3f607c349db3ce7d375b270001aefce5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f607c349db3ce7d375b270001aefce5_JaffaCakes118
Size

336KB
MD5

3f607c349db3ce7d375b270001aefce5
SHA1

5701abb368638969a6bed3a1d06468bfd5add6b1
SHA256

85c17dbb28cbc4a7bafdb3f7289928fc9b87c1d12794aa4f839001617fb9a359
SHA512

61e18032be613c980c31aa2729758c1a520a154507c753fb0ae35df2f62d4fbec0415da491aa55c0da15ad61045969531ee48d18d00877b201b272d34416692e
SSDEEP

6144:qj2VIo6Et3lxmZ1ggGecHGNb95LPMNiB+Jw+b3uIhaCW0vziYdUlFVCI:qj2VIMt3lxmZagGecmNb9lMiBcFah0v5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f607c349db3ce7d375b270001aefce5_JaffaCakes118

Files

3f607c349db3ce7d375b270001aefce5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

83d4062fe237cc5895a3237af26b69ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\wmrelkaeau\eedq\xhckb\pbuoynfgee.pdb

Imports

user32

RemovePropA
RegisterClassExA
SetMenuItemInfoW
EnumPropsW
LoadKeyboardLayoutA
CreateWindowExW
SetWindowRgn
ChildWindowFromPointEx
MonitorFromPoint
SetMenuInfo
CreatePopupMenu
EnumDisplayMonitors
RegisterClassA
GetUserObjectSecurity
GetWindowDC
CharLowerW
SetWinEventHook
GetClassWord
EnumDisplaySettingsExA
DlgDirSelectExW
DefWindowProcW
MessageBoxA
DrawFrame
GetQueueStatus
LoadBitmapA
GetActiveWindow
AppendMenuW
DestroyIcon
ShowWindow
IsCharAlphaW
GetKeyboardLayout
DestroyWindow
ScrollWindowEx
wsprintfA
TabbedTextOutW
GetScrollPos
GetNextDlgGroupItem

advapi32

CreateServiceW
RegDeleteValueA
LookupSecurityDescriptorPartsW
RegConnectRegistryA

comctl32

ImageList_Replace
CreateMappedBitmap
ImageList_Read
InitCommonControlsEx
DrawStatusTextW
InitMUILanguage
ImageList_LoadImage
ImageList_GetFlags
ImageList_GetImageRect
ImageList_Create
ImageList_SetImageCount
ImageList_DragShowNolock
ImageList_EndDrag
CreateStatusWindowA
ImageList_SetFilter
ImageList_Write
ImageList_DrawIndirect

kernel32

VirtualLock
IsValidLocale
WritePrivateProfileStructW
GetModuleFileNameA
CreateFileMappingA
SetCurrentDirectoryA
GetProfileIntA
lstrcmpiA
UnhandledExceptionFilter
DebugBreak
SetVolumeLabelA
GetUserDefaultLCID
RtlZeroMemory
lstrcatW
GetModuleHandleA
TlsAlloc
GetStringTypeW
SetLocaleInfoA
lstrcpynW
GetDateFormatA
WideCharToMultiByte
LoadLibraryA
GetNumberFormatW
GlobalFlags
InitializeCriticalSection
IsBadReadPtr
LocalFlags
GetProfileStringA
TerminateProcess
GetStringTypeA
HeapAlloc
GetVersionExW
GetCPInfo
IsValidCodePage
GetConsoleScreenBufferInfo
SetStdHandle
CreateSemaphoreA
GetFileType
LoadModule
GetSystemInfo
GetEnvironmentStringsW
SetEvent
GetConsoleTitleW
FlushFileBuffers
GetLastError
GetOEMCP
GetACP
EnumSystemLocalesA
SetVolumeLabelW
ReadFile
WriteConsoleOutputCharacterW
GetTimeZoneInformation
LCMapStringA
GetCurrentProcess
WriteConsoleInputW
GetFullPathNameW
InterlockedExchange
ExitProcess
GetSystemDefaultLCID
GetProfileSectionW
GetCurrentThread
WriteFile
GlobalAddAtomA
GetVersion
CreateSemaphoreW
CreateMutexA
IsBadWritePtr
GetPrivateProfileStructW
TlsFree
HeapValidate
InterlockedDecrement
GlobalFix
TransactNamedPipe
EnterCriticalSection
HeapFree
TlsGetValue
GetEnvironmentStrings
VirtualFree
VirtualProtect
DeleteCriticalSection
GetProfileSectionA
HeapDestroy
GetCurrentThreadId
GetDriveTypeW
SetLastError
FindFirstFileExW
LCMapStringW
OpenFile
GetModuleFileNameW
OutputDebugStringA
FreeEnvironmentStringsA
MultiByteToWideChar
GetShortPathNameA
GetTickCount
CreateThread
GetLocaleInfoA
SetHandleCount
LeaveCriticalSection
GetNamedPipeInfo
SetComputerNameA
OpenMutexA
GetVersionExA
FlushConsoleInputBuffer
GetThreadPriorityBoost
GetCurrentProcessId
VirtualQuery
GetProcAddress
TlsSetValue
CloseHandle
FindFirstFileA
GetConsoleTitleA
HeapReAlloc
SetFilePointer
InterlockedIncrement
GetStartupInfoA
GetPrivateProfileSectionW
CompareStringW
GetTimeFormatA
CompareStringA
GlobalFree
SetConsoleCtrlHandler
SetEnvironmentVariableA
VirtualAlloc
CreateDirectoryW
QueryPerformanceCounter
FreeEnvironmentStringsW
GetPrivateProfileIntW
GetTempPathA
GetSystemTimeAsFileTime
VirtualAllocEx
HeapCreate
MapViewOfFileEx
RtlUnwind
GetLocaleInfoW
GetStdHandle
GetCommandLineA
SetConsoleTitleA

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83d4062fe237cc5895a3237af26b69ca

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

comctl32

kernel32

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 96KB - Virtual size: 92KB

.data Size: 96KB - Virtual size: 116KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 96KB - Virtual size: 92KB

.data
Size: 96KB - Virtual size: 116KB

.rsrc
Size: 28KB - Virtual size: 27KB