4708e56687264a727bdaed439966bd97_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4708e56687264a727bdaed439966bd97_JaffaCakes118
Size

548KB
MD5

4708e56687264a727bdaed439966bd97
SHA1

1cc53d5baf710acb3e13f5165495d661c7aae22c
SHA256

3c3d9f6d0ca6a489afb06a53c9325541dc484bc654aeec4428852c9c8df2c2d6
SHA512

ddb3dea60c445bb026b4a82589ac061a7579fa0b252bffde047fcf23cafb509bb1185c9999466e948b3d24c66f513995674810e30ee68f08655a0faf45fbdc41
SSDEEP

12288:eZwg/CVL5n//aKp4Xh3tm1i+L/s9ebrf9fDjoApam:eZlK95n/r4NHa/iuT9fTEm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4708e56687264a727bdaed439966bd97_JaffaCakes118

Files

4708e56687264a727bdaed439966bd97_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bfac8bb08745dda315f9d9f04d45824

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\iepao\fkhzanims\debqhqj.PDB

Imports

gdi32

GetCharABCWidthsW
TextOutA
ScaleViewportExtEx

user32

SetDeskWallpaper
TranslateAcceleratorA
CreateWindowExA
DdeClientTransaction
DefWindowProcW
ShowWindowAsync
DefDlgProcA
LoadStringA
InsertMenuW
DdeUnaccessData
SetClassLongW
CharNextExA
IsDialogMessageW
MapWindowPoints
DestroyWindow
GetParent
EnumPropsW
ArrangeIconicWindows
IsCharAlphaNumericA
UnregisterClassA
DdeDisconnectList
GetKeyNameTextA
GetUpdateRgn
DrawFrame
EndTask
MapDialogRect
GetInputState
DrawIconEx
CreateAcceleratorTableA
CloseDesktop
CreateIconIndirect
RegisterWindowMessageW
SetWindowWord
RegisterClassExA
SetUserObjectInformationA
MessageBoxW
CheckRadioButton
PostMessageW
GetDCEx
EnumPropsExA
MoveWindow
GetCaretPos
SendDlgItemMessageW
GetProcessWindowStation
GetScrollRange
GetMonitorInfoW
RegisterClassA
SetPropW
CloseWindow
DlgDirSelectComboBoxExA
GetShellWindow
FindWindowExW
LookupIconIdFromDirectory
DrawMenuBar
FindWindowW
ShowWindow
GetClipboardData
DrawTextExW
ClipCursor
GetMenuContextHelpId
PostThreadMessageA
GetWindowWord
LoadAcceleratorsA
WINNLSEnableIME
MenuItemFromPoint
GetMenuItemInfoW
SystemParametersInfoA
UnhookWindowsHook
MsgWaitForMultipleObjectsEx
LoadImageA
IsCharAlphaA
SetFocus

wininet

InternetHangUp
DeleteUrlCacheGroup
IncrementUrlCacheHeaderData
InternetSetDialStateW
GopherFindFirstFileW

