40121a686d81f92a538c015f612dea7c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40121a686d81f92a538c015f612dea7c_JaffaCakes118
Size

748KB
MD5

40121a686d81f92a538c015f612dea7c
SHA1

367b180e73e8db18df089eab1fe3a4311aa2182a
SHA256

5353a1ea2f097498475137029dbd2e4b68284a10e4d91cf57c2a3a357fef2455
SHA512

5c8df393fa221642b6f121bb68d9a9b1d06096ce2a192215d29cd2e1192ac4674b81f9ca6cf9ce66f73e61e0a33347eaa75eed49ec0fa4aa6664ed2b4c1f2535
SSDEEP

12288:qJ8J95+w2PBj07hj8qMHUoF2+th8BJncZBO69xfCy4HQwtkxZRGO8vp9NQeY2VaB:SUr+w2x0taUoF2LBJcZBN9yftc/MRQwX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40121a686d81f92a538c015f612dea7c_JaffaCakes118

Files

40121a686d81f92a538c015f612dea7c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b63d40db4d433865748b2827551d096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\muyewexod\eenano\jtsqt\eese\anhoddhv\pvd.PDB

Imports

wininet

InternetGetConnectedStateExA
FtpPutFileW
ShowCertificate
GopherGetAttributeW
InternetConfirmZoneCrossingA
InternetCrackUrlA

advapi32

CryptSetProviderExA
CryptReleaseContext
StartServiceW
RegEnumKeyW
RegEnumValueA
CryptDecrypt
CryptSetProviderExW
CryptSignHashA
CreateServiceW
CryptAcquireContextA
CryptAcquireContextW
RegSaveKeyW
RegQueryInfoKeyA
AbortSystemShutdownA
CryptGetProvParam
CryptExportKey
LookupPrivilegeValueW
RegLoadKeyA
LookupPrivilegeNameA
CryptDestroyKey
CryptEnumProviderTypesW

comctl32

DrawStatusTextW
ImageList_Create
ImageList_GetImageRect
InitCommonControlsEx

user32

OpenDesktopW
SetMessageExtraInfo
AdjustWindowRectEx
SetProcessDefaultLayout
MessageBoxW
PaintDesktop
CountClipboardFormats
EnumDisplaySettingsExA
GetCursor
DdeNameService
LoadAcceleratorsW
RegisterClassExA
IsDialogMessage
DlgDirSelectExA
CreateDialogParamW
EndMenu
DdeUninitialize
GetMenu
DdeSetUserHandle
CharToOemBuffA
DestroyWindow
RegisterClassA
RemovePropW
LoadBitmapA
BroadcastSystemMessage
DrawTextA
CreateWindowStationW
TrackPopupMenu
CharPrevA
MessageBeep
SetUserObjectInformationA
GetKeyboardState
GetWindowTextA
EditWndProc
CallMsgFilterA
BeginDeferWindowPos
OemKeyScan
MapVirtualKeyW
GetWindowLongW
DefWindowProcA
DdeGetLastError
GetUpdateRect
GetProcessDefaultLayout
TrackMouseEvent
EndDialog
GetUserObjectInformationA
SendMessageA
GetMenuItemID
DialogBoxIndirectParamA
TranslateMessage
GetWindowModuleFileNameW
EnumDisplayDevicesW
CreateWindowExW
FlashWindow
ChangeDisplaySettingsA
LoadStringW
EnumPropsW
SetSysColors
DestroyIcon
GetMenuCheckMarkDimensions
SetLastErrorEx
DdeDisconnectList
ShowWindow
SendDlgItemMessageA
GetMenuStringW

comdlg32

ChooseFontW
PageSetupDlgA
ReplaceTextW

gdi32

GetDIBits
SelectClipPath
CreateSolidBrush
CreateFontIndirectA
PolylineTo
DescribePixelFormat
AbortDoc
GetObjectW
CreateDCA
EnumFontFamiliesW
LineDDA
DeleteDC
SetPaletteEntries
SetTextCharacterExtra
MoveToEx
GetDeviceGammaRamp
SelectObject
DeleteObject
GetPixel
EnumICMProfilesW
GetROP2
LineTo
SetICMProfileA
GetDeviceCaps
GetTextMetricsA
GetClipRgn
GetArcDirection
ResetDCW
DeleteMetaFile
GetEnhMetaFileA

