4cdbb1ca62e98a3a558eaaa96ab98837_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4cdbb1ca62e98a3a558eaaa96ab98837_JaffaCakes118
Size

772KB
MD5

4cdbb1ca62e98a3a558eaaa96ab98837
SHA1

723458a1da8476996a9e51cfee958c3441bf34da
SHA256

92e93e05a931fdc1628b7aa1cb10c9b6385f3d2a5620df73c613ebceabedd04b
SHA512

a66ca837cdfc32d9e2793b3896c90d9936afec0145afc33c381124074af7228fe1cd45fc586c073ab8da475a8895cb651f2da6d4d88e6e36d6021c0b740deefa
SSDEEP

12288:htUAZQesYuxHkMg5CdvlJldQ8MzBCoKllTlfKqyXBAsLMJS8cLFjY:3UANsYj5CdzldQLBCf51Kn++MkLFc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cdbb1ca62e98a3a558eaaa96ab98837_JaffaCakes118

Files

4cdbb1ca62e98a3a558eaaa96ab98837_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb8638d41d7b2e52708301e287a86995

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\zporjjayiy\bdoq\fr

Imports

user32

CreateDesktopA
KillTimer
GetWindowModuleFileNameA
GetFocus
EndTask
EnumDisplaySettingsExA
GetKBCodePage
ReleaseDC
GetAsyncKeyState
GetAltTabInfo
ScrollWindow
GetQueueStatus
DefDlgProcA
RegisterClassA
DefWindowProcW
MsgWaitForMultipleObjectsEx
SetDebugErrorLevel
SetWindowWord
DialogBoxParamW
GetClassNameW
CharPrevA
EnumWindows
GetClassInfoA
MapWindowPoints
IsCharLowerA
ClipCursor
VkKeyScanW
CharToOemA
SetShellWindow
EnumDisplaySettingsExW
DdeSetUserHandle
GetDCEx
CopyIcon
SetMenuItemBitmaps
DrawTextA
ExitWindowsEx
SetPropW
VkKeyScanExW
GetComboBoxInfo
ToAsciiEx
MapVirtualKeyExA
CallMsgFilterA
LoadStringA
CharToOemBuffW
SetLastErrorEx
PostMessageA
OemToCharBuffW
InvertRect
SetMessageExtraInfo
CheckRadioButton
CreateAcceleratorTableA
DdeQueryConvInfo
RegisterClassExA
RedrawWindow

gdi32

MaskBlt
PolyTextOutW
CreatePatternBrush
CreatePenIndirect
CreateColorSpaceW
GetTextExtentExPointW
Rectangle
PolyTextOutA
SetAbortProc
GetBitmapBits

shell32

ShellExecuteExA
DragQueryPoint
DragQueryFileW

comctl32

InitCommonControlsEx
ImageList_DragLeave
ImageList_BeginDrag
ImageList_SetOverlayImage
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_Read
ImageList_DragShowNolock
CreatePropertySheetPageW
_TrackMouseEvent
ImageList_GetImageRect
ImageList_GetImageInfo
CreateToolbar
CreateToolbarEx
ImageList_Duplicate
InitMUILanguage
ImageList_GetIconSize

kernel32

TlsAlloc
GetFileType
GetCurrentThreadId
SetLocalTime
HeapReAlloc
GlobalAlloc
CopyFileA
GetLocalTime
GetPrivateProfileSectionA
QueryPerformanceCounter
FormatMessageW
GetTimeZoneInformation
GetCPInfo
GetStartupInfoA
GetModuleHandleA
WritePrivateProfileSectionA
GetProfileIntA
GetEnvironmentStrings
GetCurrentProcessId
FlushFileBuffers
LCMapStringA
TlsFree
InterlockedIncrement
OpenMutexA
VirtualQueryEx
ExitProcess
LCMapStringW
LocalLock
LockFileEx
DeleteCriticalSection
HeapAlloc
TlsGetValue
GetDiskFreeSpaceW
MultiByteToWideChar
GetProcAddress
GetSystemDefaultLCID
GetStringTypeA
CreateEventW
HeapCreate
TlsSetValue
GetLastError
LoadResource
SetHandleCount
EnumTimeFormatsW
EnumCalendarInfoExA
InterlockedExchange
GetStringTypeW
GetFileAttributesExW
GetEnvironmentVariableA
EnterCriticalSection
GetModuleFileNameA
VirtualAllocEx
WriteFile
SetFilePointer
GetSystemTime
OpenProcess
GetPrivateProfileStructW
ReadFile
GlobalGetAtomNameA
EnumCalendarInfoW
IsBadWritePtr
WaitNamedPipeA
GlobalCompact
CompareStringW
LoadLibraryA
GetTempFileNameA
GetACP
lstrcmpi
SetEnvironmentVariableA
OpenFile
GetAtomNameA
CreateMutexA
FreeEnvironmentStringsA
SetStdHandle
LeaveCriticalSection
UnhandledExceptionFilter
SetLastError
GetVersion
GetEnvironmentVariableW
GetStdHandle
VirtualFree
GetOEMCP
GetProcessHeap
TerminateProcess
GetCommandLineA
CloseHandle
GetDiskFreeSpaceExA
GetCurrentThread
VirtualAlloc
HeapDestroy
InitializeCriticalSection
WideCharToMultiByte
GetCurrentProcess
GetSystemTimeAsFileTime
LocalCompact
VirtualQuery
GetLocaleInfoA
HeapFree
GetProfileStringW
GetPrivateProfileStructA
InterlockedDecrement
GetComputerNameW
LockResource
FindResourceW
FreeEnvironmentStringsW
GetShortPathNameW
GetTickCount
RtlUnwind
GetFileAttributesExA
WriteProfileStringA
GetEnvironmentStringsW
GetModuleFileNameW
CompareStringA

comdlg32

GetFileTitleA
FindTextA
GetOpenFileNameW

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 445KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb8638d41d7b2e52708301e287a86995

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

shell32

comctl32

kernel32

comdlg32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 448KB - Virtual size: 445KB

.data Size: 136KB - Virtual size: 145KB

.rsrc Size: 108KB - Virtual size: 106KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 448KB - Virtual size: 445KB

.data
Size: 136KB - Virtual size: 145KB

.rsrc
Size: 108KB - Virtual size: 106KB