427c0f471300b9b3e9b46025ef896d72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

427c0f471300b9b3e9b46025ef896d72_JaffaCakes118
Size

748KB
MD5

427c0f471300b9b3e9b46025ef896d72
SHA1

fe8fef890daa65e7a570e85c4ed3ccca41705d8c
SHA256

a8eaac6fbcffff77babc3fd3f5c352c3741a8115b60206758103e70102920c67
SHA512

830a1bff10a8c146d50de5f135e4128a9b59462707b850341d9e942bfa0901516cf89f09e60ada4173192a12bd564878a7032f7828c8d54aae31255cb2a2f8d7
SSDEEP

12288:mj8OdoBWrP06laoL81f70KrXXf+6JFyC0re9FX5eZ0FvqdSddLM5ulCuQbiCNRmz:mwmoBWT0NoLmflLG6V0ry0u5naulCuQT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
427c0f471300b9b3e9b46025ef896d72_JaffaCakes118

Files

427c0f471300b9b3e9b46025ef896d72_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5249e241ed05f6f9772180672fa7b867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qreuait\ajahb.pdb

Imports

kernel32

GetCommandLineA
GetProcAddress
GetLocaleInfoA
InterlockedExchange
GetConsoleMode
GetFileType
InterlockedDecrement
WriteConsoleA
GetACP
InitializeCriticalSectionAndSpinCount
FindClose
GetDiskFreeSpaceExW
SetStdHandle
GetLastError
GetCurrentProcessId
FreeEnvironmentStringsA
FlushFileBuffers
FreeEnvironmentStringsW
SetConsoleCtrlHandler
SetThreadPriority
GetCurrentThreadId
DeleteCriticalSection
LCMapStringA
SetUnhandledExceptionFilter
EnterCriticalSection
GetCurrentThread
GetProfileStringA
FindResourceExA
LoadLibraryA
GetTickCount
GetModuleHandleW
GetCurrentProcess
GetConsoleCP
HeapSize
GetTimeZoneInformation
IsValidLocale
CreateNamedPipeA
GetLocaleInfoW
SetLastError
GetNumberFormatA
IsDebuggerPresent
GetOEMCP
RtlUnwind
ReadFile
GlobalSize
CreateFileA
WriteConsoleW
CreateMutexA
LeaveCriticalSection
TlsAlloc
GetStringTypeW
CompareStringA
GetStringTypeA
lstrlen
TlsGetValue
GetEnvironmentStrings
HeapAlloc
VirtualFree
GetStartupInfoA
GetTimeFormatA
HeapDestroy
FreeLibrary
InterlockedIncrement
SetEnvironmentVariableA
GetSystemTimeAsFileTime
IsValidCodePage
HeapFree
GetEnvironmentStringsW
LCMapStringW
GetSystemTime
CloseHandle
Sleep
GetModuleFileNameA
RtlZeroMemory
GetDriveTypeW
SetHandleCount
GetVersionExW
CompareStringW
HeapReAlloc
GetStdHandle
VirtualQuery
TlsFree
MultiByteToWideChar
QueryPerformanceCounter
SetFilePointer
UnhandledExceptionFilter
VirtualAlloc
GetConsoleOutputCP
ExitProcess
HeapCreate
GetCPInfo
lstrcpyn
GetDateFormatA
GetUserDefaultLCID
OpenMutexA
TerminateProcess
ResumeThread
WideCharToMultiByte
WriteFile
EnumSystemLocalesA
SetConsoleWindowInfo
TlsSetValue
GetModuleHandleA

shell32

InternalExtractIconListA
ShellExecuteW
ExtractAssociatedIconW
SheChangeDirExW

comctl32

ImageList_GetIconSize
DrawStatusTextW
InitCommonControlsEx
ImageList_GetFlags
ImageList_SetOverlayImage
ImageList_SetFilter

comdlg32

ChooseFontW
ReplaceTextW
PageSetupDlgW
ChooseFontA

user32

DdeConnect
ClipCursor
LoadCursorA
DialogBoxIndirectParamW
CreateWindowExW
CharUpperBuffW
DrawStateW
GetMessageW
GetInputState
RegisterClassExA
SystemParametersInfoA
GetKeyboardLayoutNameA
PeekMessageA
FindWindowExA
DdeUninitialize
SetWindowsHookExA
SetUserObjectSecurity
ShowWindow
IsWindow
OpenIcon
SetWindowLongW
DispatchMessageW
SetClassWord
SetMenuContextHelpId
MessageBoxA
ChangeDisplaySettingsExA
DefWindowProcA
NotifyWinEvent
MessageBoxW
UnregisterClassW
DlgDirListComboBoxA
DestroyWindow
FrameRect
SetTimer
UnhookWinEvent
UnloadKeyboardLayout
SendNotifyMessageA
SetPropW
DdeFreeStringHandle
EnableMenuItem
RegisterClassA
IsZoomed
SetCursor
IsRectEmpty
DrawEdge
SetWindowsHookA
EnumPropsExW
CharPrevW

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5249e241ed05f6f9772180672fa7b867

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

comdlg32

user32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 464KB - Virtual size: 462KB

.data Size: 128KB - Virtual size: 144KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 464KB - Virtual size: 462KB

.data
Size: 128KB - Virtual size: 144KB

.rsrc
Size: 60KB - Virtual size: 56KB