463416ef1d742c15c151df1a2acbae58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

463416ef1d742c15c151df1a2acbae58_JaffaCakes118
Size

276KB
MD5

463416ef1d742c15c151df1a2acbae58
SHA1

a69098c2af1d0063e30bef8dcae11b58a9ec8de2
SHA256

4c1796f46c8b6f160c2f04bfd7e12f38714c1bec528d332b1a9441c5bc576891
SHA512

4a08236b4f8422aeefd68b372f12e4654df17554277d4fc0ec6ac8b2916ae0d727e1b7d75e61a037fc74b62f3f76bee59bf1817c99914dc259c0feb7f7131303
SSDEEP

6144:rEibFcRPjvhgh6kUJyC8TwVGt67VYVyCKRF1:bWRrvZIWG+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
463416ef1d742c15c151df1a2acbae58_JaffaCakes118

Files

463416ef1d742c15c151df1a2acbae58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb6eb2727f470827c3844772fd0b8c12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\IZQKNSD\WMAEE\ETY\KZHUPZYE\CRS

Imports

shell32

DuplicateIcon
FindExecutableA
SHGetSpecialFolderLocation
ShellExecuteA
RealShellExecuteExA

advapi32

RegCloseKey
CryptImportKey
CreateServiceW
RegOpenKeyExA
RegQueryValueExA
AbortSystemShutdownA
LookupPrivilegeDisplayNameW
LookupPrivilegeValueA
CryptContextAddRef
RegRestoreKeyA
LookupPrivilegeDisplayNameA
RegEnumValueA
CryptGetDefaultProviderW
CryptDestroyKey
RegSaveKeyA
CryptDuplicateKey
StartServiceA
RegConnectRegistryA
RegQueryInfoKeyW
CryptSetProvParam

comdlg32

LoadAlterBitmap

kernel32

GetStringTypeA
FreeEnvironmentStringsA
WriteFile
TlsFree
OpenMutexA
SetStdHandle
WideCharToMultiByte
GetEnvironmentStrings
HeapSize
GetModuleHandleA
SetHandleCount
GetTimeZoneInformation
CloseHandle
IsValidLocale
VirtualProtect
HeapAlloc
lstrlen
GetModuleFileNameA
LCMapStringA
GetEnvironmentStringsW
GetCommandLineW
TlsSetValue
FlushFileBuffers
UnhandledExceptionFilter
GetCurrentProcessId
CreateMutexA
GetProcAddress
IsBadWritePtr
ExitProcess
RtlUnwind
GetCurrentProcess
GetStartupInfoA
GetThreadTimes
InterlockedExchange
GetModuleFileNameW
GetVersionExA
TlsAlloc
GetFileType
VirtualFree
GetCPInfo
IsValidCodePage
LeaveCriticalSection
TerminateProcess
GetTimeFormatA
GetLocaleInfoA
QueryPerformanceCounter
CompareStringW
GetLocaleInfoW
CompareStringA
GetUserDefaultLCID
GetOEMCP
DeleteCriticalSection
GetCurrentThread
SetEnvironmentVariableA
LoadLibraryA
GetSystemInfo
SetFilePointer
GetCurrentThreadId
GetStringTypeW
GetACP
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoW
FreeEnvironmentStringsW
GetStdHandle
EnumSystemLocalesA
LCMapStringW
HeapReAlloc
MultiByteToWideChar
HeapCreate
GetTickCount
GetLastError
FoldStringA
VirtualQuery
InitializeCriticalSection
VirtualAlloc
GetCommandLineA
SetLastError
GetDateFormatA
HeapDestroy
EnterCriticalSection
ReadFile
TlsGetValue

comctl32

ImageList_Remove
ImageList_DrawIndirect
ImageList_GetImageCount
ImageList_SetFilter
DrawInsert
ImageList_DragLeave
ImageList_Destroy
ImageList_DragShowNolock
InitCommonControlsEx
CreateToolbar
ImageList_DragMove
ImageList_SetBkColor
DrawStatusTextW

gdi32

GetCurrentObject
StartPage
GetGlyphOutlineW
CreateDCA
GetObjectW
GetCharABCWidthsA
ColorCorrectPalette
CreateFontA
GetCharABCWidthsFloatW
DeleteDC
GetDeviceCaps
GetTextAlign
RemoveFontResourceA
GetMapMode
EnumFontFamiliesExA
GetPixelFormat
PolyTextOutW
GetRasterizerCaps
GetFontLanguageInfo
GetEnhMetaFileA
SetICMProfileW
ExtFloodFill

user32

CloseDesktop
CharLowerW
DrawFrameControl
CreateDialogParamW
CharNextW
LoadKeyboardLayoutW
GetSysColor
PostMessageA
ToAsciiEx
CharToOemW
EnumDisplayDevicesW
GetWindowRgn
SwapMouseButton
GetOpenClipboardWindow
EnumThreadWindows
SetMessageQueue
GetWindowLongW
CreatePopupMenu
EmptyClipboard
UnregisterClassA
BeginDeferWindowPos
DlgDirSelectComboBoxExW
ReleaseCapture
SetWindowRgn
SetLastErrorEx
ToUnicodeEx
CascadeWindows
HideCaret
MapWindowPoints
SetMenuDefaultItem
LoadImageA
DdeUninitialize
RegisterDeviceNotificationW
LoadBitmapW
DlgDirListA
ChangeDisplaySettingsW
CreateWindowExA
GetGuiResources
CreateIcon
GetCursor
ShowWindow
ShowScrollBar
GetKBCodePage
GetMenu
SetProcessWindowStation
SetClipboardData
DestroyWindow
CreateDialogIndirectParamA
EnumDisplayDevicesA
SetActiveWindow
GetMenuContextHelpId
SetScrollPos
WindowFromPoint
ShowWindowAsync
IsWindowUnicode
DispatchMessageW
DlgDirListW
GetCaretBlinkTime
SetMenuItemBitmaps
MessageBoxW
SetWinEventHook
OemToCharA
DrawIcon
WINNLSEnableIME
MenuItemFromPoint
BringWindowToTop
MapVirtualKeyW
DefWindowProcA
TranslateAcceleratorW
MessageBoxIndirectA
RegisterClassExA
GetMenuItemRect
SetSysColors
OpenWindowStationW
GetWindowLongA
DlgDirListComboBoxA
IsCharAlphaNumericA
DlgDirSelectExA
EnableWindow
GetMenuStringA
RegisterWindowMessageW
LoadMenuIndirectA
EnumWindowStationsW
InsertMenuW
MessageBoxExA
GetKeyboardState
CreateIconFromResource
DrawFocusRect
DdeCmpStringHandles
LoadCursorFromFileW
RegisterClassA
WINNLSGetEnableStatus
ChangeDisplaySettingsA
GetWindowThreadProcessId
MessageBeep
GetDlgItemInt
GetCursorInfo
LoadBitmapA
AppendMenuW
LoadCursorW
UnhookWindowsHook
GetWindowModuleFileNameW
IsWindow
GetKeyNameTextW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb6eb2727f470827c3844772fd0b8c12

Headers

File Characteristics

PDB Paths

Imports

shell32

advapi32

comdlg32

kernel32

comctl32

gdi32

user32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 114KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 114KB

.rsrc
Size: 24KB - Virtual size: 22KB