4a25e9354b5097f11be1a35160dad33e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a25e9354b5097f11be1a35160dad33e_JaffaCakes118
Size

788KB
MD5

4a25e9354b5097f11be1a35160dad33e
SHA1

e44ccce8f11b489301729e0b9b43e01bab730fad
SHA256

6ab2ab7971d48c06f8b180d0bf47af761dd1ff9f84b9c95daef9d66dc1946657
SHA512

d92fd5c89515798eee559caba81e4675a2782f6af93be6f087301b4d72b5f2cda97ee40f87f54ac22c341ab4d058cafff453a5695b8ebff1c2b22d57e36afa94
SSDEEP

24576:z/Xq2d97+dABmEJeFP3iVjNRqE3UuRjCP9PmuU:z/Dd9KiPsFwpU8junU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a25e9354b5097f11be1a35160dad33e_JaffaCakes118

Files

4a25e9354b5097f11be1a35160dad33e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1693a063db8161a5da0aac57d2907861

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\yqasfgm.pdb

Imports

advapi32

LookupSecurityDescriptorPartsA
CryptAcquireContextW
CryptDestroyHash
LookupPrivilegeNameW
CryptGetHashParam
RegEnumKeyExW
StartServiceW
CryptGenKey
RegCreateKeyExW
CryptHashData
LookupPrivilegeValueA
StartServiceA
CryptAcquireContextA
InitiateSystemShutdownW
RegLoadKeyA
RegEnumKeyExA
ReportEventW
CryptDeriveKey
RegQueryMultipleValuesA
CryptVerifySignatureA
RegCreateKeyA
CryptCreateHash
RevertToSelf

comctl32

ImageList_SetDragCursorImage
ImageList_DrawIndirect
ImageList_GetFlags
ImageList_SetBkColor
ImageList_Merge
GetEffectiveClientRect
ImageList_Replace
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_Duplicate
ImageList_GetIconSize
ImageList_Create

comdlg32

ChooseFontA
ChooseFontW
PageSetupDlgW
FindTextW

kernel32

GetStringTypeW
HeapCreate
GetConsoleOutputCP
IsDebuggerPresent
SetHandleCount
HeapAlloc
GetSystemTimeAsFileTime
InterlockedExchange
LCMapStringW
LoadLibraryA
GetModuleFileNameA
MoveFileW
HeapDestroy
GetCurrentProcess
SetConsoleCtrlHandler
CloseHandle
GetVersionExA
TlsSetValue
GetFileType
HeapSize
WaitNamedPipeA
GetLocaleInfoW
GetModuleFileNameW
CreateMutexA
QueryPerformanceCounter
GetEnvironmentStrings
GetDriveTypeA
IsValidLocale
FreeLibrary
lstrcmp
MultiByteToWideChar
WriteFile
GetCurrentThreadId
WideCharToMultiByte
FindNextFileA
LeaveCriticalSection
LocalAlloc
SetUnhandledExceptionFilter
GetTickCount
VirtualFree
GetThreadTimes
FreeEnvironmentStringsA
GetCurrencyFormatA
GetPrivateProfileIntW
OutputDebugStringA
WriteConsoleW
GetConsoleCP
FlushFileBuffers
DeleteCriticalSection
GetCurrentProcessId
LCMapStringA
GetConsoleMode
CompareStringW
GetStartupInfoA
EnumSystemLocalesA
HeapFree
HeapValidate
GetUserDefaultLCID
SetFilePointer
GetTimeZoneInformation
UnhandledExceptionFilter
InterlockedDecrement
GetCommandLineA
GetLastError
Sleep
InterlockedIncrement
SetEnvironmentVariableA
FreeLibraryAndExitThread
GetDateFormatA
TlsAlloc
GetTimeFormatA
GetCurrentThread
GetACP
GetProcAddress
ExitProcess
RtlUnwind
IsBadReadPtr
TerminateProcess
TlsFree
IsValidCodePage
OpenMutexA
TlsGetValue
ReadFile
FreeEnvironmentStringsW
GetStringTypeA
SetStdHandle
InitializeCriticalSection
CreateFileA
GetOEMCP
FormatMessageA
VirtualQuery
WriteConsoleA
CompareStringA
GetProcessHeap
GetModuleHandleA
GetStartupInfoW
HeapReAlloc
CreateNamedPipeA
GetCommandLineW
GetLocaleInfoA
VirtualAlloc
GetCPInfo
EnterCriticalSection
GetEnvironmentStringsW
SetLastError
GetStdHandle

shell32

ExtractIconW

gdi32

GetKerningPairsW
EnumFontFamiliesW
CreateDCW
TranslateCharsetInfo
SetWindowOrgEx
GetLogColorSpaceA
SetRectRgn
GetClipBox
FillPath
StretchDIBits
GetDeviceCaps
GetObjectA
ScaleViewportExtEx
FrameRgn
SetBkMode
SetMetaFileBitsEx
GetTextExtentExPointW
OffsetViewportOrgEx
CreateBrushIndirect
DeleteDC
CreateDIBPatternBrushPt
SetGraphicsMode
CreateDIBitmap
GetTextExtentPoint32W

user32

GetListBoxInfo
GetWindowPlacement
SendDlgItemMessageA
SetDlgItemTextA
GetInputState
InsertMenuItemA
CreatePopupMenu
GetScrollPos
EnumPropsExW
GetParent
DdeConnect
RegisterClassExA
OpenClipboard
DdeCreateDataHandle
CreateDialogParamW
SetFocus
GetMenuDefaultItem
CharToOemBuffA
GetClipboardSequenceNumber
VkKeyScanExA
RegisterClassA
SetClassLongW
IsCharUpperW
GetMenuState
GetSystemMetrics
GetKeyNameTextW
SetParent
GetSysColorBrush
MessageBoxW
CreateWindowExA
DefWindowProcW
GetWindowTextLengthA
TrackPopupMenu
SetForegroundWindow
GetUpdateRect
MapVirtualKeyW
NotifyWinEvent
GetCursorInfo
PeekMessageW
GetKeyboardLayoutList
DestroyWindow
ReuseDDElParam
GetClassLongW
GetClipCursor
CharLowerBuffA
GetClassNameA
GetSystemMenu
ShowWindow

Sections

.text
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1693a063db8161a5da0aac57d2907861

Headers

File Characteristics

PDB Paths

Imports

advapi32

comctl32

comdlg32

kernel32

shell32

gdi32

user32

Sections

.text Size: 108KB - Virtual size: 104KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 140KB - Virtual size: 168KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 108KB - Virtual size: 104KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 140KB - Virtual size: 168KB

.rsrc
Size: 84KB - Virtual size: 81KB