3905949a267a7b9edb2e6672dd946d44_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3905949a267a7b9edb2e6672dd946d44_JaffaCakes118
Size

513KB
MD5

3905949a267a7b9edb2e6672dd946d44
SHA1

6819a4997e623a39179c6303b264c223ebca8254
SHA256

b5b54eb0a29e096697332cb44d264a6252c3c8e63608bf35aca820e1df993bd5
SHA512

a06cad1a419f2c247c162c16a0de408052b306241bae36811a2b314dba9f804ccd178be1036f6d6f9ec5a366ab1f638a9149a5b70def1e7c2f9f3c4332a05c76
SSDEEP

12288:4XVflufS0ZqpIlImc0keP0FaXknkF33N20Qbou4M9EOWs3gti:sd0kpAAe8Fsknkb20QbhT9EIQti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3905949a267a7b9edb2e6672dd946d44_JaffaCakes118

Files

3905949a267a7b9edb2e6672dd946d44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54558ed2031fb484cbe6d6894eee52ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\axttt\ytp

Imports

user32

SubtractRect
CreateWindowExA
SetProcessDefaultLayout
GetClipboardViewer
VkKeyScanExA
GetWindowLongA
GetClipboardFormatNameA
RegisterClassExA
GetKeyboardLayout
DrawAnimatedRects
ShowWindow
ShowScrollBar
MessageBoxW
GetMessagePos
RegisterClassA
DefFrameProcA
SetForegroundWindow

comctl32

ImageList_DragEnter
ImageList_AddMasked
ImageList_LoadImage
ImageList_SetDragCursorImage
ImageList_GetIconSize
ImageList_GetFlags
ImageList_SetFilter
ImageList_GetImageInfo
CreateStatusWindowW
InitCommonControlsEx
ImageList_Write
CreatePropertySheetPageW
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_SetBkColor
CreateToolbar
ImageList_Copy
ImageList_GetIcon
ImageList_DrawIndirect
ImageList_GetBkColor

kernel32

HeapFree
GetStringTypeW
GetOEMCP
GetCurrentThread
LoadLibraryA
GetCurrentProcessId
CreateMutexA
TlsFree
GetLastError
GetProcAddress
GetCommandLineW
LeaveCriticalSection
HeapCreate
WriteProfileSectionA
HeapDestroy
WriteFile
GetSystemTimeAsFileTime
GetSystemInfo
GetStartupInfoW
GetLocaleInfoA
HeapSize
DeleteCriticalSection
SetFilePointer
GetACP
GetStringTypeA
VirtualProtect
FindFirstFileW
GetCurrentThreadId
MoveFileExA
FreeEnvironmentStringsA
EnterCriticalSection
GetTimeZoneInformation
GetDateFormatA
VirtualFree
GetModuleHandleA
WriteFileEx
ReadFile
RtlUnwind
LCMapStringW
GetLocaleInfoW
TlsAlloc
IsValidLocale
GetUserDefaultLCID
IsValidCodePage
CompareStringW
GetCurrentProcess
SetHandleCount
GetTimeFormatA
SetVolumeLabelW
UnhandledExceptionFilter
WideCharToMultiByte
SetCurrentDirectoryA
ExitProcess
TlsGetValue
HeapReAlloc
GetVersionExA
LocalAlloc
GetModuleFileNameA
InterlockedExchange
CloseHandle
IsBadWritePtr
GetStdHandle
FreeEnvironmentStringsW
VirtualAlloc
VirtualQuery
InitializeCriticalSection
FlushFileBuffers
SetEnvironmentVariableA
QueryPerformanceCounter
HeapValidate
TlsSetValue
CompareStringA
ReadConsoleOutputA
TerminateProcess
GetEnvironmentStrings
HeapAlloc
GetTickCount
SetStdHandle
GetEnvironmentStringsW
GetModuleFileNameW
GetStartupInfoA
OpenMutexA
SetLastError
GetFileType
EnumSystemLocalesA
CreateToolhelp32Snapshot
GetCommandLineA
GetCPInfo
MultiByteToWideChar
LCMapStringA

Sections

.text
Size: 350KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54558ed2031fb484cbe6d6894eee52ba

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 350KB - Virtual size: 350KB

.rdata Size: 33KB - Virtual size: 51KB

.data Size: 112KB - Virtual size: 111KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 350KB - Virtual size: 350KB

.rdata
Size: 33KB - Virtual size: 51KB

.data
Size: 112KB - Virtual size: 111KB

.rsrc
Size: 16KB - Virtual size: 16KB