37fc840dad0949e0d76523214fd210d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37fc840dad0949e0d76523214fd210d5_JaffaCakes118
Size

312KB
MD5

37fc840dad0949e0d76523214fd210d5
SHA1

bccbb4dc58d6c7795632b4b9534000360fbb3112
SHA256

8702568aceb98257b99dad9b9f3501099ec8553abab3935c74ad42fc773b7974
SHA512

3926e7ce722a69bb9eb7b22fd8c40d6adf93621c6bad6d7a2bcaf209b3da8b0219ea51e9b314e52b73f5e531b3fd9e2f2c2a416721387b29492d25a117df1e74
SSDEEP

6144:VL+iq/Nc8rHw4XHzGgTMLVfOh7AiU9kc4eUhKsk4KMfE4:Vqi+c8DvEGSD4eUhYW9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37fc840dad0949e0d76523214fd210d5_JaffaCakes118

Files

37fc840dad0949e0d76523214fd210d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64ad7e550d3b71da5b612d3fa75fe175

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ywe\matsw\njealylty\koonm.pdb

Imports

comctl32

CreateMappedBitmap
DrawInsert
ImageList_Duplicate
ImageList_EndDrag
CreateToolbar
DrawStatusTextW
ImageList_GetDragImage
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_LoadImage
GetEffectiveClientRect
DrawStatusText
ImageList_SetImageCount
ImageList_Replace
DestroyPropertySheetPage
InitMUILanguage
ImageList_AddIcon
CreatePropertySheetPage
ImageList_Remove
CreateStatusWindow
CreateToolbarEx
InitCommonControlsEx
CreateStatusWindowW
ImageList_Destroy
_TrackMouseEvent
ImageList_Copy

comdlg32

PageSetupDlgW
GetSaveFileNameW
PageSetupDlgA

user32

GetWindowContextHelpId
GetKeyboardLayoutNameA
RegisterClassA
MessageBoxExA
SetWindowPos
SetWindowLongA
CreateIconFromResourceEx
RegisterHotKey
RegisterClassExA
IsRectEmpty
GetOpenClipboardWindow
SetForegroundWindow
IsCharAlphaNumericA
EnumDisplayDevicesW
GetWindowPlacement
SetDebugErrorLevel
ShowOwnedPopups
DdeKeepStringHandle
EnumPropsA
GetQueueStatus
GrayStringW
VkKeyScanExA
GetWindowTextLengthA
FindWindowA
CascadeChildWindows
CreateWindowExW
SetProcessDefaultLayout
GetTopWindow
GetSysColorBrush

kernel32

DebugBreak
VirtualFree
GetCurrentThread
ReadFile
GetStringTypeA
LocalSize
GetOEMCP
LocalReAlloc
GetCurrentProcess
GetCommandLineA
SetEnvironmentVariableA
GetLastError
SetThreadPriority
TlsGetValue
IsValidLocale
GetConsoleMode
FindFirstFileA
MultiByteToWideChar
LCMapStringW
GetTickCount
HeapCreate
MoveFileExA
lstrcpynW
GetEnvironmentStrings
ReleaseSemaphore
SetUnhandledExceptionFilter
ConnectNamedPipe
GetConsoleCP
GetCPInfo
CompareStringA
RtlZeroMemory
GetStartupInfoW
GetCalendarInfoA
TerminateProcess
WriteConsoleA
FreeLibrary
GetCurrentThreadId
OpenFileMappingW
WaitNamedPipeW
CreateFileA
FreeEnvironmentStringsW
SetConsoleCP
InterlockedDecrement
ExitProcess
EnumSystemLocalesA
GetLocaleInfoW
FlushFileBuffers
lstrcat
VirtualQuery
WriteConsoleW
GetModuleFileNameW
GetSystemTimeAsFileTime
CreateDirectoryExW
GetLogicalDriveStringsA
GetACP
SetEnvironmentVariableW
GlobalAddAtomW
HeapFree
VirtualLock
DeleteCriticalSection
CreateMutexA
GetTimeZoneInformation
GetLocaleInfoA
GetTimeFormatA
InitializeCriticalSectionAndSpinCount
SetCriticalSectionSpinCount
GetCommandLineW
GetDiskFreeSpaceExA
TlsFree
IsBadReadPtr
GetCurrentProcessId
InterlockedExchange
HeapDestroy
WideCharToMultiByte
LoadResource
FindClose
Sleep
ResumeThread
GetModuleHandleW
GetDiskFreeSpaceExW
EnumSystemCodePagesA
SetStdHandle
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
UnmapViewOfFile
QueryPerformanceCounter
SetHandleCount
RtlUnwind
InterlockedIncrement
TlsSetValue
EnterCriticalSection
GetEnvironmentStringsW
GetStringTypeW
GetFileType
SetLastError
SetConsoleCtrlHandler
GetStartupInfoA
GetThreadSelectorEntry
LCMapStringA
SetFilePointer
UnhandledExceptionFilter
lstrcmpiA
IsValidCodePage
SetThreadAffinityMask
GlobalLock
ReadConsoleOutputCharacterW
IsDebuggerPresent
OpenMutexA
FindResourceW
SetThreadContext
LeaveCriticalSection
HeapAlloc
LoadLibraryA
WriteFile
TlsAlloc
RemoveDirectoryW
CompareStringW
CloseHandle
GetProcAddress
LockResource
HeapSize
VirtualAlloc
GetStdHandle
CopyFileExA
HeapReAlloc
GetConsoleOutputCP
GlobalFindAtomA
FileTimeToSystemTime
GetUserDefaultLCID
SetVolumeLabelA
GetConsoleTitleA
GetDateFormatA
WaitForMultipleObjects
VirtualUnlock

gdi32

CreateRectRgnIndirect

shell32

RealShellExecuteExW

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64ad7e550d3b71da5b612d3fa75fe175

Headers

File Characteristics

PDB Paths

Imports

comctl32

comdlg32

user32

kernel32

gdi32

shell32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 100KB - Virtual size: 96KB

.data Size: 92KB - Virtual size: 112KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 100KB - Virtual size: 96KB

.data
Size: 92KB - Virtual size: 112KB

.rsrc
Size: 24KB - Virtual size: 23KB