386a8c4ff6a2448b9aeca9cf8d528b1f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

386a8c4ff6a2448b9aeca9cf8d528b1f_JaffaCakes118
Size

372KB
MD5

386a8c4ff6a2448b9aeca9cf8d528b1f
SHA1

0dcbf464551e224dcdc10befbfac13fed9ffea52
SHA256

8197394111027ec53e54c58feaa4cae0461b486cde72876b1e83c6b0ee073339
SHA512

26f408cc2281657778d69f678e6e2f6cd1f4e920e817ac72445ab328ada74065c4553612200a5a8a8662d177ca5c62e567b78e70c0714cecc0737c53c4dede74
SSDEEP

6144:WZZ5uMAtPA1/N9yBfqZwopQGxKwnehiHHJrm67H:2vAtEyBf0wqQSK9cJrme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386a8c4ff6a2448b9aeca9cf8d528b1f_JaffaCakes118

Files

386a8c4ff6a2448b9aeca9cf8d528b1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a858072ea2445f5b3dc4d040a87b99ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\jlhio\qktogfjai\ajulkym\tyqn.pdb

Imports

comctl32

ImageList_Write
GetEffectiveClientRect
ImageList_GetImageRect
ImageList_LoadImage
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_GetIconSize
ImageList_Copy
ImageList_Replace
ImageList_AddIcon
InitCommonControlsEx
ImageList_DrawIndirect
ImageList_SetBkColor
CreateUpDownControl
ImageList_BeginDrag
DrawStatusTextW
ImageList_SetFlags
DrawStatusText
CreateStatusWindowW
ImageList_DragShowNolock
ImageList_DrawEx
CreatePropertySheetPageW
ImageList_Duplicate
ImageList_GetImageCount

comdlg32

PageSetupDlgW
PageSetupDlgA

shell32

SHGetSettings

user32

FindWindowW
MapVirtualKeyExA
InternalGetWindowText
RegisterClassW
RealChildWindowFromPoint
EnableWindow
ToAscii
GetAsyncKeyState
PackDDElParam
OpenWindowStationW
RegisterClassA
CallWindowProcW
RegisterClassExA
SendMessageA
EnumThreadWindows
GetTopWindow
GetWindowInfo
GetDlgItemInt
SetFocus
ScrollWindowEx
DispatchMessageA
InsertMenuItemW
CreateWindowExA
SetWindowLongW

gdi32

PlgBlt

kernel32

SetFilePointer
ConnectNamedPipe
HeapDestroy
IsValidCodePage
DeleteFileA
SetConsoleWindowInfo
WriteFile
GetPrivateProfileSectionNamesW
LCMapStringW
GetStringTypeW
GetVersionExA
CompareStringW
GetStartupInfoW
LocalCompact
IsBadWritePtr
FindResourceA
GetDateFormatA
SetUnhandledExceptionFilter
GetStringTypeA
GetEnvironmentStrings
SetStdHandle
GetCurrentThreadId
FreeEnvironmentStringsW
FlushConsoleInputBuffer
HeapCreate
TerminateProcess
HeapSize
GetTimeFormatA
CreateMutexA
IsValidLocale
DeleteCriticalSection
SetEnvironmentVariableA
GetProcAddress
HeapFree
GetCurrentThread
VirtualQuery
HeapAlloc
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetCurrentProcess
GetEnvironmentStringsW
EnumSystemLocalesA
CloseHandle
TlsGetValue
ReadFile
GetModuleHandleA
GetTickCount
GetDriveTypeW
GetCommandLineA
SetLastError
GetCommandLineW
SetHandleCount
EnumResourceNamesA
TransmitCommChar
FoldStringA
FileTimeToLocalFileTime
CreateMutexW
GetUserDefaultLCID
VirtualFree
InterlockedExchange
GetStdHandle
TlsSetValue
GetModuleFileNameW
SetConsoleTitleW
GetStartupInfoA
GetSystemInfo
SetThreadLocale
CompareStringA
GlobalDeleteAtom
TlsAlloc
VirtualProtect
GetProfileStringW
GetModuleFileNameA
CreateFileMappingA
LoadLibraryA
GetOEMCP
LockResource
TlsFree
UnhandledExceptionFilter
WaitForDebugEvent
GetTimeZoneInformation
lstrcpyA
QueryPerformanceCounter
EnumResourceLanguagesW
OpenMutexA
EnterCriticalSection
FindResourceExW
GetDriveTypeA
MultiByteToWideChar
ExitProcess
GetACP
LCMapStringA
InitializeCriticalSection
HeapValidate
WideCharToMultiByte
GetFileType
VirtualAlloc
GetLastError
FlushFileBuffers
GetPrivateProfileSectionW
RtlUnwind
GetLocaleInfoW
LeaveCriticalSection
GetCurrentProcessId
GlobalAddAtomW
GetCPInfo
DosDateTimeToFileTime
GetLocaleInfoA
HeapReAlloc
SetLocalTime
SetConsoleCursorPosition

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a858072ea2445f5b3dc4d040a87b99ee

Headers

File Characteristics

PDB Paths

Imports

comctl32

comdlg32

shell32

user32

gdi32

kernel32

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 88KB - Virtual size: 86KB

.data Size: 96KB - Virtual size: 116KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 88KB - Virtual size: 86KB

.data
Size: 96KB - Virtual size: 116KB

.rsrc
Size: 108KB - Virtual size: 107KB