3aecdb6424fa3ac91cbf7693c6363b6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aecdb6424fa3ac91cbf7693c6363b6f_JaffaCakes118
Size

532KB
MD5

3aecdb6424fa3ac91cbf7693c6363b6f
SHA1

29f79ac996172d9e9e24c05cf049b02ece8a6cdd
SHA256

29da05f7ec56aa4bdaea22532911370296cba31c26b9fe8db8414859dd01da47
SHA512

61e9c6d9ac22a0c0c9275f771a6fb96d897c5cfe8c53b4ab9705980b49dd9b4e7fd4cb525eac3ace8a83ec44aca9f5ec9814026205a05ad120697082f788f5d9
SSDEEP

12288:55OWs932Jb50D7amidORSHOu4LqA4I+QbzqnmmqReuXh9Gc1:rOWsMJbUmJO+7wqq+gqoZXhoc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aecdb6424fa3ac91cbf7693c6363b6f_JaffaCakes118

Files

3aecdb6424fa3ac91cbf7693c6363b6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7f8913aefdcd0f11a014cb036a088e30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eweszdri\emotluee\ettoy\btdc\gvuao.pdb

Imports

user32

LookupIconIdFromDirectory
DlgDirListW
AnyPopup
SetParent
BroadcastSystemMessageA
SetMenu
TrackPopupMenu
ChangeClipboardChain
GetMenu
EnumDisplaySettingsA
VkKeyScanW
ModifyMenuA
ShowCursor
FillRect
RegisterClassA
CheckRadioButton
GetPropA
GetKeyboardLayoutNameA
RegisterClassExA
GetKBCodePage
LoadMenuW
GetInputDesktop
MessageBoxA
CopyAcceleratorTableW
GetQueueStatus
GetWindowRgn
ExitWindowsEx
EnumDisplayMonitors
WINNLSEnableIME
RemoveMenu
LockWindowUpdate
MonitorFromPoint
ChangeMenuA
GetInputState
ReleaseCapture
OpenDesktopA
GetMonitorInfoA
EndMenu
PackDDElParam
OpenClipboard
GetClassNameA
CreateMDIWindowW
MsgWaitForMultipleObjects
ShowCaret
SetWindowLongW
DdeQueryStringA
DialogBoxIndirectParamA
LoadCursorFromFileA
GetWindowModuleFileNameW
GetClassLongW
BroadcastSystemMessage
WaitForInputIdle
SetCapture
EnumChildWindows
DefDlgProcW
RedrawWindow
LoadCursorFromFileW
GetMessageW
SetMenuItemInfoW
MapDialogRect
SendMessageTimeoutW
GetNextDlgGroupItem
GetProcessWindowStation
DestroyCaret
ShowWindow
GetWindowLongA
DdeConnect
SendNotifyMessageW
DefWindowProcA
DrawMenuBar
SetThreadDesktop
NotifyWinEvent
DdeUnaccessData
ShowScrollBar
GetClipboardSequenceNumber
DispatchMessageW
CallWindowProcA
CallMsgFilterW
GetTitleBarInfo
MoveWindow
WindowFromPoint
CreateWindowExW
SetDebugErrorLevel
DrawIconEx
ChangeDisplaySettingsW
LoadIconA
SetScrollInfo
GetWindowInfo
SendDlgItemMessageW
GetSubMenu
DrawTextExA
GetMenuContextHelpId
DestroyWindow
TranslateMDISysAccel
PostQuitMessage
DdeGetLastError
CopyRect
DdeReconnect
SetCaretBlinkTime
GetDC
DrawStateA
RegisterWindowMessageW
LoadAcceleratorsA

