4c953066133ef6759dc321a0759c1ccd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c953066133ef6759dc321a0759c1ccd_JaffaCakes118
Size

196KB
MD5

4c953066133ef6759dc321a0759c1ccd
SHA1

e34d5d7382dcc80afe3cd36da4d9bb4220ac37d4
SHA256

e3fb2af906679fcc2938440e150127c9e7eac9f7775cf9f3e9c8519f9e8fbac5
SHA512

5da81e186d469d85227301a9d774cff7e7eb68d3658653ef0a83f92cd08f4b59ea451a1a65259471b22cab5f441f08a24b48662c3c2061646008fa1d894a2ab9
SSDEEP

3072:3uy8EqmrhgaPPhX04b/EH8ilGkQk1gAgwKwmgWmBTXN0qpCePB1:RRbrZ9Db/EqkQkrtm4Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c953066133ef6759dc321a0759c1ccd_JaffaCakes118

Files

4c953066133ef6759dc321a0759c1ccd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abf9fc08e12109700d70ef31aaf6b98d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

\\10.0.0.5\current\Visual Studio Projects\UberIcon Manager\Release\UberIcon Manager.pdb

Imports

kernel32

GetUserDefaultUILanguage
GetProcAddress
GetModuleFileNameW
LoadLibraryW
FreeLibrary
FindNextFileW
FindFirstFileW
SetPriorityClass
GetCurrentProcess
SetCurrentDirectoryW
GetLastError
GetACP
InterlockedExchange
GetStringTypeW
GetStringTypeA
GetCPInfo
GetLocaleInfoA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
FlushFileBuffers
SetStdHandle
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LCMapStringW
ReleaseMutex
WaitForSingleObject
CreateMutexW
CloseHandle
GetFileAttributesW
GetPrivateProfileStringW
GetStartupInfoA
LCMapStringA
SetUnhandledExceptionFilter
TerminateProcess
GetOEMCP
WriteFile
GetVersionExA
GetStartupInfoW
GetModuleHandleA
HeapAlloc
HeapFree
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
RaiseException
RtlUnwind

user32

SetWindowsHookExW
UnhookWindowsHookEx
PostQuitMessage
MessageBoxW
UpdateLayeredWindow
GetMonitorInfoW
MonitorFromPoint
GetCursorPos
SetWindowLongW
GetWindowLongW
SetRect
LoadIconW
SetClassLongW
LoadCursorW
SetWindowPos
GetPropW
ReleaseCapture
GetCapture
EndDialog
SetCapture
SetPropW
GetWindowRect
PtInRect
MapWindowPoints
CreateWindowExW
DestroyCursor
BeginPaint
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
RegisterClassExW
RegisterWindowMessageW
EndPaint
DefWindowProcW
CreatePopupMenu
AppendMenuW
CheckMenuItem
SetForegroundWindow
TrackPopupMenu
PostMessageW
DialogBoxParamW
DestroyMenu

gdi32

SelectObject
DeleteDC
DeleteObject
CreateCompatibleDC

advapi32

RegOpenKeyExW
RegDeleteValueW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExW

shell32

Shell_NotifyIconW
ShellExecuteW

gdiplus

GdipAlloc
GdipDeleteBrush
GdipCreateStringFormat
GdipDeleteStringFormat
GdipDeleteGraphics
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipDeleteFont
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipCreateFont
GdipDrawString
GdipGetImageGraphicsContext
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipBitmapSetPixel
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFile
GdipFree

Exports

Exports

AddOption
GetIconRect
GetOption
GetOptionFromGroup
GetOptionString
SetOption
SetOptionGroupMode
SetOptionString
Translate

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abf9fc08e12109700d70ef31aaf6b98d

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

gdiplus

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 84KB - Virtual size: 84KB