD5

32c6ab4213e7071b1928c18d3b4f495b
SHA1

109d4a272ecb40e1dd0b4f3eac7021b0009b392a
SHA256

df718db1dfd00aa066a48160d36a6be37436f87d2964514905eba03ed19b434f
SHA512

3f83e57c569c615487c8e27fb4c0b4f282f6c615a176473a39313f004092d7d0ea2f55ff0c881dd5e5ae68943d980c61de1231c405a33d77f31d824e3ff5df07
SSDEEP

6144:ykbK1Nr5nGF1LKEiKEaJKAjKrAkk4U9zfDwMVMrUAi7o:/+155nGFUEiEJfDNRki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32c6ab4213e7071b1928c18d3b4f495b_JaffaCakes118

Files

32c6ab4213e7071b1928c18d3b4f495b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eef2638d87e1224b796dffdb1455b34e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\oleeavseit\nqlehylv\ayte.PDB

Imports

gdi32

SetPaletteEntries
CloseFigure
GetCharacterPlacementW
EnableEUDC
PatBlt
GetRasterizerCaps
GetStockObject
EnumFontFamiliesA
GetTextExtentPoint32W
GetTextExtentPoint32A
SetColorSpace
GetStretchBltMode
CreateScalableFontResourceW
PolyTextOutW
ExcludeClipRect
SelectObject

comdlg32

LoadAlterBitmap

kernel32

ExitProcess
GetEnvironmentStrings
Sleep
CloseHandle
GetCurrentThreadId
ResetEvent
QueryPerformanceCounter
SetConsoleCtrlHandler
GetLocaleInfoW
HeapCreate
RtlUnwind
GetTimeZoneInformation
SetEnvironmentVariableA
GetDateFormatA
TlsFree
CreateMutexA
VirtualFree
FindResourceExA
GetModuleFileNameA
GetLastError
LeaveCriticalSection
FreeEnvironmentStringsA
TerminateProcess
OpenMutexA
GetCommandLineA
GetUserDefaultLCID
GetVersionExA
GetConsoleCP
GetProcAddress
GetFileType
WriteFile
SetLastError
EnumSystemLocalesA
GetSystemTimeAsFileTime
GetLocaleInfoA
ReadFile
FlushFileBuffers
GetProcessHeap
TlsSetValue
WideCharToMultiByte
InterlockedExchange
HeapFree
GetVolumeInformationW
GetConsoleMode
SetFilePointer
GetEnvironmentStringsW
SetHandleCount
HeapSize
InterlockedDecrement
DeleteCriticalSection
TlsGetValue
GetCPInfo
EnterCriticalSection
GetACP
HeapReAlloc
GetStdHandle
GetStringTypeW
GetConsoleOutputCP
LoadLibraryA
FreeLibrary
GetStartupInfoA
FreeEnvironmentStringsW
GetPrivateProfileStringW
WriteConsoleA
CompareStringA
TransmitCommChar
HeapAlloc
CompareStringW
GetVersionExW
lstrcmpiA
GetModuleHandleA
FlushInstructionCache
UnhandledExceptionFilter
LCMapStringW
VirtualAlloc
GetStringTypeA
GetOEMCP
GetTimeFormatA
GetCurrentProcessId
TlsAlloc
InterlockedIncrement
SetStdHandle
GetCurrentThread
OpenFileMappingA
MultiByteToWideChar
SetUnhandledExceptionFilter
InitializeCriticalSection
IsDebuggerPresent
VirtualQuery
IsValidCodePage
HeapDestroy
IsValidLocale
GetCurrentProcess
CreateFileA
LCMapStringA
GlobalUnlock
WriteConsoleW
GetTickCount
WriteFileEx

user32

CloseClipboard
EnumDisplaySettingsW
EndTask
EnumDesktopsA
MapVirtualKeyExW
SetScrollInfo
SetProcessDefaultLayout
FindWindowA
EditWndProc
CreateWindowStationA
CreateWindowExW
GetSystemMetrics
PaintDesktop
GetProcessDefaultLayout
DestroyAcceleratorTable
GetClassWord
UnhookWinEvent
EnumClipboardFormats
SystemParametersInfoA
EnumPropsW
DdePostAdvise
GetWindowTextLengthA
DdeCreateStringHandleW
DefWindowProcW
CreateMDIWindowW
DrawEdge
WinHelpW
ShowWindow
GetClassNameW
RegisterClassExA
InvertRect
DestroyWindow
CreateWindowExA
SetClassWord
DlgDirSelectExW
GetKeyNameTextA
InvalidateRect
DdeDisconnectList
RegisterClassA
SetPropW
SetUserObjectInformationW
SetCaretBlinkTime
LoadIconA
RegisterHotKey
DefDlgProcA
GetScrollRange
GetSysColor
EnableScrollBar
DispatchMessageW
IsCharAlphaW
MessageBoxW
SetWindowPlacement
SwitchDesktop
GetClassInfoExW

wininet

FindCloseUrlCache
FindNextUrlCacheContainerW
InternetTimeFromSystemTimeW
InternetDial
InternetCloseHandle
InternetAttemptConnect
FindFirstUrlCacheEntryW

comctl32

ImageList_Read
ImageList_DrawIndirect
CreateToolbarEx
ImageList_SetFlags
ImageList_LoadImageW
InitCommonControlsEx
ImageList_GetImageCount
ImageList_Copy
ImageList_EndDrag
ImageList_LoadImageA
ImageList_GetDragImage
ImageList_SetOverlayImage
ImageList_Duplicate
CreateMappedBitmap
CreatePropertySheetPageW
CreatePropertySheetPageA

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eef2638d87e1224b796dffdb1455b34e

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

kernel32

user32

wininet

comctl32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 72KB - Virtual size: 68KB

.data Size: 96KB - Virtual size: 103KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 72KB - Virtual size: 68KB

.data
Size: 96KB - Virtual size: 103KB

.rsrc
Size: 52KB - Virtual size: 51KB