4331dcabc5efd59d4afb7d86c4e5074e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4331dcabc5efd59d4afb7d86c4e5074e_JaffaCakes118
Size

308KB
MD5

4331dcabc5efd59d4afb7d86c4e5074e
SHA1

181a5af547c31e8d956be4ecc5f2e5a23f14af00
SHA256

fdc850f6f84ea301b45afa9885e6cdd128197477c3eaf7e6109bdcd811ac6b92
SHA512

444e5420bd0a40b94aa8d4ef68c2812dcba252ae297677058143212fffd0c0cdb9a0452afa88c29b9b10fe0d61f4fdccc2bd5faa5dd394d8eb42dee2ba9823b0
SSDEEP

6144:iyH2QkbbED1SEd0KBC3eTU500td29q65TsDInBs2FV:iw2Q6u140ad8od2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4331dcabc5efd59d4afb7d86c4e5074e_JaffaCakes118

Files

4331dcabc5efd59d4afb7d86c4e5074e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dfadecd745e915dac746bdac712dbd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\flu\hwaemsgm\poiebeae\vsde\stzbieono\b

Imports

gdi32

TextOutA
GetObjectW
CreateScalableFontResourceA
SetICMProfileA
PtInRegion
RoundRect
ModifyWorldTransform
StretchBlt
ExtTextOutA
DeleteDC
GetGraphicsMode
SetGraphicsMode
GetNearestPaletteIndex
MaskBlt
SelectObject
CreateColorSpaceA
SwapBuffers
SetFontEnumeration
FloodFill
UpdateICMRegKeyW
SetMapperFlags
CloseMetaFile
CreateDCA
GetDeviceCaps
AbortDoc
RealizePalette

user32

LoadMenuA
CreateIconFromResourceEx
FindWindowW
DestroyWindow
DragObject
SetFocus
GrayStringA
RegisterClassA
AppendMenuW
CharToOemBuffW
GetDC
ChangeDisplaySettingsA
GetKeyboardType
IsRectEmpty
VkKeyScanExA
wvsprintfA
SetMenuDefaultItem
VkKeyScanW
GetSysColorBrush
DdeCreateStringHandleW
GetMenuBarInfo
InsertMenuItemW
GetUserObjectInformationA
GetKeyNameTextW
SetWindowsHookExA
ClientToScreen
FreeDDElParam
GetClassInfoW
CharPrevW
TranslateAcceleratorA
GetWindowRgn
RegisterClassExA
UnregisterClassA
DestroyCursor
MessageBoxA
IntersectRect
ShowWindow
CallMsgFilterW
MonitorFromWindow
OpenClipboard
CopyImage
wsprintfA
OpenInputDesktop
DefMDIChildProcW
DefWindowProcW
SetMessageQueue
ValidateRect
SetMenuInfo
SetSystemCursor
EnumDesktopsW
GetWindowInfo
DrawStateA
CascadeWindows
ChangeDisplaySettingsExW
DrawTextExW
ChangeDisplaySettingsExA
SetWindowRgn
WINNLSGetEnableStatus
CreateWindowExW

comctl32

CreateUpDownControl
ImageList_Draw
ImageList_DragEnter
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_SetFilter
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetIcon
CreateStatusWindowW
ImageList_AddIcon
DrawInsert
ImageList_SetFlags
CreatePropertySheetPage
ImageList_Create
ImageList_GetImageCount
ImageList_SetDragCursorImage

kernel32

LCMapStringW
GetFileType
LeaveCriticalSection
SetLastError
GetDriveTypeA
EnterCriticalSection
HeapAlloc
GetConsoleOutputCP
CloseHandle
OpenMutexA
HeapCreate
SetConsoleActiveScreenBuffer
HeapReAlloc
FreeResource
GetSystemDirectoryW
GetModuleFileNameA
InitializeCriticalSection
GetCurrentThread
VirtualFree
InterlockedIncrement
GetCurrentThreadId
Sleep
IsValidLocale
GetPrivateProfileIntA
InterlockedExchange
LCMapStringA
MultiByteToWideChar
ReadConsoleOutputAttribute
GetThreadContext
OpenFileMappingW
DeleteCriticalSection
EnumSystemLocalesA
GetTimeZoneInformation
GetConsoleCP
EnumResourceNamesA
FoldStringA
SetPriorityClass
HeapDestroy
EnumCalendarInfoW
HeapSize
DebugActiveProcess
FreeEnvironmentStringsW
CompareStringA
IsValidCodePage
CreateFileA
ExitProcess
GetSystemTimeAsFileTime
lstrcpynW
SetConsoleTitleW
GetStringTypeA
HeapFree
GetConsoleTitleW
WriteFile
WideCharToMultiByte
TlsFree
GetUserDefaultLCID
SetEnvironmentVariableA
FindFirstFileW
SetConsoleCursorInfo
DeleteFileW
VirtualAlloc
GetEnvironmentVariableW
GetLocaleInfoA
TerminateThread
ReadConsoleOutputCharacterW
PulseEvent
UnlockFileEx
WriteConsoleOutputA
TerminateProcess
GetProcAddress
SetConsoleCtrlHandler
InterlockedDecrement
GetEnvironmentVariableA
GetNamedPipeHandleStateW
FlushFileBuffers
GetModuleHandleA
UnhandledExceptionFilter
GetACP
SetFilePointer
SetHandleCount
WritePrivateProfileStructA
TlsAlloc
GetCurrentProcess
CreateNamedPipeW
GetStringTypeW
GetLastError
RtlUnwind
IsDebuggerPresent
GetPrivateProfileStringA
GlobalUnlock
WriteConsoleW
GetFullPathNameW
SetConsoleCursorPosition
GetConsoleMode
VirtualQuery
CreateMutexA
SetStdHandle
GetLocaleInfoW
GetEnvironmentStrings
GetCommandLineA
ConnectNamedPipe
LoadLibraryA
GetStdHandle
GetDiskFreeSpaceExW
GetProcessHeap
QueryPerformanceCounter
FreeLibrary
SetEnvironmentVariableW
SetUnhandledExceptionFilter
InterlockedCompareExchange
TlsGetValue
EnumDateFormatsExW
GetEnvironmentStringsW
GetVersionExA
GetStartupInfoW
TlsSetValue
ReadConsoleInputA
CompareStringW
FreeEnvironmentStringsA
GetCurrentProcessId
GetOEMCP
WriteConsoleA
GetTimeFormatA
GetCPInfo
GetStartupInfoA
GetTickCount
FileTimeToSystemTime
ReadFile
WritePrivateProfileSectionA
LocalCompact
GetDateFormatA

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6dfadecd745e915dac746bdac712dbd1

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comctl32

kernel32

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 96KB - Virtual size: 101KB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 96KB - Virtual size: 101KB

.rsrc
Size: 28KB - Virtual size: 27KB