3976a87982aceb31887fda299965e0da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3976a87982aceb31887fda299965e0da_JaffaCakes118
Size

272KB
MD5

3976a87982aceb31887fda299965e0da
SHA1

f6c57a6d3c6bedda5ad0bed5931d99e0a278b7e7
SHA256

f38bd3c8b4fae575ed374b76531defb2ebc9b9ce64b7dc7b16c44a793077f3f2
SHA512

65e7cdd5ce7a64390c60e8367a3e8ebdcd22ed2f2ea6ebc64868985a89040079a0f2138e675e147d4e35c92b4246a3e5b0172caa1972548e3da933faca4ffad1
SSDEEP

6144:rQMSDelYY3h1u/bQydyurq71q2EoHp7gcEYUMx:rEDel53h1MbEurq71q29HpE9TM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3976a87982aceb31887fda299965e0da_JaffaCakes118

Files

3976a87982aceb31887fda299965e0da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2c462da9ef7692adca33b7aa0dccb85c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\saqsegzaob.pdb

Imports

advapi32

LookupSecurityDescriptorPartsA
RegDeleteKeyW
RegFlushKey

kernel32

HeapFree
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
WritePrivateProfileStringW
EnumCalendarInfoW
HeapReAlloc
CloseHandle
SetStdHandle
GetStartupInfoA
TlsAlloc
GetModuleFileNameW
GetPrivateProfileIntA
VirtualFree
FreeEnvironmentStringsW
SetHandleCount
GetSystemTime
GetLastError
TransmitCommChar
GetCommandLineW
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCPInfo
SetCriticalSectionSpinCount
CreateWaitableTimerW
GetCurrentThread
GetProcAddress
HeapValidate
ReadFile
TlsGetValue
GetVersion
SetFilePointer
GetModuleHandleA
CreateMutexA
WriteFile
HeapCreate
GetFileType
HeapAlloc
OpenMutexA
IsBadWritePtr
MultiByteToWideChar
VirtualQuery
GetStringTypeW
InitializeCriticalSection
HeapDestroy
RtlUnwind
LeaveCriticalSection
GetNumberFormatW
UnhandledExceptionFilter
GetCommandLineA
TerminateProcess
WriteConsoleA
GetLocalTime
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
GetEnvironmentStringsW
OpenEventA
GetStringTypeA
GetStdHandle
GetCurrentThreadId
TlsSetValue
GetCurrentProcessId
GetEnvironmentStrings
EnterCriticalSection
InterlockedDecrement
CompareStringW
SetConsoleCP
CompareStringA
FlushFileBuffers
GetTickCount
ExitProcess
GetStartupInfoW
IsBadReadPtr
EnumSystemLocalesW
WideCharToMultiByte
LoadLibraryA
VirtualAlloc
QueryPerformanceCounter
InterlockedIncrement
SetLastError
InterlockedExchange
GetCurrentProcess
TlsFree

shell32

SHInvokePrinterCommandA

user32

InvertRect
GetClassNameW
SetDlgItemTextA
GetWindowPlacement
IsCharUpperA
RemovePropA
GetOpenClipboardWindow
GetComboBoxInfo
GetWindow
RedrawWindow
GetWindowThreadProcessId
GetClipboardData
GetMenuItemInfoA
GetKeyboardState
LoadAcceleratorsW
DestroyWindow
LoadAcceleratorsA
DrawAnimatedRects
SetWindowTextW
DrawFrame
GetQueueStatus
DefMDIChildProcA
MoveWindow
SetActiveWindow
ShowWindow
ModifyMenuW
InternalGetWindowText
DialogBoxIndirectParamW
GetActiveWindow
CharUpperW
EnumDisplayMonitors
IsCharAlphaNumericA
IsCharUpperW
BroadcastSystemMessage
SendMessageTimeoutA
CreateWindowExA
BlockInput
GetDlgItemTextW
IsDialogMessageW
RegisterClassExA
SendNotifyMessageW
DdeSetUserHandle
LoadCursorA
EndDeferWindowPos
CloseWindow
SendMessageTimeoutW
MessageBoxW
DdeGetData
GetWindowTextA
ClientToScreen
DestroyCaret
CharUpperBuffA
GetNextDlgGroupItem
ChangeClipboardChain
GetClassLongW
ReleaseDC
CallNextHookEx
DlgDirListW
CharLowerW
CopyImage
SetMenuInfo
TranslateAccelerator
MonitorFromWindow
LoadCursorFromFileA
InvalidateRgn
CreateDialogIndirectParamA
RegisterClassA
HideCaret
DefWindowProcA
MapWindowPoints
SetScrollInfo
VkKeyScanW
GetWindowLongW
LoadImageA
CharToOemW
SetWinEventHook

comctl32

ImageList_Create
DrawStatusTextW
_TrackMouseEvent
CreateStatusWindow
ImageList_Destroy
ImageList_DragShowNolock
CreateToolbarEx
ImageList_SetOverlayImage
InitCommonControlsEx
GetEffectiveClientRect
CreatePropertySheetPage
ImageList_LoadImage
ImageList_GetImageInfo
DrawStatusTextA
ImageList_Replace
ImageList_Remove
ImageList_SetFilter
ImageList_GetIconSize
ImageList_EndDrag
CreateToolbar
ImageList_LoadImageA

gdi32

Pie
CreateHalftonePalette
CreatePalette
PolyPolygon
IntersectClipRect
ExtCreateRegion
ExtEscape
GetTextExtentPointA
ChoosePixelFormat
CreateRectRgn
ArcTo
GetICMProfileA
GetCharWidth32A
PtInRegion
CreateHatchBrush
EqualRgn
SetPixel
SetViewportExtEx
GetMetaFileW
CopyMetaFileW
GetArcDirection
ExtSelectClipRgn
RoundRect
CreateDIBPatternBrush
CreateDiscardableBitmap

comdlg32

PrintDlgA
ChooseFontA
FindTextA
GetSaveFileNameW

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c462da9ef7692adca33b7aa0dccb85c

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

shell32

user32

comctl32

gdi32

comdlg32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 92KB - Virtual size: 88KB

.data Size: 92KB - Virtual size: 115KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 92KB - Virtual size: 88KB

.data
Size: 92KB - Virtual size: 115KB

.rsrc
Size: 20KB - Virtual size: 19KB