49288a71facd68ded9c237e18b345487_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

49288a71facd68ded9c237e18b345487_JaffaCakes118
Size

388KB
MD5

49288a71facd68ded9c237e18b345487
SHA1

4066dd0c1407fd7fa3fcd8c65abbc77aedac9402
SHA256

bb3d34fb4ebef2ed81637140705cd50b46291151ab3e2a2c7b916b8b9d8fd902
SHA512

1f2a58af18452b0e58526c889c565902c8a964c8c2df95d08b14f29120602cc51027129790917ae2781959459e52ddc062ae14a50df56d9b69c72ef672f6c2e3
SSDEEP

6144:zV02S1e7aFDIAQtuqZz+oHQYNvjteQ2sw5ZBltib:zVy1VqAouaznJ0w0C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49288a71facd68ded9c237e18b345487_JaffaCakes118

Files

49288a71facd68ded9c237e18b345487_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a258abb646c80a86a18239dbc5a1bd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\pkkeo\gaf\eutg\yblssknonk\ofounme\scymyt.pdb

Imports

user32

SetDebugErrorLevel
RegisterClassExA
PeekMessageW
SendNotifyMessageA
DdeAddData
GetUserObjectInformationW
PackDDElParam
GetKeyboardLayoutList
MapVirtualKeyExW
SendMessageTimeoutW
RegisterClassA
GetMessageW
GetClassInfoA
AppendMenuW
GetWindowModuleFileNameA
GetPropA
GetMenuBarInfo
SystemParametersInfoW
ExcludeUpdateRgn
CharPrevExA
GetAltTabInfo
DestroyCursor
CharPrevA
CreateIcon
DdeConnect

comctl32

ImageList_Copy
ImageList_DrawEx
ImageList_Duplicate
InitMUILanguage
InitCommonControlsEx
ImageList_Merge
CreateToolbar
CreatePropertySheetPageW
ImageList_SetDragCursorImage
DrawStatusText
ImageList_SetFilter
DrawStatusTextW
ImageList_SetImageCount
ImageList_ReplaceIcon

gdi32

GetViewportOrgEx
GetTextExtentPointA
SetBkColor
SetGraphicsMode
CreateFontIndirectA
DeleteObject
CreateCompatibleBitmap
GetObjectA
CreateSolidBrush
StretchDIBits
GetCharWidth32A
GetPixelFormat
OffsetWindowOrgEx
MoveToEx
CreateDCW
PolylineTo
DeleteEnhMetaFile
DeleteDC
GetCurrentObject
GetDeviceCaps
EnumFontFamiliesExW

kernel32

GetConsoleOutputCP
CreateMutexA
FreeLibrary
CompareStringA
GetModuleHandleA
GetTickCount
GetProcAddress
OutputDebugStringA
GetCurrentProcess
MapViewOfFileEx
GetStdHandle
HeapAlloc
HeapFree
GetPrivateProfileStructW
CreateRemoteThread
GetTimeZoneInformation
GetCommandLineW
GetConsoleCP
LeaveCriticalSection
EnumSystemLocalesA
GetLocaleInfoW
FreeEnvironmentStringsW
GetProfileSectionW
GetModuleFileNameA
GetProcAddress
VirtualQueryEx
GetStartupInfoW
QueryPerformanceCounter
SetStdHandle
HeapSize
SetUnhandledExceptionFilter
TlsSetValue
ReadConsoleOutputAttribute
GetCurrentDirectoryA
FindFirstFileExA
GetProcessHeaps
GetComputerNameA
CloseHandle
GetTimeFormatA
GetThreadPriority
GetCommandLineA
ExitProcess
WaitNamedPipeW
TlsGetValue
SetConsoleCtrlHandler
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThread
SetEvent
SetFilePointer
GetThreadTimes
FindAtomA
VirtualQuery
GetNamedPipeHandleStateW
GetModuleHandleW
GetOEMCP
CopyFileA
WideCharToMultiByte
SetLastError
WriteConsoleA
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCompressedFileSizeA
MoveFileExW
HeapReAlloc
lstrcatA
GetLocalTime
HeapCreate
FreeEnvironmentStringsA
GetFileType
GetStringTypeW
GetStartupInfoA
GetACP
GetEnvironmentStringsW
InterlockedExchange
ReadFile
GetDiskFreeSpaceA
LoadLibraryW
GetCPInfo
CreateDirectoryExW
EnumCalendarInfoW
Sleep
WriteProfileSectionA
GetConsoleMode
RtlUnwind
CreateFileA
GetLastError
GetProfileSectionA
FindFirstFileExW
GetEnvironmentStrings
MultiByteToWideChar
DeleteCriticalSection
CreateMailslotA
InitializeCriticalSectionAndSpinCount
GlobalGetAtomNameA
EnumDateFormatsExA
CreateSemaphoreW
LoadLibraryA
lstrcpy
UnhandledExceptionFilter
GlobalAddAtomW
GetLocaleInfoA
WriteFile
SetEnvironmentVariableW
SetEnvironmentVariableA
SetHandleCount
TerminateProcess
VirtualAlloc
ResetEvent
lstrcmp
GetCurrencyFormatW
lstrcpynA
InterlockedIncrement
GetDateFormatA
WaitForDebugEvent
CompareStringW
TlsFree
FoldStringW
WriteConsoleW
SetPriorityClass
TlsAlloc
GetDriveTypeW
InterlockedDecrement
EnterCriticalSection
VirtualFree
ResumeThread
FlushFileBuffers
GetPrivateProfileStringA
IsValidLocale
CreateMutexW
FileTimeToLocalFileTime
FindResourceExW
OpenWaitableTimerW
SetVolumeLabelW
GetAtomNameA
EnumResourceTypesA
IsValidCodePage
GetThreadContext
LCMapStringW
OpenMutexA
WriteConsoleOutputCharacterA
GetUserDefaultLCID
WriteFileEx
SetFileAttributesA
HeapDestroy
GetStringTypeA
InitializeCriticalSection
PulseEvent
GetSystemInfo
OpenSemaphoreA
LCMapStringA
LocalShrink

advapi32

RegSetValueA
RegOpenKeyW
LookupPrivilegeDisplayNameA
CryptAcquireContextW
DuplicateTokenEx
ReportEventW

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a258abb646c80a86a18239dbc5a1bd9

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

advapi32

Sections

.text Size: 136KB - Virtual size: 135KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 100KB - Virtual size: 124KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 136KB - Virtual size: 135KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 100KB - Virtual size: 124KB

.rsrc
Size: 76KB - Virtual size: 74KB