459a9297a2e07f6e5e6680a3077e0e8f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

459a9297a2e07f6e5e6680a3077e0e8f_JaffaCakes118
Size

687KB
MD5

459a9297a2e07f6e5e6680a3077e0e8f
SHA1

ebd085f32e75b02b348dde0d668a636764329986
SHA256

235e2294888c0306a826a2c21b0221a427647ba252bbf48f3fba05656cdee755
SHA512

8b3718ee1b24874de28a672fe03d3cf53c1174342cc2f84fb2067b569f81083dc190fa19261567f7be4aa4b6daea9f2e34ebc0858a7b394c27459c217a0ded12
SSDEEP

12288:v7Q9kkukML3SVLQuLF+JUFswgGBvAruEcrNddDZUdLLiT/Nm+qFe:U9YL3FuLFurkvKuEcRDmds

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
459a9297a2e07f6e5e6680a3077e0e8f_JaffaCakes118

Files

459a9297a2e07f6e5e6680a3077e0e8f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8381c2e700cef7d94820f818969a2e7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\qnqeocxspp\eqejfuvee.pdb

Imports

comctl32

InitCommonControlsEx

gdi32

GetObjectType
SetMapperFlags
Pie
OffsetViewportOrgEx
GetTextExtentPoint32W
ScaleWindowExtEx
ExtFloodFill

user32

MapDialogRect
SetUserObjectSecurity
DestroyWindow
ReuseDDElParam
IsWindowEnabled
FlashWindowEx
SetMessageExtraInfo
LoadMenuW
ActivateKeyboardLayout
GetGUIThreadInfo
SendNotifyMessageA
DdeAccessData
SetActiveWindow
GetMessageW
CreateDialogIndirectParamW
IsWindow
KillTimer
CallMsgFilterW
RegisterClassA
GetCursor
CharLowerA
DefMDIChildProcA
RegisterClassExA
IsWindowUnicode
GetWindowRgn

advapi32

CryptSetProviderExW
RegConnectRegistryA
RegEnumValueA
CryptEnumProvidersW
RegSetValueA
LookupAccountNameW
CreateServiceW
CryptDuplicateHash
RegReplaceKeyA
CryptExportKey
CryptGenKey
RegQueryValueA
RegEnumKeyW

wininet

GopherFindFirstFileW
FtpGetFileEx
ShowSecurityInfo
CreateUrlCacheContainerW
HttpAddRequestHeadersW
DeleteUrlCacheEntryA
FtpSetCurrentDirectoryW
HttpSendRequestExA

kernel32

GetConsoleMode
DebugBreak
GlobalCompact
FreeEnvironmentStringsW
TlsGetValue
GetTimeFormatA
GetLastError
GetCurrentThread
LoadLibraryA
GetOEMCP
CompareStringA
GetStartupInfoA
HeapValidate
VirtualQuery
SetFilePointer
GetUserDefaultLCID
TlsAlloc
GetCurrentProcess
GetWindowsDirectoryW
GetThreadLocale
SetHandleCount
DuplicateHandle
CreateFileA
TlsSetValue
InitializeCriticalSection
FreeLibrary
CloseHandle
LeaveCriticalSection
IsValidCodePage
GetModuleFileNameA
GetCommandLineA
MultiByteToWideChar
WriteConsoleInputA
GetEnvironmentStrings
ContinueDebugEvent
TlsFree
lstrlenA
UnhandledExceptionFilter
SetEnvironmentVariableA
DeleteCriticalSection
WriteConsoleA
GetProcAddress
GetCommandLineW
SetConsoleCtrlHandler
OutputDebugStringA
GetCPInfo
WideCharToMultiByte
TerminateProcess
SetUnhandledExceptionFilter
GetLocaleInfoA
GetStringTypeW
RtlUnwind
IsDebuggerPresent
EnumDateFormatsExW
VirtualFree
GetSystemTimeAsFileTime
RaiseException
GetModuleFileNameW
ExitThread
LoadModule
ExitProcess
WriteFile
GetModuleHandleA
GetDiskFreeSpaceExW
InterlockedExchange
GetFileType
WaitForMultipleObjects
InterlockedIncrement
HeapCreate
QueryPerformanceCounter
LCMapStringW
EnterCriticalSection
GetStartupInfoW
GetStringTypeA
InterlockedDecrement
GetEnvironmentStringsW
IsBadReadPtr
GetConsoleOutputCP
GetCurrentProcessId
SetLastError
HeapReAlloc
GetStdHandle
LoadLibraryW
VirtualAlloc
FlushFileBuffers
GetCurrentThreadId
LCMapStringA
IsValidLocale
HeapFree
OutputDebugStringW
EnumSystemLocalesA
ReadFile
HeapAlloc
CompareStringW
GetTickCount
SetStdHandle
OpenMutexA
GetProcessHeap
HeapDestroy
GetTimeZoneInformation
CreateMutexA
ResetEvent
GetDateFormatA
GetACP
GetConsoleCP
GetLocaleInfoW
WriteConsoleW
GetVersionExA
FreeEnvironmentStringsA

Sections

.text
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8381c2e700cef7d94820f818969a2e7d

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

user32

advapi32

wininet

kernel32

Sections

.text Size: 501KB - Virtual size: 501KB

.rdata Size: 56KB - Virtual size: 72KB

.data Size: 117KB - Virtual size: 117KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 501KB - Virtual size: 501KB

.rdata
Size: 56KB - Virtual size: 72KB

.data
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 11KB - Virtual size: 11KB