345f794cc4339d51b89651838dbfaedd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

345f794cc4339d51b89651838dbfaedd_JaffaCakes118
Size

564KB
MD5

345f794cc4339d51b89651838dbfaedd
SHA1

b34254d6e9e9d43e518d538bd4c1383466ea2be0
SHA256

26d36770a205a0f6fccdad14b0b5a5a8bdc45463c3a2417865cbf938117ffe5f
SHA512

1e2f211a38df350f4249983f9d88c024e4653ef162fdfceb2907adc03a7c134cf74fb206092c82b7b4ae912f5d1c2b0dd3ee15f73b7dbffcd701cebc76e09306
SSDEEP

12288:aNpfGufOzTaDUmw9XTvJ1B+MmjV+bgam+vhSpL8PUHoiVVfk:CfjOzTaDUmw9XzYMmUkkvcWiV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
345f794cc4339d51b89651838dbfaedd_JaffaCakes118

Files

345f794cc4339d51b89651838dbfaedd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

40ef6e3404f1674dfbb9526fe4a87f43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zaaeqb\epofe\goja\soistjyuzg\evkjwogwtt.pdb

Imports

kernel32

GetLocaleInfoW
UnmapViewOfFile
GetPrivateProfileSectionNamesA
LCMapStringA
CreateDirectoryExW
LoadLibraryExW
SetPriorityClass
HeapDestroy
GetLocaleInfoA
SetLastError
GetDateFormatA
FoldStringW
GetEnvironmentStringsW
CompareStringW
GetLongPathNameA
GetProcAddress
GetModuleHandleA
GlobalGetAtomNameW
GetOEMCP
GetDateFormatW
SetStdHandle
GetTimeZoneInformation
InterlockedDecrement
GetTickCount
InitializeCriticalSection
GetUserDefaultLangID
VirtualFree
FlushFileBuffers
Sleep
WriteConsoleA
QueryPerformanceCounter
GetLocalTime
GetTimeFormatA
FreeEnvironmentStringsW
LoadLibraryA
GetCurrentProcess
GetStringTypeExW
OpenProcess
InterlockedExchange
TerminateProcess
WriteFile
CloseHandle
HeapCreate
IsValidCodePage
MultiByteToWideChar
GetStdHandle
SetConsoleCtrlHandler
RtlUnwind
TlsAlloc
WideCharToMultiByte
GlobalLock
GetCurrentProcessId
CreateRemoteThread
EnumSystemLocalesA
GetVersionExA
MoveFileA
LCMapStringW
GetStringTypeA
GetProcessHeap
CreateMutexA
ReadConsoleInputW
IsValidLocale
CreateDirectoryA
HeapReAlloc
DeleteCriticalSection
FillConsoleOutputCharacterW
ContinueDebugEvent
GetThreadContext
SetHandleCount
EnterCriticalSection
GetFileType
GetEnvironmentStrings
VirtualQuery
EnumDateFormatsExW
SetTimeZoneInformation
SetFilePointer
GetModuleFileNameA
FreeLibrary
GetConsoleCP
GetCPInfo
GetConsoleOutputCP
lstrcmpiW
SetVolumeLabelA
TlsFree
OpenMutexA
FreeEnvironmentStringsA
GetLogicalDrives
GetConsoleTitleW
VirtualAlloc
HeapFree
InterlockedIncrement
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapSize
CreatePipe
TlsGetValue
MapViewOfFile
AllocConsole
WriteConsoleW
ExitProcess
SetConsoleWindowInfo
GetStartupInfoA
GetCurrentThread
TlsSetValue
GetLastError
FindNextChangeNotification
GetCurrentThreadId
ReadFile
GetACP
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetEnvironmentVariableA
GetSystemTime
LeaveCriticalSection
HeapAlloc
CreateFileA
EnumCalendarInfoExA
GetUserDefaultLCID
FlushConsoleInputBuffer
GetStringTypeW
lstrcmpiA
RaiseException
GetDiskFreeSpaceExA
GetCommandLineA
GetConsoleMode
CompareStringA

user32

ShowCaret
GetSysColor
RegisterClassA
MonitorFromPoint
SetMenu
DialogBoxIndirectParamW
IsWindow
DestroyWindow
GetWindowModuleFileNameW
DrawFrame
DlgDirSelectComboBoxExA
ChangeClipboardChain
MessageBoxIndirectW
MonitorFromRect
RemovePropW
LoadMenuIndirectA
DdeSetUserHandle
GetMenuItemID
SetDoubleClickTime
GetAltTabInfo
CallWindowProcW
AppendMenuW
GetKeyNameTextW
MapVirtualKeyA
SetDebugErrorLevel
GetWindowDC
LoadImageW
SetTimer
MessageBoxIndirectA
LoadMenuW
PostThreadMessageW
RegisterClassExA
CreateWindowStationW
UnregisterDeviceNotification
DefWindowProcA
IsChild
GetWindowTextLengthW
SetWindowTextW
SendNotifyMessageA
GetInputState
SendMessageW
SetMessageExtraInfo
CheckDlgButton
DdeInitializeW
InvalidateRgn
GetDoubleClickTime
LoadKeyboardLayoutW
WinHelpA
GetWindowWord
SetMessageQueue
GetWindowTextLengthA
IsCharAlphaNumericW
IsCharLowerA
CreateWindowExA
EnumWindows
CharLowerW
ReuseDDElParam
DlgDirSelectExA
CharLowerBuffA
CreateDesktopA
DefMDIChildProcW
CloseWindow
PostMessageA
EnumDesktopWindows
AnyPopup
ShowWindow
SetWindowTextA
GetClassNameW
ReleaseDC
DrawMenuBar
WINNLSEnableIME
SetLastErrorEx
GetClientRect
RealChildWindowFromPoint
RegisterDeviceNotificationW
IsCharAlphaA
UnregisterHotKey
LoadAcceleratorsW
SetMenuItemInfoA
MessageBoxW
OemToCharW
LoadMenuIndirectW
GetWindowPlacement
DdeQueryStringA
ToUnicode
VkKeyScanW
ShowOwnedPopups
BroadcastSystemMessage
GetDlgItemTextA
CallWindowProcA
SetMenuDefaultItem
wsprintfA
OemToCharA
DdeInitializeA
ChildWindowFromPoint
SetScrollInfo
CloseWindowStation
EndDeferWindowPos
NotifyWinEvent
InSendMessage
CharNextA
GetLastActivePopup
WaitForInputIdle

comctl32

ImageList_SetImageCount
DrawInsert
CreateStatusWindow
ImageList_DrawEx
ImageList_GetFlags
ImageList_SetFlags
CreateUpDownControl
ImageList_SetBkColor
ImageList_LoadImage
ImageList_Destroy
CreateToolbarEx
ImageList_SetOverlayImage
CreateToolbar
ImageList_BeginDrag
_TrackMouseEvent
CreatePropertySheetPageW
InitCommonControlsEx
ImageList_DragMove

advapi32

CryptEnumProviderTypesA
RegCreateKeyExA
RegEnumValueW
CryptCreateHash
CryptEnumProvidersW
CryptGetProvParam
CryptExportKey
CryptSetProviderA
CreateServiceW
RegSaveKeyA
CreateServiceA
CryptSignHashA
RegEnumValueA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40ef6e3404f1674dfbb9526fe4a87f43

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

advapi32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 112KB - Virtual size: 136KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 112KB - Virtual size: 136KB

.rsrc
Size: 24KB - Virtual size: 23KB