37b9112de54b9f339d76bce4306dfef6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37b9112de54b9f339d76bce4306dfef6_JaffaCakes118
Size

764KB
MD5

37b9112de54b9f339d76bce4306dfef6
SHA1

a2c7b1d0874b5a93a59efae7ef4087e7b5f6dc59
SHA256

cceb200796c7dff42c0ea9253bb796594ec736025603d653cd9841df76cd5ed5
SHA512

8058896e9355789c4c7f5c62653c52853870f0fe8e67fd3ae73acae505021c1335fd6588f68a872cf3ace3282d512084416c0e2900c93fa04612a1b8ad9c4a1c
SSDEEP

12288:2nooEQ1oKiV8Hvbnv3N2ACbHSfxrQlcX5QT1hNnIg6ElCstHwzhC6rnxGPI0Sv41:2no5YQYsACLCQKX5QX1Tes5shZxGPI92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37b9112de54b9f339d76bce4306dfef6_JaffaCakes118

Files

37b9112de54b9f339d76bce4306dfef6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

766ef2ce4ed402c986d0ca7572b39de3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\owoosr\jeoxfe.pdb

Imports

comdlg32

FindTextW
FindTextA

wininet

CommitUrlCacheEntryW
InternetSetOptionExW

gdi32

GetObjectA
FlattenPath
GetNearestPaletteIndex
ResizePalette
SelectObject
SwapBuffers
CreateFontIndirectA
GetClipBox
SelectClipRgn
GetCharWidthW
SetRectRgn
GetMetaRgn
CreateDCA
GetPixel
GetDeviceCaps
GetRasterizerCaps
SetICMProfileA
DeleteDC
GetROP2
SetBrushOrgEx
ResetDCA
SetDIBitsToDevice
SetICMMode
PlgBlt

comctl32

_TrackMouseEvent
ImageList_DragLeave
GetEffectiveClientRect
CreatePropertySheetPageW
ImageList_GetImageInfo
ImageList_SetFlags
DrawInsert
ImageList_LoadImage
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_DrawEx
CreatePropertySheetPage
InitCommonControlsEx
ImageList_GetFlags
ImageList_Remove
ImageList_LoadImageA
MakeDragList

shell32

InternalExtractIconListA
SHFileOperationA
SHChangeNotify
SHFileOperationW

user32

SetFocus
RegisterClassExA
IsDlgButtonChecked
ShowWindow
GetClassLongA
CopyImage
CreateMDIWindowA
SetMenuItemInfoW
SwitchToThisWindow
IsWindowVisible
SetDeskWallpaper
SetWindowPlacement
DefWindowProcW
DestroyWindow
ToUnicode
GetClipboardOwner
CloseWindowStation
RealGetWindowClass
SetClassLongW
FlashWindow
DestroyCaret
MessageBoxA
KillTimer
CreateWindowExW
DrawFrame
CharUpperBuffW
GetWindowTextLengthW
GetWindowLongA
GetMenu
SetClipboardViewer
RegisterClassA
GetListBoxInfo

kernel32

TransactNamedPipe
GetCurrentProcessId
SetFilePointer
UnhandledExceptionFilter
SetStdHandle
GetACP
SetConsoleCursorPosition
WriteFile
CreateFileA
Sleep
GetModuleHandleA
GetEnvironmentStrings
EnumResourceTypesW
OpenFileMappingW
ReadConsoleW
WaitCommEvent
SetEnvironmentVariableW
WriteConsoleInputW
CopyFileA
GetLocaleInfoW
AddAtomW
GetCurrentDirectoryA
SetConsoleTitleW
SetConsoleScreenBufferSize
WaitForMultipleObjectsEx
LCMapStringW
SetComputerNameW
lstrcpynW
DeleteAtom
SystemTimeToTzSpecificLocalTime
CreateRemoteThread
GetStartupInfoA
GetTimeZoneInformation
SetConsoleCtrlHandler
TryEnterCriticalSection
ExitProcess
FindFirstFileExW
InterlockedExchangeAdd
VirtualFree
GlobalAddAtomA
DeleteCriticalSection
lstrcpyn
WideCharToMultiByte
GetCalendarInfoW
GetStdHandle
GetStringTypeA
TerminateProcess
FreeEnvironmentStringsA
GetCurrentThread
CreateDirectoryW
WriteConsoleW
GetCalendarInfoA
GetModuleFileNameA
GetConsoleMode
HeapSize
LocalFree
InterlockedDecrement
VirtualAlloc
VirtualQuery
GetProfileSectionW
GetFileType
WritePrivateProfileStructA
GetCurrentThreadId
GetStringTypeW
GetFullPathNameA
LCMapStringA
CloseHandle
GetFileAttributesA
CreateDirectoryA
FindResourceA
GetDateFormatA
GetLastError
FlushConsoleInputBuffer
TerminateThread
GetConsoleOutputCP
LoadLibraryA
RtlMoveMemory
InterlockedIncrement
SetEnvironmentVariableA
LocalReAlloc
GlobalAddAtomW
InterlockedExchange
LocalHandle
HeapFree
LocalCompact
FillConsoleOutputCharacterW
GetSystemTimeAsFileTime
LockFile
IsValidLocale
IsDebuggerPresent
SuspendThread
QueryPerformanceCounter
WritePrivateProfileStructW
CompareStringW
SetHandleCount
OutputDebugStringW
VirtualFreeEx
GetModuleHandleW
GetCommandLineA
CompareStringA
GetLocaleInfoA
TlsFree
EnumSystemLocalesW
HeapReAlloc
SetUnhandledExceptionFilter
MultiByteToWideChar
FreeEnvironmentStringsW
CreateMutexA
EnumSystemCodePagesA
LeaveCriticalSection
GetCurrentProcess
WriteConsoleOutputCharacterA
SetLastError
IsValidCodePage
WriteConsoleInputA
LocalSize
GetUserDefaultLCID
GetEnvironmentStringsW
GetDiskFreeSpaceExW
GetTimeFormatA
OpenMutexA
FindResourceExA
GetDiskFreeSpaceA
GetProcAddress
lstrlen
TlsGetValue
FreeLibrary
HeapAlloc
EnumCalendarInfoExW
GetProfileIntW
GetTickCount
ConvertDefaultLocale
GetOEMCP
GetCPInfo
SetConsoleCP
TlsSetValue
GetConsoleScreenBufferInfo
GetVersionExW
CreateWaitableTimerA
EnterCriticalSection
WriteConsoleA
lstrcpy
RtlUnwind
EnumSystemLocalesA
ReadFile
InitializeCriticalSectionAndSpinCount
LocalFlags
HeapCreate
TlsAlloc
HeapDestroy
GetConsoleCP
FlushFileBuffers
EnumDateFormatsW

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

766ef2ce4ed402c986d0ca7572b39de3

Headers

File Characteristics

PDB Paths

Imports

comdlg32

wininet

gdi32

comctl32

shell32

user32

kernel32

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 456KB - Virtual size: 454KB

.data Size: 136KB - Virtual size: 158KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 456KB - Virtual size: 454KB

.data
Size: 136KB - Virtual size: 158KB

.rsrc
Size: 68KB - Virtual size: 67KB