3f11b0781eb7771554d39b4e9708894d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f11b0781eb7771554d39b4e9708894d_JaffaCakes118
Size

404KB
MD5

3f11b0781eb7771554d39b4e9708894d
SHA1

fd11e169faf6f0439abce344326018838876a2e2
SHA256

5f5e9b6ac107e654a81c989e6ca59f7959037ae4a9077ed2c60c5be205484248
SHA512

20516c35c731873dab323f0147f18048047db6df576c28bcbd2a5b0535fea148af88239f5ed080c4d03b9f62f54bc60d8561527bc12035595e7d5b3e93599443
SSDEEP

12288:jcdwGYDyzJHc977Ip+LR4W56MMxdESydNDY:j2wGYAS77Ip+N4W56hA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f11b0781eb7771554d39b4e9708894d_JaffaCakes118

Files

3f11b0781eb7771554d39b4e9708894d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e51910623a1e1fd9417e5cd52d4b30d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\iussrzkqp.pdb

Imports

user32

LoadIconW
SetMenuContextHelpId
ChangeMenuA
LoadCursorA
ChildWindowFromPoint
ReuseDDElParam
ScrollWindow
CopyAcceleratorTableW
EmptyClipboard
DrawTextW
SetWindowsHookExA
TileChildWindows
InvertRect
CharUpperBuffA
InflateRect
GetProcessWindowStation
GetKBCodePage
GetWindowModuleFileNameW
UnregisterClassW
RegisterClassExA
UnhookWindowsHook
GetKeyboardLayoutNameA
PtInRect
DrawStateA
ReleaseCapture
SubtractRect
RegisterClipboardFormatW
SetTimer
DestroyWindow
GetWindowTextLengthA
SetThreadDesktop
DrawTextExW
ImpersonateDdeClientWindow
GetClassNameW
GetPropW
SwapMouseButton
DrawIconEx
EnumDisplayDevicesW
SetParent
EnumDisplaySettingsExA
wsprintfA
CallMsgFilterW
DdeQueryStringA
SetKeyboardState
ReleaseDC
RegisterWindowMessageA
ShowWindowAsync
RegisterClassExW
ShowWindow
FreeDDElParam
SystemParametersInfoA
GetTopWindow
CreateCaret
IsCharAlphaNumericA
VkKeyScanExW
GetAncestor
SetCaretBlinkTime
SetWindowRgn
EndPaint
SetRect
SetDlgItemTextA
GetListBoxInfo
IsRectEmpty
GetDC
LoadMenuA
VkKeyScanW
InternalGetWindowText
FlashWindow
LoadCursorW
EnableScrollBar
MessageBoxA
NotifyWinEvent
OpenIcon
SetCaretPos
RegisterClassA
SetPropW
DefWindowProcA
DestroyCaret
SetCursorPos
OpenWindowStationA
LoadMenuW
SetMessageExtraInfo
DefWindowProcW
ShowCaret
wsprintfW
EnumWindows
BringWindowToTop
MessageBeep
GetMenuContextHelpId
MonitorFromPoint
AnimateWindow
EnumDisplaySettingsA
CreateWindowExA
GetWindowRect
LoadKeyboardLayoutA
PackDDElParam
GetMenuInfo
GetFocus
GetSysColor
MessageBoxW
SendIMEMessageExW

comctl32

ImageList_Write
ImageList_GetIcon
ImageList_LoadImageW
CreateToolbarEx
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
CreateToolbar
ImageList_SetOverlayImage
ImageList_SetFilter
ImageList_GetImageCount
CreateUpDownControl
CreateStatusWindowW
ImageList_GetIconSize
ImageList_DragLeave
CreatePropertySheetPageW
ImageList_Read
ImageList_Remove
InitCommonControlsEx
DrawInsert
MakeDragList
ImageList_SetImageCount
ImageList_Merge
ImageList_SetDragCursorImage

shell32

SHChangeNotify
SHAddToRecentDocs

wininet

InternetSetCookieW
FtpCreateDirectoryW
InternetSetDialState
InternetSetFilePointer
FindNextUrlCacheGroup
DeleteUrlCacheEntryW

