4a454b5c541743dea22f31948cf671fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a454b5c541743dea22f31948cf671fd_JaffaCakes118
Size

716KB
MD5

4a454b5c541743dea22f31948cf671fd
SHA1

f104cb2bd1f6e3beaf35d66e16c2b1513696b3a3
SHA256

28357725010cb6b98de90307cb6c64d097061b0dc5ba0ded963f9d43be4081ec
SHA512

f534d6927dd6b190ad2a092f39cd2f44567e92c17d0415a494c396ee245849934492079d28c2a6bdde199fafc4004ee834909216410223fa80778e0697b53958
SSDEEP

12288:65RcaF0w6UAvrWkSxxZSzt4SI7yfUgLUC0EK7+w17EY5Tlpm518n4+UEFpGV4ywQ:mRcaF04AvrW7tYt1I7y8gv0E0B1m518K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a454b5c541743dea22f31948cf671fd_JaffaCakes118

Files

4a454b5c541743dea22f31948cf671fd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0af66a8e1c5ea5e910c233ca13c153

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\abepggrs.pdb

Imports

kernel32

GetCPInfo
CreateProcessA
GetCurrentThread
LCMapStringW
SetLocaleInfoA
LoadLibraryA
RtlMoveMemory
GetCurrentProcess
LCMapStringA
GetSystemTimeAsFileTime
SetStdHandle
FindFirstFileExW
InterlockedExchange
ExpandEnvironmentStringsA
SetEnvironmentVariableA
SetFileTime
GetLongPathNameW
GetLastError
GetStringTypeA
GetSystemTime
WideCharToMultiByte
DeleteFileA
TlsGetValue
GetLocalTime
GetProcAddress
FindAtomW
TlsAlloc
AllocConsole
CreateMutexW
VirtualQuery
SystemTimeToFileTime
lstrlen
IsBadWritePtr
GetModuleFileNameW
DeleteFileW
GlobalFindAtomW
TlsFree
GetCurrentThreadId
FindNextChangeNotification
CompareStringW
ReadConsoleOutputAttribute
HeapReAlloc
SetLastError
CreateMutexA
HeapDestroy
GetFileType
FreeEnvironmentStringsA
InterlockedDecrement
ReadConsoleInputA
SetFilePointer
GetThreadLocale
HeapLock
GetFileAttributesExW
GetDiskFreeSpaceExA
GetStdHandle
GetVersion
SleepEx
CloseHandle
InterlockedIncrement
GetACP
WritePrivateProfileStructW
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
MoveFileA
GetEnvironmentStrings
GetModuleFileNameA
PulseEvent
DeleteCriticalSection
RtlUnwind
VirtualFree
GetOEMCP
TlsSetValue
WriteProfileSectionW
Sleep
GetCommandLineA
EnumSystemCodePagesW
FreeEnvironmentStringsW
GetTickCount
MapViewOfFileEx
ReadFile
SetHandleCount
WriteFile
GlobalReAlloc
CommConfigDialogW
GetTimeZoneInformation
HeapCreate
VirtualProtect
DebugActiveProcess
WaitNamedPipeW
MultiByteToWideChar
ExitProcess
GetThreadTimes
FlushFileBuffers
GetCurrentProcessId
GetStartupInfoA
HeapAlloc
GlobalUnfix
GetCompressedFileSizeW
GetEnvironmentStringsW
TerminateProcess
CreatePipe
EnterCriticalSection
SystemTimeToTzSpecificLocalTime
VirtualAllocEx
SetThreadPriority
OpenMutexA
GetDiskFreeSpaceA
HeapFree
VirtualAlloc
EnumSystemLocalesW
DosDateTimeToFileTime
CompareStringA
GetModuleHandleA
GetWindowsDirectoryW
InitializeCriticalSection
GetCurrentDirectoryW
UnhandledExceptionFilter
SetEndOfFile
QueryPerformanceCounter
CreateRemoteThread
GetStringTypeW

comctl32

ImageList_BeginDrag
CreatePropertySheetPageA
ImageList_Write
ImageList_GetImageRect
ImageList_Destroy
ImageList_SetOverlayImage
ImageList_GetIcon
InitMUILanguage
DestroyPropertySheetPage
ImageList_DragShowNolock
CreateToolbarEx
ImageList_AddMasked
MakeDragList
InitCommonControlsEx
ImageList_Read
ImageList_LoadImageW
ImageList_SetBkColor
CreatePropertySheetPage
ImageList_GetImageCount
ImageList_ReplaceIcon
ImageList_AddIcon
ImageList_Duplicate
CreateStatusWindowW
ImageList_DrawIndirect
ImageList_LoadImage
ImageList_SetFilter

wininet

FindFirstUrlCacheEntryExA
InternetSetDialState
InternetInitializeAutoProxyDll

user32

DlgDirListA
GetUpdateRgn
GetPriorityClipboardFormat
CreateMDIWindowW
SendDlgItemMessageW
DlgDirSelectExW
CreateDialogParamW
DrawFrameControl
GetClassInfoExW
PtInRect
GetKeyNameTextA
CharNextW
GetCursorPos
UnpackDDElParam
GetDlgItemTextA
SetCursor
GetUserObjectSecurity
GetMenuCheckMarkDimensions
GetMenuContextHelpId
DispatchMessageA
EnumDisplaySettingsA
ShowCaret
SetMessageQueue
CreateWindowExA
LoadMenuA
EqualRect
DrawFrame
SendMessageTimeoutW
IsCharLowerA
ToUnicode
RegisterClassA
EnumPropsExA
SetDebugErrorLevel
GetDoubleClickTime
CharUpperW
GetWindowPlacement
LoadBitmapW
CallWindowProcA
LookupIconIdFromDirectory
InvalidateRect
DeleteMenu
CharPrevA
ShowWindow
ClientToScreen
WINNLSGetEnableStatus
GetWindowTextA
UpdateWindow
RegisterClassExA
DestroyWindow
CharNextExA
DefWindowProcA
EndDialog
EnumPropsW
SetPropW
GetAsyncKeyState
GetWindowLongW
IsRectEmpty
GetScrollInfo
MessageBoxA

comdlg32

ReplaceTextA
PrintDlgW
ChooseColorA
GetSaveFileNameW

shell32

DragAcceptFiles
SHLoadInProc
ShellHookProc
SHInvokePrinterCommandW

gdi32

CreatePolyPolygonRgn
GetKerningPairsA
PolylineTo
LPtoDP
CreateColorSpaceA
EnableEUDC
GetKerningPairsW
AbortDoc
CopyEnhMetaFileA
StretchDIBits
CreateFontA
GetWindowExtEx
SetFontEnumeration
StartDocA
PlayEnhMetaFileRecord
GetSystemPaletteUse
EnumICMProfilesA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae0af66a8e1c5ea5e910c233ca13c153

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

wininet

user32

comdlg32

shell32

gdi32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 448KB - Virtual size: 444KB

.data Size: 140KB - Virtual size: 144KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 448KB - Virtual size: 444KB

.data
Size: 140KB - Virtual size: 144KB

.rsrc
Size: 52KB - Virtual size: 48KB