430b6d9abdb9b3e718c9c5cf76dbd6c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

430b6d9abdb9b3e718c9c5cf76dbd6c2_JaffaCakes118
Size

328KB
MD5

430b6d9abdb9b3e718c9c5cf76dbd6c2
SHA1

1e7b4e686274759f1d05923ac40375ab23add082
SHA256

6271eafb57d2a6822c9d69f9820807a47e1c852185ab709a84187f8b366e434f
SHA512

82442bda87dff9957afb068b81b8cc348954093182bd24cdc9047197666984af076d60a4c1f4c84ae20775da29e7f333661fe6bb9f7ae1550fd814719343e2ea
SSDEEP

6144:Ei2QFKBqa8THNZ/+r3KNLQjqrIkqWN8yh97KOo091JA:Ei2QF7H+3ET8wSW7n9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
430b6d9abdb9b3e718c9c5cf76dbd6c2_JaffaCakes118

Files

430b6d9abdb9b3e718c9c5cf76dbd6c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

52a51658116a57766b87ee1fbb7ddeca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\tvveirjoy\ezf.pdb

Imports

comdlg32

PageSetupDlgW

comctl32

DestroyPropertySheetPage
ImageList_GetImageCount
ImageList_GetImageRect
DrawInsert
ImageList_SetImageCount
InitCommonControlsEx
ImageList_Replace
ImageList_Create
ImageList_Add
InitMUILanguage
ImageList_SetBkColor
CreateUpDownControl
DrawStatusTextA

kernel32

GetStartupInfoA
FreeEnvironmentStringsA
GetConsoleCP
GetEnvironmentStringsA
LCMapStringW
SetHandleCount
InterlockedDecrement
GetFullPathNameW
IsBadWritePtr
OpenFileMappingW
GetStdHandle
EnumCalendarInfoW
GetProcessHeap
GlobalFix
GetCurrencyFormatW
CloseHandle
SetEnvironmentVariableA
AllocConsole
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedIncrement
QueryPerformanceCounter
LocalHandle
HeapReAlloc
FileTimeToLocalFileTime
HeapDestroy
GetLocalTime
SetVolumeLabelA
WaitForMultipleObjects
GetVersion
GetProcAddress
LoadLibraryA
GetStartupInfoW
GetCompressedFileSizeA
CreateMutexA
GetPriorityClass
GetCommandLineW
OpenProcess
GetPrivateProfileStructA
DeleteFileA
TlsAlloc
GetComputerNameA
HeapSize
FormatMessageW
GetStringTypeW
GetEnvironmentStringsW
CompareStringW
GetModuleHandleA
WaitCommEvent
VirtualQuery
EnumDateFormatsW
HeapFree
LeaveCriticalSection
CompareStringA
GetModuleHandleW
ReadConsoleOutputCharacterA
RemoveDirectoryA
lstrcpyW
ExitProcess
CreateWaitableTimerA
GetModuleFileNameW
SetCurrentDirectoryW
FindAtomA
VirtualFree
ConnectNamedPipe
DeleteCriticalSection
GetStringTypeA
SetLastError
GetFileType
UnmapViewOfFile
GetSystemTime
CreateWaitableTimerW
TlsSetValue
OpenMutexA
GetCurrentThread
GetEnvironmentStrings
GetCommandLineA
GetSystemTimeAsFileTime
HeapValidate
SetConsoleWindowInfo
WideCharToMultiByte
SetVolumeLabelW
SetStdHandle
RtlUnwind
FlushFileBuffers
TlsGetValue
TerminateProcess
UnhandledExceptionFilter
GetCurrentProcess
DeleteFileW
GetTickCount
FindResourceExW
EnterCriticalSection
GetNamedPipeInfo
SetFilePointer
GetConsoleTitleW
LocalFree
WriteFile
HeapAlloc
GetComputerNameW
FreeResource
GetCurrentThreadId
GlobalCompact
FoldStringA
SetThreadAffinityMask
GetCurrentProcessId
InitializeCriticalSection
GetTimeZoneInformation
TlsFree
HeapCreate
ReadFile
FileTimeToDosDateTime
SystemTimeToTzSpecificLocalTime
VirtualAlloc
UnlockFile
lstrcmp
InterlockedExchange
SetFileAttributesA
GetLastError
GetFileAttributesExA
GetCPInfo
LCMapStringA
MultiByteToWideChar

user32

DrawIcon
OemToCharBuffA
DlgDirSelectComboBoxExA
CreateWindowExA
GetKBCodePage
DdeCreateStringHandleA
MessageBoxA
DestroyAcceleratorTable
WinHelpW
UnregisterDeviceNotification
ChangeDisplaySettingsW
DefWindowProcW
EnableMenuItem
AnimateWindow
MessageBoxIndirectA
DefMDIChildProcA
GetScrollPos
SetLastErrorEx
MessageBoxExA
RegisterClassExA
GetClassInfoExW
DlgDirListComboBoxA
RegisterClassA
KillTimer
EnumDisplaySettingsA
GetMenuDefaultItem
OpenIcon
DdeImpersonateClient
GetDlgItemInt
ChangeClipboardChain
GetTitleBarInfo
GetKeyNameTextW
LoadImageW
CreateAcceleratorTableA
VkKeyScanExW
IsClipboardFormatAvailable
LoadKeyboardLayoutW
SendMessageTimeoutW
SetClipboardData
DdeCreateDataHandle
OpenDesktopW
GetThreadDesktop
DdeReconnect
GetProcessDefaultLayout
CharUpperW
GetKeyboardType
ShowWindow
ModifyMenuA
ChangeMenuW
DrawIconEx
CharUpperA
DrawTextExW
ChildWindowFromPointEx
ShowCursor
ChildWindowFromPoint
UnhookWinEvent
CharToOemBuffW
BroadcastSystemMessage
IsDialogMessageW
IsCharAlphaA
GetMenuInfo
EnumPropsExA
GetKeyNameTextA
DdeSetUserHandle
LoadMenuA
DestroyWindow
DdeAbandonTransaction
LoadIconW
ToAscii
SetPropA
LookupIconIdFromDirectoryEx
GetUserObjectInformationA
EnumDisplaySettingsW
CharPrevW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

52a51658116a57766b87ee1fbb7ddeca

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 92KB - Virtual size: 89KB

.data Size: 96KB - Virtual size: 124KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 92KB - Virtual size: 89KB

.data
Size: 96KB - Virtual size: 124KB

.rsrc
Size: 24KB - Virtual size: 21KB