kernel32

LoadLibraryExA
GetFileType
TransmitCommChar
GetLocalTime
FreeLibrary
DeleteCriticalSection
GetCurrentThread
OpenSemaphoreW
InterlockedDecrement
GetProcAddress
InterlockedExchange
GetExitCodeProcess
LCMapStringA
CompareStringW
SetThreadPriority
SetEnvironmentVariableA
GetCurrentProcessId
OpenWaitableTimerW
GetPrivateProfileStructW
CreateRemoteThread
GetMailslotInfo
GetModuleFileNameW
FindAtomW
LCMapStringW
WaitCommEvent
GetCPInfo
SetLastError
ReadConsoleOutputAttribute
SetConsoleWindowInfo
CreateToolhelp32Snapshot
GetTimeZoneInformation
DeleteFileW
EnumResourceTypesW
SetStdHandle
CreateFileW
GetFileAttributesExW
CreateDirectoryA
GetStringTypeA
FreeEnvironmentStringsW
IsDebuggerPresent
GetWindowsDirectoryW
ReadFile
InitializeCriticalSection
FindFirstFileW
OpenMutexA
TerminateProcess
UnhandledExceptionFilter
SetLocaleInfoA
GlobalAddAtomA
ExitProcess
GetThreadTimes
VirtualFree
VirtualProtectEx
HeapReAlloc
WideCharToMultiByte
GetCommandLineA
FormatMessageW
ResumeThread
lstrcmpW
GetFileTime
EnumCalendarInfoW
GetAtomNameW
GetTickCount
GetCurrentProcess
GetPrivateProfileSectionA
GetVersion
lstrcatA
VirtualQuery
GetCommandLineW
GetEnvironmentStringsW
VirtualAlloc
GetStringTypeW
GetEnvironmentStrings
WriteFile
CreateEventW
HeapDestroy
LocalLock
GetStartupInfoA
FlushFileBuffers
MultiByteToWideChar
SetThreadLocale
GetPriorityClass
TlsAlloc
LoadLibraryA
RtlUnwind
EnumDateFormatsA
lstrcpyn
TlsGetValue
EnterCriticalSection
OpenEventA
CreateMailslotW
LeaveCriticalSection
DebugBreak
GetStdHandle
GetPrivateProfileStringW
ReadConsoleInputA
GetModuleFileNameA
FreeEnvironmentStringsA
GetCalendarInfoA
TlsSetValue
HeapAlloc
SetFilePointer
InterlockedIncrement
FlushConsoleInputBuffer
HeapFree
LocalReAlloc
CreateMailslotA
DuplicateHandle
GetSystemTimeAsFileTime
CompareStringA
GetPrivateProfileSectionNamesA
SetHandleCount
FindFirstFileExA
GetProcessShutdownParameters
GetModuleHandleA
lstrcmpi
TlsFree
GetSystemTime
SetConsoleTextAttribute
GetCurrentThreadId
CompareFileTime
FindAtomA
TransactNamedPipe
GlobalLock
GetLastError
CreateDirectoryExW
CloseHandle
WaitForDebugEvent
IsValidCodePage
IsBadWritePtr
HeapCreate
QueryPerformanceCounter
GetStartupInfoW
UnlockFileEx
CreateMutexA

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 388KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b63d40db4d433865748b2827551d096

Headers

File Characteristics

PDB Paths

Imports

wininet

advapi32

comctl32

user32

comdlg32

gdi32

kernel32

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 388KB - Virtual size: 386KB

.data Size: 140KB - Virtual size: 142KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 388KB - Virtual size: 386KB

.data
Size: 140KB - Virtual size: 142KB

.rsrc
Size: 24KB - Virtual size: 20KB