40e52cda2c679157d15886575551d483_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40e52cda2c679157d15886575551d483_JaffaCakes118
Size

548KB
MD5

40e52cda2c679157d15886575551d483
SHA1

6667900cd08903601e282b160d294aba8ea919bb
SHA256

d9319805b48d904082eee2573078d2294c5caf0acb6ddd23c9975d8d709ba71e
SHA512

0bba9afdd695fa09f0d75c8665f86a88b1a4c03049d5055eda50f4801c2c7f705eca2c4ad610de7d82c3e4761392250ae34c9899f0957daf2349912f19682a3d
SSDEEP

12288:s99WtgrgN8v50PY1w9A655qkjq+3kiHaN0rgqgLfMe9HczF7K3sg4rx8Q2FO/wpg:s9+gSW50PY1oBL3N6ggqgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40e52cda2c679157d15886575551d483_JaffaCakes118

Files

40e52cda2c679157d15886575551d483_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13af43afdb14c386fcdb19a5c4a9126d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ewejanhepk\yrokammzht\yrgjo

Imports

comdlg32

GetSaveFileNameW

user32

SetLastErrorEx
RegisterClassA
SystemParametersInfoA
GetKeyboardLayoutNameW
DestroyWindow
SubtractRect
SetMenuItemInfoA
FindWindowA
PackDDElParam
GetWindowThreadProcessId
CreateWindowExA
GetClassWord
EmptyClipboard
UnregisterClassW
TabbedTextOutA
CharNextW
ValidateRgn
SendNotifyMessageW
UnionRect
CreateDialogParamW
ShowWindow
ReplyMessage
MsgWaitForMultipleObjectsEx
EditWndProc
CloseClipboard
GetClassLongA
DdeNameService
CreateCaret
IsCharUpperW
SetPropA
CharPrevW
UnloadKeyboardLayout
BroadcastSystemMessageW
MessageBoxA
SendMessageA
GetKeyboardLayoutList
GetMenuContextHelpId
LoadMenuIndirectW
DefWindowProcW
DrawTextA
GetLastActivePopup
ShowScrollBar
DestroyCaret
SetWindowLongW
AnimateWindow
GetMenuItemID
wsprintfW
OemToCharBuffA
ToUnicode
SetSystemCursor
LoadAcceleratorsA
RegisterClassExA
GetMessageW
OpenClipboard
DdeDisconnectList
DefDlgProcA
DdeKeepStringHandle
DdeReconnect
GetInputDesktop
GetActiveWindow
DdeCreateDataHandle
ModifyMenuA
SetTimer
SetPropW

kernel32

GetStdHandle
HeapAlloc
GetPrivateProfileStructW
GetOEMCP
EnterCriticalSection
WideCharToMultiByte
WaitForMultipleObjectsEx
GetStringTypeA
SetUnhandledExceptionFilter
GetTickCount
GetVersionExA
GetModuleFileNameW
FlushFileBuffers
LoadLibraryA
CompareStringW
GetConsoleCP
FileTimeToSystemTime
FreeLibrary
GetEnvironmentStrings
TerminateProcess
SetFilePointer
GetEnvironmentStringsW
WriteConsoleA
GetConsoleMode
HeapCreate
IsValidLocale
LeaveCriticalSection
CompareStringA
GetShortPathNameW
GetCurrentProcess
IsDebuggerPresent
SetHandleCount
TlsFree
DebugBreak
lstrcpyn
HeapDestroy
GetProcAddress
GetCurrentProcessId
GetLocaleInfoW
VirtualFree
WriteProfileStringW
GetModuleHandleA
GetLocaleInfoA
WriteFile
InitializeCriticalSection
CreateFileA
lstrcmpA
LCMapStringA
TlsGetValue
GetSystemTimeAsFileTime
HeapValidate
EnumSystemLocalesA
RaiseException
UnhandledExceptionFilter
OutputDebugStringA
ReadFile
GetStartupInfoA
GetACP
CreateMutexA
GetConsoleOutputCP
ReadConsoleOutputCharacterA
GetCurrentThread
GetUserDefaultLCID
SetConsoleActiveScreenBuffer
ReleaseSemaphore
LCMapStringW
GetThreadPriorityBoost
IsBadReadPtr
HeapReAlloc
GetCurrentThreadId
GetStringTypeW
LoadLibraryW
SetConsoleCtrlHandler
HeapFree
MultiByteToWideChar
GetTimeFormatA
GetCommandLineA
OpenMutexA
SetEnvironmentVariableA
lstrlenA
InterlockedDecrement
QueryPerformanceCounter
GetCPInfo
GetProfileStringW
GlobalFlags
GetFileType
ExitProcess
SetLastError
TlsAlloc
GetModuleFileNameA
VirtualQuery
SetStdHandle
GetTimeZoneInformation
GetDateFormatA
DeleteCriticalSection
GetStartupInfoW
WriteConsoleW
InterlockedExchange
GetLastError
GetProcessHeap
FreeEnvironmentStringsA
RtlUnwind
VirtualAlloc
InterlockedIncrement
OutputDebugStringW
TlsSetValue
GetCommandLineW
IsValidCodePage
VirtualQueryEx
CloseHandle
FreeEnvironmentStringsW

comctl32

CreateMappedBitmap
ImageList_GetImageInfo
ImageList_Create
ImageList_Write
ImageList_GetFlags
DrawStatusTextA
ImageList_SetFilter
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_Read
ImageList_LoadImage
ImageList_DragLeave
ImageList_Remove
DrawStatusTextW
ImageList_LoadImageW
ImageList_Duplicate
ImageList_GetImageRect
ImageList_Add
ImageList_GetDragImage
_TrackMouseEvent
ImageList_Merge

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13af43afdb14c386fcdb19a5c4a9126d

Headers

File Characteristics

PDB Paths

Imports

comdlg32

user32

kernel32

comctl32

Sections

.text Size: 276KB - Virtual size: 273KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 96KB - Virtual size: 103KB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: 276KB - Virtual size: 273KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 96KB - Virtual size: 103KB

.rsrc
Size: 68KB - Virtual size: 67KB