advapi32

CryptSignHashA
CryptHashSessionKey

kernel32

SetConsoleCtrlHandler
TlsAlloc
CreateMutexA
LoadLibraryA
OutputDebugStringA
TlsFree
WritePrivateProfileStringW
ReadFile
GetPrivateProfileSectionW
HeapValidate
GetSystemInfo
GetStdHandle
DeleteFileA
GetACP
GetProfileIntW
GetProcessHeaps
GetPriorityClass
SetConsoleTextAttribute
InterlockedExchange
SetCurrentDirectoryA
SetFilePointer
SystemTimeToTzSpecificLocalTime
GetVolumeInformationA
GetCommandLineW
FlushFileBuffers
FreeEnvironmentStringsW
GetStartupInfoW
GetSystemTimeAsFileTime
lstrcmpA
ReadConsoleW
FreeEnvironmentStringsA
InitializeCriticalSection
CommConfigDialogW
IsBadWritePtr
SetLastError
VirtualQuery
HeapReAlloc
SetHandleCount
RtlUnwind
GetDateFormatA
GetLocaleInfoA
GetPrivateProfileSectionNamesW
MapViewOfFileEx
SetConsoleCP
GetShortPathNameW
SetConsoleWindowInfo
GlobalHandle
CreateDirectoryW
GetLocaleInfoW
GetFileSize
SetThreadContext
GetCurrentThreadId
GetModuleFileNameW
FillConsoleOutputCharacterA
InterlockedDecrement
GetLastError
lstrlenA
WideCharToMultiByte
GetModuleFileNameA
ReadConsoleOutputA
HeapFree
GetCPInfo
SetEnvironmentVariableA
SetEndOfFile
LeaveCriticalSection
TerminateProcess
MultiByteToWideChar
GetTimeZoneInformation
ExpandEnvironmentStringsA
OpenFile
IsBadReadPtr
ExpandEnvironmentStringsW
CreateFileMappingA
SetVolumeLabelA
CreateFileMappingW
FileTimeToDosDateTime
EnumResourceNamesW
EnumSystemLocalesA
GetModuleHandleA
CreateNamedPipeA
GetFileAttributesW
GetCommandLineA
SetUnhandledExceptionFilter
GetStartupInfoA
CompareStringW
GetStringTypeExA
GetCurrentProcess
FillConsoleOutputCharacterW
GetStringTypeA
GetProcAddress
GetTickCount
GetUserDefaultLCID
TlsSetValue
IsValidCodePage
VirtualFree
CompareStringA
HeapCreate
WriteConsoleOutputW
WriteFile
GetVersionExA
GetPrivateProfileSectionNamesA
GetFileType
GetEnvironmentStringsW
OpenEventA
IsValidLocale
GetCalendarInfoW
SetConsoleCursorInfo
TlsGetValue
DebugActiveProcess
TransactNamedPipe
UnhandledExceptionFilter
DeleteCriticalSection
QueryPerformanceCounter
CreateMailslotW
GetCurrentThread
EnterCriticalSection
GetProcessHeap
CreateFileA
GetStringTypeW
CreateToolhelp32Snapshot
ExitProcess
DeleteFiber
CloseHandle
GetModuleHandleW
GetTimeFormatA
GetProfileSectionA
HeapAlloc
FindResourceW
WriteFileEx
OpenMutexA
SleepEx
LCMapStringA
LCMapStringW
GetOEMCP
EnumResourceLanguagesW
VirtualAlloc
GetSystemTimeAdjustment
InterlockedIncrement
WritePrivateProfileStructW
GetCurrentProcessId
SetStdHandle
DebugBreak
GetLocalTime
GetEnvironmentStrings
VirtualProtect
GlobalCompact
HeapDestroy

comdlg32

FindTextW

comctl32

ImageList_Read
DrawStatusTextA
MakeDragList
ImageList_GetImageRect
ImageList_Remove
ImageList_LoadImageW
ImageList_Destroy
DrawStatusText
ImageList_GetDragImage
CreateStatusWindow
InitCommonControlsEx
ImageList_AddMasked
ImageList_Write
ImageList_GetImageCount
CreatePropertySheetPage
ImageList_Duplicate
ImageList_EndDrag

Sections

.text
Size: 128KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bfac8bb08745dda315f9d9f04d45824

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

wininet

advapi32

kernel32

comdlg32

comctl32

Sections

.text Size: 128KB - Virtual size: 125KB

.rdata Size: 264KB - Virtual size: 263KB

.data Size: 104KB - Virtual size: 130KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 128KB - Virtual size: 125KB

.rdata
Size: 264KB - Virtual size: 263KB

.data
Size: 104KB - Virtual size: 130KB

.rsrc
Size: 48KB - Virtual size: 46KB