kernel32

LocalLock
GetVersionExA
GetModuleFileNameA
FillConsoleOutputCharacterW
FreeEnvironmentStringsA
ConnectNamedPipe
GetLastError
FindNextFileA
SetCurrentDirectoryA
SetEnvironmentVariableA
TlsGetValue
SetVolumeLabelA
GetComputerNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GlobalUnlock
GetConsoleMode
EnumSystemLocalesA
ReadFile
GetEnvironmentStringsW
EnumSystemLocalesW
QueryPerformanceCounter
GetNumberFormatA
HeapDestroy
InitializeCriticalSection
CompareStringA
WriteConsoleW
HeapCreate
SetLastError
GetProcAddress
GetFileType
SetEnvironmentVariableW
ExitProcess
GetConsoleCP
UnhandledExceptionFilter
CreateFileA
IsValidCodePage
GetDiskFreeSpaceW
ResumeThread
DeleteCriticalSection
CommConfigDialogA
GetProcessHeap
WriteProfileSectionA
FlushFileBuffers
GetCurrentProcessId
SetStdHandle
GetLocaleInfoA
GetCurrentDirectoryW
CreateSemaphoreA
SetThreadIdealProcessor
EnumDateFormatsW
GlobalFindAtomW
GetEnvironmentStringsA
GetTempFileNameA
CreateMutexA
OpenMutexA
ReadConsoleInputA
HeapSize
WriteProfileStringW
CloseHandle
CompareStringW
OpenWaitableTimerA
LoadLibraryExA
CreateFileMappingW
SetTimeZoneInformation
TlsSetValue
lstrcatA
HeapReAlloc
EnumTimeFormatsA
GetComputerNameA
GetCurrentProcess
WriteFile
FindNextChangeNotification
GetStartupInfoW
GlobalDeleteAtom
GetEnvironmentVariableW
WriteConsoleOutputCharacterA
VirtualAlloc
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
FreeLibrary
MultiByteToWideChar
LockResource
TerminateProcess
EnumCalendarInfoA
GetLocaleInfoW
VirtualFree
GetACP
TlsAlloc
SetEvent
GetStringTypeA
GetLogicalDrives
GetFileTime
GetStringTypeExW
GetTimeFormatA
GetCurrentThreadId
GetEnvironmentStrings
IsValidLocale
GetTickCount
lstrcmp
SetConsoleMode
SetConsoleCtrlHandler
GetCurrentThread
Sleep
InterlockedDecrement
FindResourceExW
LCMapStringW
GetOEMCP
TlsFree
RtlUnwind
GetSystemTime
GetTempPathW
lstrcpynW
EnumResourceLanguagesW
UnmapViewOfFile
LocalCompact
GetVolumeInformationW
GetEnvironmentVariableA
SetHandleCount
GlobalAlloc
SuspendThread
GetStringTypeW
LeaveCriticalSection
IsDebuggerPresent
GetModuleFileNameW
HeapAlloc
FreeLibraryAndExitThread
GetStartupInfoA
LCMapStringA
WritePrivateProfileStructW
WriteConsoleA
ReleaseSemaphore
InterlockedExchange
CreateDirectoryA
VirtualQuery
GetConsoleOutputCP
FindFirstFileA
GetTimeZoneInformation
GetStdHandle
GetCommandLineW
GetUserDefaultLCID
LoadLibraryA
GetLongPathNameW
GetCommandLineA
GetDateFormatA
FillConsoleOutputAttribute
EnterCriticalSection
OpenWaitableTimerW
InterlockedIncrement
GetModuleHandleA
GetProcAddress
HeapFree
FlushViewOfFile
GetThreadTimes
GlobalFix
GetCPInfo
GetDiskFreeSpaceA
SetFilePointer

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e51910623a1e1fd9417e5cd52d4b30d

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

shell32

wininet

kernel32

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 104KB - Virtual size: 120KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 104KB - Virtual size: 120KB

.rsrc
Size: 16KB - Virtual size: 14KB