492d61db92f801bb9073693ffed84b5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

492d61db92f801bb9073693ffed84b5c_JaffaCakes118
Size

600KB
MD5

492d61db92f801bb9073693ffed84b5c
SHA1

6051cae35c9adfc165b21837fd54ab8f587c958f
SHA256

78c51b1463e42621e9ebd939389123fb08b5354817c39e7f325624b5bcb989dd
SHA512

d289341aeeb0afde6a51856cf6508d0b87883e6645ed7c5f8813e9119113752f48c58c536bcfb74974b5dbc30d821151dea15433bd206156c973308698e4f075
SSDEEP

12288:18W0nm4CjGi391rIMO7fskn0jqwG8miaswoh55MFpcDvG9a3:19Am4CiiN/O774qj8xtq03

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
492d61db92f801bb9073693ffed84b5c_JaffaCakes118

Files

492d61db92f801bb9073693ffed84b5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

134aa0a3fb44c411a3b8421a9642cc32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\eogcese

Imports

user32

GetMenuStringW
GetWindowLongA
RegisterClassA
EnumDisplayMonitors
GetClipboardViewer
GetNextDlgGroupItem
ChangeMenuW
DlgDirListComboBoxW
TabbedTextOutW
ExitWindowsEx
EndMenu
MessageBoxW
FrameRect
ShowOwnedPopups
ShowWindowAsync
RegisterClassExA
wsprintfA
RegisterWindowMessageW
UnregisterClassW
wvsprintfA
GetUserObjectInformationA
CreateDesktopW
BeginDeferWindowPos
GetCaretBlinkTime
GetWindowContextHelpId
DestroyWindow
CreateWindowExA
KillTimer
GetWindowModuleFileNameA
GetAncestor
EnableWindow
GetWindowLongW
LoadIconA
GetPropA
ShowWindow
DefWindowProcA
SetDoubleClickTime
DefDlgProcW
GetCursorPos
DialogBoxParamW
GetScrollBarInfo
ToAscii
GetThreadDesktop
GetMenuBarInfo
TileWindows
SystemParametersInfoW
OpenDesktopW
LoadAcceleratorsW
LoadImageW
IsCharUpperW

advapi32

RegNotifyChangeKeyValue
ReportEventW
CryptEnumProviderTypesW
CryptEnumProvidersA
RegQueryInfoKeyA
LookupPrivilegeValueA
RegOpenKeyA
CryptSignHashW
RegFlushKey
CryptDuplicateHash
CryptGetHashParam
CryptSetProviderA
LookupAccountSidW
CryptContextAddRef
LogonUserW
CryptSetProviderW
ReportEventA

shell32

SHQueryRecycleBinW
SHFileOperationW
ShellExecuteA
ExtractIconA

wininet

InternetSecurityProtocolToStringA

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringW
HeapAlloc
GetStringTypeA
GetTimeZoneInformation
GetStartupInfoA
EnterCriticalSection
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
GetLocaleInfoW
FreeEnvironmentStringsA
TlsSetValue
QueryPerformanceCounter
GetCurrentThreadId
MultiByteToWideChar
HeapSize
FindNextChangeNotification
GetCommandLineA
GetCPInfo
GetFileType
GetLastError
GetCurrentProcessId
GetStringTypeW
CompareStringW
TlsFree
WaitCommEvent
GetEnvironmentVariableW
GetProcAddress
WaitNamedPipeW
CompareStringA
GetUserDefaultLCID
lstrcmpi
GetOEMCP
VirtualLock
HeapCreate
FillConsoleOutputCharacterA
OpenMutexA
SetStdHandle
FormatMessageA
FreeEnvironmentStringsW
GetVersionExA
GetSystemInfo
VirtualProtect
DeleteFileA
InterlockedExchange
HeapDestroy
SetSystemTime
HeapFree
HeapReAlloc
IsValidCodePage
VirtualQuery
ExitProcess
RtlUnwind
TerminateProcess
SetLastError
TlsGetValue
EnumSystemLocalesA
VirtualFree
CreateWaitableTimerA
LCMapStringA
CreateMutexA
ContinueDebugEvent
FlushFileBuffers
LoadLibraryA
DeleteCriticalSection
GetCurrentProcess
ReadFile
GetTickCount
SetHandleCount
GetModuleHandleA
GetConsoleCP
GetLocaleInfoA
GetDateFormatW
IsBadWritePtr
GetModuleFileNameA
GetStdHandle
IsValidLocale
VirtualAlloc
CloseHandle
InitializeCriticalSection
WideCharToMultiByte
GetACP
SetFilePointer
CreateDirectoryExW
GetDateFormatA
SetEnvironmentVariableA
TlsAlloc
GetTimeFormatA
UnhandledExceptionFilter
CreateEventW
GetCurrentThread

comctl32

ImageList_Read
ImageList_EndDrag
ImageList_DrawEx
CreateToolbarEx
DrawInsert
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_Copy
InitMUILanguage
ImageList_LoadImageA
ImageList_GetIcon
ImageList_SetImageCount
ImageList_SetFlags
InitCommonControlsEx
ImageList_Destroy
ImageList_SetIconSize
MakeDragList

comdlg32

PrintDlgA
PageSetupDlgW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

134aa0a3fb44c411a3b8421a9642cc32

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

shell32

wininet

kernel32

comctl32

comdlg32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 116KB - Virtual size: 123KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 116KB - Virtual size: 123KB

.rsrc
Size: 48KB - Virtual size: 44KB