44b185cc85ff066942cdf698d78fcc69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

44b185cc85ff066942cdf698d78fcc69_JaffaCakes118
Size

736KB
MD5

44b185cc85ff066942cdf698d78fcc69
SHA1

46158822510135a8d4814fc795e20a02d0d25f2d
SHA256

a45ef07da67e049ea77d62d855c9d0f5fd50da1ce0de4e08fedfee9186330059
SHA512

c4b8dbb299244d3e2bba47c9c7cb597ecc8a5d3300333f4585967c3587f6cca81ce820240a5d9a28265809a80b2fc27d8c83268a7edd0429707094ae5ad55684
SSDEEP

12288:x1m9SJu4hIltUdqIBwmKGZy3F1F2TjflPBTZTSSoAAQawjwBpVH7qlGn98/cWn:x80St/IBYGAtef7xHAQ2pVbqlGq/cY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44b185cc85ff066942cdf698d78fcc69_JaffaCakes118

Files

44b185cc85ff066942cdf698d78fcc69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7a57d4dcc83c1ec227b9c256c9ab8973

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\qdsts

Imports

user32

DefWindowProcW
InsertMenuItemA
PostThreadMessageW
DdeQueryStringA
GetNextDlgTabItem
SetClipboardViewer
DrawTextExW
SetScrollRange
MapWindowPoints
EnumWindowStationsW
GetComboBoxInfo
RegisterClassExA
InsertMenuW
GetTitleBarInfo
MapVirtualKeyExA
IsChild
CreateWindowExW
UnregisterDeviceNotification
WinHelpW
PaintDesktop
SendDlgItemMessageA
AppendMenuW
FlashWindow
LoadMenuIndirectW
SendDlgItemMessageW
IsCharAlphaW
GetMenuStringA
MessageBoxA
IsWindowVisible
SendInput
RegisterHotKey
FillRect
MsgWaitForMultipleObjects
DrawTextA
OemToCharBuffW
RegisterClassA
GetWindowPlacement
GetUserObjectInformationW
ChangeMenuA
SetWindowWord
GetWindowTextLengthW
OemToCharA
DefFrameProcA
SwapMouseButton
ShowWindow
DestroyWindow

shell32

SHGetNewLinkInfo

wininet

FtpPutFileW
InternetGetConnectedStateExA
SetUrlCacheGroupAttributeW
InternetSetDialStateW
InternetSetFilePointer
IsHostInProxyBypassList
GetUrlCacheEntryInfoW
ReadUrlCacheEntryStream
GetUrlCacheEntryInfoExA

comctl32

ImageList_Remove
InitCommonControlsEx
CreateMappedBitmap

gdi32

SetMiterLimit
AngleArc
CreateFontA
SaveDC
GetDeviceCaps
ChoosePixelFormat
EnumEnhMetaFile
LPtoDP
CreateDIBPatternBrush
CreateRectRgn
LineTo
CreateDCA
DrawEscape
DeleteMetaFile
ColorCorrectPalette
RestoreDC
PtInRegion
GetOutlineTextMetricsA
CreateICA
EnumMetaFile
SelectClipPath
GetSystemPaletteEntries
DeleteDC
GetObjectW
SetTextCharacterExtra
GetCharacterPlacementA
SetTextJustification

kernel32

InitializeCriticalSection
WideCharToMultiByte
HeapDestroy
SetFileAttributesW
IsValidLocale
VirtualAlloc
ReadFile
GetCurrentThread
GetCPInfo
QueryPerformanceCounter
GetTimeFormatA
GetLocaleInfoA
GetVersionExA
GetConsoleTitleW
OpenEventW
GetModuleHandleA
FlushFileBuffers
OpenMutexA
VirtualProtect
GetEnvironmentStringsW
LoadLibraryA
HeapReAlloc
EnumCalendarInfoA
VirtualFree
EnterCriticalSection
GetPrivateProfileStringW
GetCommandLineA
SetHandleCount
FindAtomW
GetModuleFileNameW
CompareStringW
GetModuleFileNameA
WaitCommEvent
GetUserDefaultLCID
GetSystemInfo
OpenFile
HeapAlloc
GetStartupInfoW
DeleteCriticalSection
MultiByteToWideChar
TlsAlloc
EnumSystemLocalesA
GetStdHandle
GetLocaleInfoW
GetStringTypeW
LCMapStringW
GetLastError
CreateMutexA
GetTickCount
GetCurrentProcessId
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetOEMCP
GetSystemTimeAsFileTime
TlsFree
CompareStringA
ReleaseMutex
HeapCreate
TerminateProcess
FreeEnvironmentStringsA
HeapFree
SetFilePointer
IsValidCodePage
GetCommandLineW
SetStdHandle
GetStartupInfoA
GetCurrentThreadId
LCMapStringA
GetFileType
RtlUnwind
IsBadWritePtr
GetACP
InterlockedExchange
GetDateFormatA
TlsSetValue
GetEnvironmentStrings
LeaveCriticalSection
VirtualQuery
CloseHandle
GetTimeZoneInformation
GlobalCompact
ExitProcess
UnhandledExceptionFilter
GetStringTypeA
TlsGetValue
GetCurrentProcess
HeapSize
WriteFile
GetFullPathNameA
GetProcAddress
SetLastError

comdlg32

ChooseColorA
GetSaveFileNameW
ChooseColorW
LoadAlterBitmap

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 128KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a57d4dcc83c1ec227b9c256c9ab8973

Headers

File Characteristics

PDB Paths

Imports

user32

shell32

wininet

comctl32

gdi32

kernel32

comdlg32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 460KB - Virtual size: 457KB

.data Size: 128KB - Virtual size: 138KB

.rsrc Size: 56KB - Virtual size: 53KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 460KB - Virtual size: 457KB

.data
Size: 128KB - Virtual size: 138KB

.rsrc
Size: 56KB - Virtual size: 53KB