shell32

SHInvokePrinterCommandW
SHFileOperationW

kernel32

GlobalAlloc
GetLocaleInfoA
GetSystemTimeAdjustment
TlsSetValue
SetThreadContext
FreeEnvironmentStringsA
TlsFree
GetSystemTime
TerminateProcess
GetTimeFormatA
CreateProcessW
GlobalFix
GetModuleHandleA
HeapFree
GetModuleFileNameA
VirtualAllocEx
GlobalUnlock
QueryPerformanceCounter
GetCurrentThreadId
GetWindowsDirectoryW
SetLastError
GetTickCount
GetStringTypeA
HeapValidate
RtlUnwind
SetStdHandle
GetFileType
GlobalReAlloc
GetProfileSectionA
GetLastError
ResumeThread
WideCharToMultiByte
GetStdHandle
GetCurrentProcessId
WritePrivateProfileStringW
GetDateFormatA
SetEnvironmentVariableA
LCMapStringW
GetStartupInfoA
GetACP
GetCurrentThread
TransmitCommChar
GetSystemInfo
GetThreadContext
HeapSize
GetTempFileNameA
MultiByteToWideChar
InterlockedExchange
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
LoadLibraryW
GlobalGetAtomNameA
IsBadWritePtr
TlsGetValue
GetEnvironmentStrings
EnumSystemLocalesA
VirtualProtectEx
GetCPInfo
ExitProcess
CompareStringA
GetShortPathNameA
FlushViewOfFile
UnhandledExceptionFilter
EnumCalendarInfoW
OpenMutexA
WriteFileEx
CreateFileMappingW
CreateMutexA
GetVersionExA
GetPrivateProfileSectionW
InterlockedDecrement
FlushFileBuffers
TlsAlloc
CreateSemaphoreA
GetThreadLocale
FindNextChangeNotification
GetEnvironmentStringsW
HeapDestroy
GetVolumeInformationW
GetProcAddress
RemoveDirectoryA
IsValidCodePage
EnumCalendarInfoA
GetOEMCP
CompareStringW
MoveFileExA
WaitForSingleObjectEx
LeaveCriticalSection
WriteFile
VirtualProtect
VirtualQuery
GetPrivateProfileIntA
SetHandleCount
CloseHandle
HeapCreate
ReadFile
EnterCriticalSection
IsValidLocale
EnumResourceNamesA
AddAtomW
CreateEventW
GetModuleFileNameW
ReadConsoleOutputAttribute
GetSystemDefaultLangID
InitializeCriticalSection
RemoveDirectoryW
LCMapStringA
LoadLibraryA
SetConsoleCursorPosition
GetTimeZoneInformation
GetUserDefaultLCID
GetCurrentProcess
HeapAlloc
EnumResourceTypesA
GetStringTypeW
GetLocaleInfoW
FreeEnvironmentStringsW
VirtualFree
GetModuleHandleW
GetCommandLineA
FormatMessageA
SetFilePointer
GetSystemTimeAsFileTime
VirtualQueryEx

gdi32

GetObjectW
SelectObject
DeleteColorSpace
GetPolyFillMode
GetDeviceCaps
GetTextExtentPointA
GetColorSpace
CreateDCW
GetStretchBltMode
DeleteDC
CreateEnhMetaFileW
EnumFontFamiliesExW
OffsetClipRgn
EnumICMProfilesW

advapi32

RegEnumKeyW
LookupPrivilegeDisplayNameW
LogonUserA
CryptDestroyHash
RegDeleteKeyA
InitiateSystemShutdownA
RegReplaceKeyW
CreateServiceA
CryptSetProviderA
RegQueryValueExW
CryptSetHashParam
RegQueryValueA
LookupPrivilegeNameA
CryptDecrypt

comctl32

ImageList_DrawEx
ImageList_GetFlags
CreateUpDownControl
InitCommonControlsEx
ImageList_DragMove
ImageList_LoadImageW
MakeDragList
CreateStatusWindowA
ImageList_SetFilter
ImageList_Copy
ImageList_SetBkColor
CreateToolbarEx
ImageList_GetImageCount
ImageList_Draw
ImageList_SetIconSize

wininet

InternetConfirmZoneCrossingA
HttpAddRequestHeadersW
FtpGetCurrentDirectoryW
CreateUrlCacheEntryA
InternetShowSecurityInfoByURLA

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f8913aefdcd0f11a014cb036a088e30

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

kernel32

gdi32

advapi32

comctl32

wininet

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 268KB - Virtual size: 264KB

.data Size: 100KB - Virtual size: 111KB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 268KB - Virtual size: 264KB

.data
Size: 100KB - Virtual size: 111KB

.rsrc
Size: 72KB - Virtual size: 68KB