4187fcfa4c1c145fab4afb10420bdf36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4187fcfa4c1c145fab4afb10420bdf36_JaffaCakes118
Size

368KB
MD5

4187fcfa4c1c145fab4afb10420bdf36
SHA1

6530933ef781ce4276daca0fad5fc80991ae2e04
SHA256

1f0c11bc4e1e8bfecdd4f34ece1b64779902f9173626b6ced10f62ec61e2c45b
SHA512

e2f1e120ffef3169bc4cab6044a645c06774ba9765203b71d07157cc3fbbfee3305787417dbee017612f134a37e3852beb3995442512d14224526831efb53dea
SSDEEP

6144:XYQLDzP79ZcET9t71oN2mrlSMCKIwFNpbvSbTFo5hLcmpDq/ewijm:XYQLP79htZwlSMCKlv0TcJcmtqWw8m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4187fcfa4c1c145fab4afb10420bdf36_JaffaCakes118

Files

4187fcfa4c1c145fab4afb10420bdf36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55bb0335aa20aa66debd9db824f3e730

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ntzspse.pdb

Imports

gdi32

CreateFontW
GetTextCharacterExtra
EnumFontsA
FloodFill
CreateDIBPatternBrushPt
CombineTransform
EnumFontFamiliesW
GetGlyphOutlineA
CreateScalableFontResourceW
OffsetClipRgn
SetAbortProc
GetTextCharsetInfo
GetCharWidthFloatA
GdiFlush

advapi32

GetUserNameW
RevertToSelf
RegEnumKeyW
RegEnumKeyA

kernel32

HeapSize
OpenFile
lstrcatW
GetStringTypeW
FreeEnvironmentStringsA
GetCurrentProcess
GetShortPathNameA
MultiByteToWideChar
HeapFree
ReadFile
GetFileType
SetStdHandle
DeleteCriticalSection
GetNumberFormatA
WaitNamedPipeW
GetSystemDefaultLCID
DosDateTimeToFileTime
RtlUnwind
VirtualProtectEx
LocalUnlock
HeapDestroy
CloseHandle
InterlockedDecrement
GetModuleHandleA
TlsAlloc
GetProfileIntA
FlushFileBuffers
SetHandleCount
LeaveCriticalSection
GetModuleFileNameA
OutputDebugStringA
HeapReAlloc
VirtualQueryEx
GetStartupInfoA
GetTempPathA
GlobalReAlloc
CreateThread
HeapAlloc
MapViewOfFileEx
GetSystemTime
GetCPInfo
GetVersion
InterlockedExchange
WideCharToMultiByte
TerminateProcess
FindAtomW
InitializeCriticalSection
EnumResourceTypesW
GetLastError
GetConsoleMode
RtlFillMemory
GlobalFlags
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
LoadLibraryA
DuplicateHandle
GetTimeZoneInformation
UnhandledExceptionFilter
LocalCompact
GetACP
GetConsoleCursorInfo
SetEnvironmentVariableA
EnumCalendarInfoExW
GetModuleHandleW
SetConsoleActiveScreenBuffer
FileTimeToSystemTime
EnumResourceLanguagesW
ReadConsoleOutputCharacterA
TlsSetValue
LCMapStringA
GetProcAddress
DeleteFiber
EnterCriticalSection
GetCurrentThreadId
GetLongPathNameA
GetStdHandle
TlsFree
GetSystemTimeAsFileTime
FindClose
HeapCreate
CompareStringW
GetPrivateProfileIntW
SetLastError
TlsGetValue
GetEnvironmentStrings
GetLocalTime
QueryPerformanceCounter
VirtualFree
CreateNamedPipeW
GetComputerNameW
IsBadWritePtr
LocalShrink
CreateMutexA
GetCurrentProcessId
InterlockedIncrement
ExitProcess
GetStringTypeA
GetTickCount
WriteFile
GetCommandLineA
GetOEMCP
CompareStringA
LCMapStringW
OpenMutexA
GetCurrentThread
GlobalFindAtomW
FreeLibraryAndExitThread
VirtualAlloc
VirtualQuery
FileTimeToLocalFileTime

shell32

SheChangeDirExW
SHFreeNameMappings
ExtractAssociatedIconExW

comdlg32

LoadAlterBitmap
GetFileTitleA
FindTextA
ChooseFontW

user32

DeleteMenu
DdeAbandonTransaction
GetKBCodePage
GetLastActivePopup
DefWindowProcA
InvalidateRgn
GetQueueStatus
ImpersonateDdeClientWindow
DrawCaption
GetClassLongW
SetSystemCursor
GetPropW
UnpackDDElParam
CharUpperW
GetDlgItemTextW
GetMessageExtraInfo
CreateWindowExA
RegisterClassA
GetGUIThreadInfo
CreateDesktopW
SetWindowContextHelpId
LoadMenuW
GetWindowLongA
VkKeyScanA
CreateDialogIndirectParamA
SetRectEmpty
CharToOemBuffA
GetAltTabInfo
GetKeyboardType
DialogBoxIndirectParamW
EmptyClipboard
TrackPopupMenuEx
GetPropA
CreateWindowStationA
DialogBoxIndirectParamA
TrackMouseEvent
GetWindowContextHelpId
CreateCursor
MessageBoxA
RegisterHotKey
CallNextHookEx
SetClipboardData
GetDesktopWindow
RegisterClassExA
TrackPopupMenu
GetMonitorInfoA
GetCursorInfo
AnyPopup
SetMenu
ValidateRgn
GetWindowTextA
DrawTextW
IsCharUpperW
DlgDirSelectExA
GetSubMenu
GetSystemMetrics
SendDlgItemMessageA
ShowWindow
CreateIcon
GetWindowTextLengthA
DestroyWindow
SetClassWord
WinHelpA
CascadeWindows
ChangeClipboardChain
GetInputState
ModifyMenuA
CountClipboardFormats
UnhookWinEvent

comctl32

CreateToolbarEx
ImageList_DragEnter
ImageList_DragLeave
ImageList_Read
MakeDragList
DrawStatusTextW
CreatePropertySheetPageA
ImageList_SetFlags
ImageList_GetBkColor
CreateMappedBitmap
ImageList_DragShowNolock
GetEffectiveClientRect
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_LoadImageW
InitCommonControlsEx
ImageList_Create

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55bb0335aa20aa66debd9db824f3e730

Headers

File Characteristics

PDB Paths

Imports

gdi32

advapi32

kernel32

shell32

comdlg32

user32

comctl32

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 128KB - Virtual size: 124KB

.data Size: 104KB - Virtual size: 111KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 128KB - Virtual size: 124KB

.data
Size: 104KB - Virtual size: 111KB

.rsrc
Size: 12KB - Virtual size: 10KB