4d38dfcefc43713ca64378f62d9f3216_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d38dfcefc43713ca64378f62d9f3216_JaffaCakes118
Size

368KB
MD5

4d38dfcefc43713ca64378f62d9f3216
SHA1

c2899f6ab0dfdf3eef8356c643e421296d2e2737
SHA256

da114cd9c7b9f7d66111523c206bbec377d26e60eecccc694639d24a9c757301
SHA512

a68609e6262916ff15998e094fe30d6f1e470dabaeb1bb99c687cd8090db17970aaf8a1c8d938f1182a35e1fba57f8127f69cc6eaa55bae93ce3b7c7c9e64e2e
SSDEEP

6144:ZiMIrLecDzPAVklmheRvFgjy+3isF7LIIfsFQiOHHj4T:ZzInecDzYufvAx1/v4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d38dfcefc43713ca64378f62d9f3216_JaffaCakes118

Files

4d38dfcefc43713ca64378f62d9f3216_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18bd38cd8ad755b1ec7f148c854f0490

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\irxkv\onhi\soexc

Imports

user32

SystemParametersInfoW
GetDCEx
RegisterClassExA
MapVirtualKeyExA
SetUserObjectInformationW
RegisterClassW
SubtractRect
IsCharAlphaNumericW
SetScrollInfo
CreateWindowExA
DrawIconEx
CharLowerBuffW
IsDlgButtonChecked
GetUpdateRect
RegisterClipboardFormatA
EnumPropsExA
VkKeyScanA
GetCursorPos
SetParent
BroadcastSystemMessageW
DdeQueryConvInfo
DrawEdge
DlgDirListA
SetWindowTextW
RemoveMenu
GetPriorityClipboardFormat
WindowFromPoint
GetSystemMenu
GetForegroundWindow
TileWindows
SetMessageQueue
MonitorFromRect
EnumDesktopWindows
GetKBCodePage
GetWindowDC
DlgDirListW
MenuItemFromPoint
LoadCursorW
AnyPopup
DefFrameProcA
LookupIconIdFromDirectoryEx
GetMonitorInfoA
PeekMessageA
EndTask
ChangeDisplaySettingsExW
GetPropA
InSendMessage
BeginDeferWindowPos
SwitchToThisWindow
FrameRect
GetWindow
DlgDirSelectExW
DestroyWindow
CharToOemBuffW
GetClipboardViewer
GetClipboardFormatNameA
GetMenuStringW
GetMenuItemRect
ValidateRgn
GetWindowRgn
BlockInput
ArrangeIconicWindows
BroadcastSystemMessage
EnumDisplaySettingsW
DrawStateW
LoadStringW
GetKeyboardType
CopyAcceleratorTableA
IsCharLowerW
LoadIconW
UnregisterDeviceNotification
UnregisterClassA
DdeReconnect
EnableWindow
CharUpperA
GetWindowTextW
LoadKeyboardLayoutA
DrawTextExA
RegisterClassA
EnumDisplaySettingsA
DlgDirListComboBoxW
UnionRect
EnumPropsW
UnhookWindowsHookEx
DestroyCaret
InvalidateRgn
ValidateRect
EnableScrollBar
DdeSetQualityOfService
TrackPopupMenu
TrackMouseEvent
DrawTextExW
ChangeClipboardChain
GetTabbedTextExtentW
SetMenuItemBitmaps
DefMDIChildProcA
RegisterClipboardFormatW
GetWindowWord
EndDialog

comctl32

InitCommonControlsEx
ImageList_SetIconSize

kernel32

GetCurrentThreadId
lstrlenW
WriteFileEx
GetThreadPriority
RtlFillMemory
IsValidCodePage
GetCommandLineA
HeapFree
CreateToolhelp32Snapshot
EnumSystemLocalesA
GetVersionExA
LoadLibraryA
LCMapStringA
GetStringTypeA
GetStartupInfoA
SetEnvironmentVariableA
GetCurrentThread
lstrcpyn
TlsGetValue
VirtualAlloc
GetPrivateProfileStructA
WriteConsoleOutputA
CopyFileA
CreateMutexA
GetLocaleInfoA
IsBadWritePtr
ExitProcess
GetLocaleInfoW
TerminateProcess
GetCurrentDirectoryW
GetOEMCP
GetVolumeInformationA
GetConsoleMode
GetStartupInfoW
GetUserDefaultLCID
GetEnvironmentStringsW
GetFileType
DeleteCriticalSection
GetModuleFileNameA
LCMapStringW
WideCharToMultiByte
GetPrivateProfileSectionW
VirtualQuery
HeapAlloc
GetSystemInfo
CloseHandle
GetCurrentDirectoryA
CompareStringA
LeaveCriticalSection
GetDateFormatA
FlushFileBuffers
FreeEnvironmentStringsW
SetHandleCount
GetMailslotInfo
GetProcessHeaps
FindFirstFileA
ResumeThread
WriteFile
GetCommandLineW
GetUserDefaultLangID
FindResourceExW
QueryPerformanceCounter
VirtualProtect
GetStringTypeW
GetModuleFileNameW
OpenMutexA
SetFilePointer
SetConsoleCursorInfo
GetConsoleCursorInfo
ReadFile
SetLastError
GetCurrentProcessId
Sleep
HeapSize
IsValidLocale
InterlockedExchange
FreeEnvironmentStringsA
EnterCriticalSection
GetProcAddress
InitializeCriticalSection
CompareFileTime
MoveFileW
GetPrivateProfileStringW
VirtualFree
TransactNamedPipe
GetCurrentProcess
MoveFileExA
CompareStringW
RtlUnwind
GetTimeFormatA
GetTimeZoneInformation
GetTickCount
EnumResourceNamesW
GetCPInfo
GetEnvironmentStrings
HeapReAlloc
SetStdHandle
GetLastError
GetSystemTimeAsFileTime
WriteConsoleOutputCharacterW
TlsFree
HeapDestroy
GetStdHandle
HeapCreate
MultiByteToWideChar
UnhandledExceptionFilter
GetProfileStringW
TlsAlloc
GetACP
GetProfileIntW
GetModuleHandleA
TlsSetValue

gdi32

MoveToEx
CreateFontA

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18bd38cd8ad755b1ec7f148c854f0490

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

gdi32

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 105KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 105KB

.rsrc
Size: 20KB - Virtual size: 16KB