4b662dd9f4d9b54f6f6b022b812ce590_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4b662dd9f4d9b54f6f6b022b812ce590_JaffaCakes118
Size

552KB
MD5

4b662dd9f4d9b54f6f6b022b812ce590
SHA1

e3f559a0c55c5adf291e50996a2d8f0e8ebe7a41
SHA256

b116fa2d3899dd053611691cb24acc79c4ec2b477462818fc323a7ccecf56490
SHA512

5e3553c08a4ae63fba8931a56474650939f562e857430ba2060b972498e0b6a187a28d60bd918a91217ce54b6a6f2a25e978731261419f605739ae188458daa2
SSDEEP

12288:ew58CxECPnDsO90oHEHKq2AIrMqYMmdkYkIlc+93DcBn:egYZO9MHrzIrtYMu5kIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b662dd9f4d9b54f6f6b022b812ce590_JaffaCakes118

Files

4b662dd9f4d9b54f6f6b022b812ce590_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01d720590c13cd7a2c9645b1516bfffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\wbsrbpu.pdb

Imports

comctl32

ImageList_Add
DrawStatusTextW
InitCommonControlsEx
ImageList_DragLeave
ImageList_AddIcon
CreatePropertySheetPageA
ImageList_Replace
ImageList_Write
ImageList_Create
ImageList_SetBkColor
DrawStatusText
ImageList_DrawEx
ImageList_Duplicate
ImageList_GetImageInfo
ImageList_GetDragImage
CreateStatusWindowA
ImageList_Merge
ImageList_SetFilter
GetEffectiveClientRect
ImageList_GetBkColor
ImageList_LoadImageA
ImageList_Destroy
DrawInsert
CreatePropertySheetPageW

user32

LoadAcceleratorsW
IsChild
GetKeyState
PackDDElParam
ChildWindowFromPointEx
CallNextHookEx
TranslateAcceleratorW
EnumWindowStationsA
EnableScrollBar
CreateWindowStationA
CharLowerW
InternalGetWindowText
BeginDeferWindowPos
GetClassInfoA
GetPriorityClipboardFormat
DestroyWindow
GetClassInfoExA
DdeCreateDataHandle
IntersectRect
RealChildWindowFromPoint
BroadcastSystemMessageW
DdeUnaccessData
GetUpdateRect
EnumDesktopsW
SetWindowLongA
MapDialogRect
SetCursorPos
IsCharAlphaW
GetWindowModuleFileNameA
GetDCEx
DefWindowProcA
RegisterClassExA
ShowWindow
CreateWindowExW
GetQueueStatus
RegisterDeviceNotificationA
TileWindows
FindWindowExW
SetMenuContextHelpId
MessageBoxA
GetThreadDesktop
RemovePropW
LoadKeyboardLayoutW
DrawIconEx
RegisterClassA
RedrawWindow
ClipCursor
CopyIcon
LoadMenuIndirectW
DialogBoxIndirectParamA
SystemParametersInfoA

kernel32

FlushInstructionCache
FileTimeToDosDateTime
GetProcAddress
LeaveCriticalSection
CreateSemaphoreA
ExitProcess
LocalHandle
EnumResourceNamesW
GetStringTypeExW
GetStringTypeW
SetHandleCount
IsValidLocale
GetNamedPipeHandleStateW
CloseHandle
EnumTimeFormatsW
TlsSetValue
WideCharToMultiByte
HeapCreate
GetCPInfo
EnumResourceTypesA
RtlUnwind
IsBadWritePtr
VirtualProtect
ReadFile
FreeEnvironmentStringsW
InitializeCriticalSection
GetDateFormatA
GetLastError
CompareStringW
OpenEventW
VirtualQuery
CompareFileTime
QueryPerformanceCounter
GetStdHandle
DeleteCriticalSection
EnterCriticalSection
EnumSystemLocalesA
CreateMutexA
SetStdHandle
OpenWaitableTimerA
LCMapStringW
GetOEMCP
FreeEnvironmentStringsA
GetNamedPipeInfo
GetSystemTimeAdjustment
ReadConsoleOutputCharacterW
GetCurrentDirectoryA
GetLocaleInfoW
SetLastError
UnhandledExceptionFilter
GetTimeFormatA
GetFileType
GetSystemInfo
GetModuleFileNameA
HeapAlloc
GetStringTypeA
GetTickCount
GetPrivateProfileSectionNamesW
GetEnvironmentStringsW
VirtualAlloc
LCMapStringA
TerminateProcess
GetModuleHandleA
GetCommandLineA
HeapReAlloc
CompareStringA
HeapSize
GetDateFormatW
TlsFree
WriteFile
GetVersionExA
SetEnvironmentVariableA
CreateFileMappingA
GetSystemTimeAsFileTime
TlsAlloc
GetTimeZoneInformation
GetLocaleInfoA
FlushFileBuffers
VirtualFree
CreateMailslotW
HeapDestroy
GetDriveTypeW
SetEnvironmentVariableW
TlsGetValue
GetCurrentThreadId
GetEnvironmentStrings
GetStartupInfoA
LoadLibraryA
GlobalUnfix
CopyFileA
OpenMutexA
EnumCalendarInfoW
SetFilePointer
GetCurrentThread
GetACP
FoldStringA
HeapFree
GetCurrentProcess
MultiByteToWideChar
InterlockedExchange
SetCurrentDirectoryA
FindResourceExA
GetCurrentProcessId
GetUserDefaultLCID
GetFullPathNameW
IsValidCodePage
LockResource
MapViewOfFileEx

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01d720590c13cd7a2c9645b1516bfffb

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 114KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 114KB

.rsrc
Size: 20KB - Virtual size: 18KB