3828651c91026773dfe4065db9e221fe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3828651c91026773dfe4065db9e221fe_JaffaCakes118
Size

368KB
MD5

3828651c91026773dfe4065db9e221fe
SHA1

61c3f4a125aa571f1bc65750937dcae7bede6d02
SHA256

84ff9fd2e00f90e7bdf83287c66f122d5fe53f5b6b164dce6f82c7db2f4c061a
SHA512

d2870761bcdca99cf6cd1c91754b4e595ed0247a975ec8ab43ca2a71882e1e0e821cac72eb461702b80daf32a531001151c9d1e365d9b497aff7105f4be5694f
SSDEEP

6144:74UG7O/zjeAAtq7WQUm25eNLSe7h3SWSll24ShcvL3DI7uT0sVIQFEf0XL9:7rG7O/pA0WYo2lslIPhq7U16IS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3828651c91026773dfe4065db9e221fe_JaffaCakes118

Files

3828651c91026773dfe4065db9e221fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec242e30c4b947e27d598ff31c7f6cd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\hegikpo

Imports

kernel32

GetCurrentThreadId
FreeEnvironmentStringsA
GetStdHandle
GetNamedPipeHandleStateW
GetCurrentThread
CreateMutexA
IsValidCodePage
VirtualProtect
TlsSetValue
HeapSize
GetFileType
GetCommandLineW
GetCurrentProcessId
GetEnvironmentStringsW
HeapCreate
TerminateProcess
GetStartupInfoW
ExitProcess
CloseHandle
GetSystemTimeAsFileTime
CompareStringW
GetModuleFileNameA
OpenMutexA
GetNamedPipeInfo
GetCommandLineA
WriteFile
VirtualQuery
VirtualAlloc
HeapAlloc
GetVersionExA
QueryPerformanceCounter
GetStringTypeA
RtlUnwind
WideCharToMultiByte
SetEnvironmentVariableA
SetCriticalSectionSpinCount
InitializeCriticalSection
GetEnvironmentStrings
GetACP
GetCPInfo
EnumSystemLocalesA
FreeEnvironmentStringsW
HeapFree
HeapDestroy
InterlockedExchange
CreateEventA
GetTimeZoneInformation
UnhandledExceptionFilter
LeaveCriticalSection
GetTickCount
EnterCriticalSection
HeapReAlloc
CompareStringA
LCMapStringA
ReadFile
TlsFree
SetLastError
LoadLibraryA
SetFilePointer
WaitNamedPipeA
GetStringTypeW
FlushFileBuffers
SetHandleCount
GetTimeFormatA
GetLocaleInfoA
IsBadWritePtr
GetStartupInfoA
GetLastError
SetStdHandle
GetCurrentProcess
EnumResourceLanguagesW
InterlockedIncrement
GetLocaleInfoW
GetModuleHandleA
GetModuleFileNameW
GetDateFormatA
TlsAlloc
GetUserDefaultLCID
IsValidLocale
TlsGetValue
GetProcAddress
GetOEMCP
DeleteCriticalSection
VirtualFree
MultiByteToWideChar
GetSystemInfo
LCMapStringW

comctl32

ImageList_LoadImageW
CreateUpDownControl
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_Replace
ImageList_GetImageInfo
ImageList_DragMove
ImageList_ReplaceIcon
ImageList_Draw
GetEffectiveClientRect
ImageList_DrawEx
ImageList_AddMasked
CreateToolbar
ImageList_BeginDrag
InitCommonControlsEx
ImageList_SetDragCursorImage
ImageList_GetBkColor
ImageList_GetImageCount

gdi32

StartDocA
OffsetClipRgn
Rectangle
GetGlyphOutlineW
CheckColorsInGamut
CreateBitmapIndirect
SetAbortProc
TextOutA
GetTextCharset
UpdateICMRegKeyA
GetArcDirection
CreateDCW
StrokePath
GetTextExtentExPointW
CreateRectRgn
EnumFontFamiliesExW
GetRandomRgn
CreateRoundRectRgn
PolyPolygon
Ellipse
GetDeviceCaps
CreateBitmap

wininet

InternetGetLastResponseInfoA
InternetSetOptionW
ShowCertificate
InternetConnectW

user32

UnionRect
SetFocus
SetWindowContextHelpId
FindWindowExW
EnumWindowStationsA
DestroyMenu
ShowScrollBar
DdeKeepStringHandle
GetWindowTextLengthW
SetLastErrorEx
GetDlgItemInt
MapVirtualKeyA
TabbedTextOutW
CreateDesktopW
CallWindowProcA
FlashWindow
MessageBoxW
CreateWindowExA
DrawFocusRect
GetComboBoxInfo
CloseClipboard
LoadImageW
MonitorFromRect
LoadMenuA
DdeQueryConvInfo
DestroyWindow
MenuItemFromPoint
AppendMenuW
DdeCreateStringHandleW
WaitMessage
WinHelpW
FindWindowExA
GetWindowThreadProcessId
GetClipboardFormatNameA
PostMessageA
RegisterClassExA
IsClipboardFormatAvailable
IsWindowVisible
RegisterHotKey
GetForegroundWindow
EnumDesktopsA
RemoveMenu
DdeClientTransaction
DdeConnectList
ShowWindow
GetMenu
CharUpperA
DefMDIChildProcA
TrackPopupMenu
EqualRect
CreateWindowStationW
GetKeyNameTextA
GetClassNameA
GetDlgItemTextW
DrawFrameControl
GetSubMenu
RegisterClassA
GetSysColor
DefWindowProcW
GetMenuCheckMarkDimensions
AnimateWindow
IsChild
SetMenuItemBitmaps
DlgDirListComboBoxW
SetWindowsHookW
EnumPropsExW

shell32

SheGetDirA
DuplicateIcon
SHInvokePrinterCommandW
RealShellExecuteW

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec242e30c4b947e27d598ff31c7f6cd0

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

wininet

user32

shell32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 96KB - Virtual size: 110KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 96KB - Virtual size: 110KB

.rsrc
Size: 40KB - Virtual size: 39KB