464d1cc23094500fd51e8ae8eadcdf66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

464d1cc23094500fd51e8ae8eadcdf66_JaffaCakes118
Size

490KB
MD5

464d1cc23094500fd51e8ae8eadcdf66
SHA1

376ad20a05db89c44e9d7dbcf3ceaf788c717ea0
SHA256

3166b1935c5e60df1a62872b2641460a57dc0cfa4936ac156ecdf86f10122f55
SHA512

9b052faf436d3055f1bf57b6566c7b09a64e6d09fee7f6d6ae7bdd204ec29bc04cdccf440dad333b125b32f1856622cf448ca98d7739e2b541821329837ca1ad
SSDEEP

12288:3tn6MhsWVn1o7y+XN+h+VB1gY99DJP3oQgYnn/UBTP:3J6MKa5EaaB1HPYbE/UB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464d1cc23094500fd51e8ae8eadcdf66_JaffaCakes118

Files

464d1cc23094500fd51e8ae8eadcdf66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ece830640f7c5a800cedd99b227b18c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\FOPDYGLAE.PDB

Imports

gdi32

ExtTextOutA
AbortDoc
DeleteObject
SetPixelV
TextOutA
StretchBlt
SetPixel
GetGlyphOutlineA
StartDocA
CloseEnhMetaFile
MoveToEx
GetPath
RemoveFontResourceA
CreateSolidBrush
SetColorSpace
GetBitmapBits
ResetDCW
PatBlt
CheckColorsInGamut
GetTextMetricsA

comctl32

InitCommonControlsEx

user32

RegisterClassExA
CreateWindowExW
GetMessageTime
wvsprintfW
RegisterClassA
RemovePropA
CharUpperW
ShowWindow
TrackPopupMenu
CreateWindowStationA
GetPriorityClipboardFormat
GetTitleBarInfo
GetMenuCheckMarkDimensions
MessageBoxA
AnyPopup
GetDCEx
AppendMenuW
GetClipboardFormatNameA
OffsetRect
NotifyWinEvent

shell32

SHInvokePrinterCommandW
SHFileOperationA
SHGetDiskFreeSpaceA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

kernel32

WriteProfileSectionA
InterlockedDecrement
HeapDestroy
QueryPerformanceCounter
ReadFile
InterlockedExchange
InitializeCriticalSection
VirtualAlloc
RtlUnwind
GetSystemTimeAsFileTime
UnhandledExceptionFilter
EnterCriticalSection
GetStdHandle
MultiByteToWideChar
LoadLibraryA
IsBadWritePtr
SetEnvironmentVariableA
FlushFileBuffers
SetLastError
SetHandleCount
GetCurrentThread
OpenMutexA
GetStringTypeW
UnlockFile
GetACP
HeapReAlloc
HeapFree
TransmitCommChar
CompareStringA
GetStartupInfoA
FoldStringA
GetModuleFileNameA
VirtualFree
TlsSetValue
LoadLibraryExA
GetUserDefaultLCID
CreateMutexA
GetStringTypeA
GetCurrentThreadId
LCMapStringW
LeaveCriticalSection
LCMapStringA
SleepEx
ExitProcess
GetVersion
GetOEMCP
GetCurrentProcess
GetCPInfo
InterlockedIncrement
FreeEnvironmentStringsW
WriteFile
GetTickCount
GetModuleHandleW
TlsAlloc
GetWindowsDirectoryA
VirtualQuery
GetLocalTime
GetCurrentProcessId
GetModuleHandleA
FreeEnvironmentStringsA
CloseHandle
SetFileAttributesA
FindFirstFileExA
SetFilePointer
GetFileType
TerminateProcess
GetSystemTime
SetConsoleTitleA
TlsFree
GetEnvironmentStringsW
HeapAlloc
GetLastError
GetProcAddress
DeleteCriticalSection
GetEnvironmentStrings
GetTimeZoneInformation
GetCommandLineA
HeapValidate
HeapCreate
TlsGetValue
WideCharToMultiByte
SetStdHandle
CompareStringW

advapi32

RegQueryValueExA
RegLoadKeyA
RegOpenKeyA
CryptSignHashW
RegDeleteValueW
InitiateSystemShutdownW
CryptAcquireContextW
CryptEnumProviderTypesA
LookupPrivilegeValueW
CreateServiceA
CryptGenKey
RegEnumKeyW
CryptSetProviderExA
CryptDeriveKey
LookupAccountNameW
RegCreateKeyA
RegEnumKeyExW
CryptGetProvParam
RegQueryValueExW
CryptSetProviderW
RegOpenKeyExW
CryptSignHashA

Sections

.text
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece830640f7c5a800cedd99b227b18c9

Headers

File Characteristics

PDB Paths

Imports

gdi32

comctl32

user32

shell32

comdlg32

kernel32

advapi32

Sections

.text Size: 344KB - Virtual size: 344KB

.rdata Size: 20KB - Virtual size: 33KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 344KB - Virtual size: 344KB

.rdata
Size: 20KB - Virtual size: 33KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 11KB - Virtual size: 11KB