4d6001b9cc27bfad414e994cfc77dccb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d6001b9cc27bfad414e994cfc77dccb_JaffaCakes118
Size

452KB
MD5

4d6001b9cc27bfad414e994cfc77dccb
SHA1

e5f326f78b9da88a6a26fdc244a480c026dd54f6
SHA256

3afbbee1d91136238213513cb2e3c21f1d50df21081b33e1b1fb54db1d18fa9b
SHA512

9f1f9d12d39e998cf376e9abd5a63acbd8f28dd8e4412cc2e584dffd672035828f85d813d4fd924505c1fa75b6848e361530cdd4fbc68dc0f09e76d91a646859
SSDEEP

12288:IFPajZTXrPp86AA3tCfCzoontCYkpoy2Ilpe8OrWH:IGXrPp86A96zoGtjIoeO4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d6001b9cc27bfad414e994cfc77dccb_JaffaCakes118

Files

4d6001b9cc27bfad414e994cfc77dccb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5fcce5265565e7b1e842a224cb809f71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\tccwmle.PDB

Imports

shell32

ShellExecuteEx
SHGetDataFromIDListA
DoEnvironmentSubstA

comctl32

InitCommonControlsEx
DrawStatusTextA
ImageList_Read

gdi32

SetGraphicsMode
GetDeviceCaps
GetFontData
PolyTextOutW
GetKerningPairs
CreateSolidBrush
GetMapMode
GetArcDirection
PlayMetaFileRecord
ExtSelectClipRgn

advapi32

RegSetValueW
RegEnumValueA
RegOpenKeyW
CryptDuplicateKey
CryptSetProvParam
LookupPrivilegeDisplayNameW
CryptGetHashParam
RegCreateKeyA
CryptDestroyHash
RegQueryInfoKeyW
AbortSystemShutdownW
CryptSetProviderExA
CryptGetDefaultProviderW
CryptGetKeyParam
RegSetValueExW
CryptGenKey
RegFlushKey
CryptGetProvParam
RegDeleteValueA
CryptCreateHash
RegOpenKeyExA
RegCreateKeyW
ReportEventW

comdlg32

FindTextW
GetSaveFileNameA

user32

EnumDesktopWindows
InsertMenuItemA
SetPropW
CheckMenuItem
DdeUninitialize
BlockInput
IsCharLowerA
WindowFromDC
ScrollDC
SetWindowLongW
GetDlgItemTextA
OemToCharBuffW
SetMenu
PostThreadMessageA
LoadBitmapW
GetMessageTime
ValidateRgn
GetKeyboardLayoutNameW
CreateWindowStationW
DestroyWindow
TabbedTextOutW
EnumDisplaySettingsA
ChildWindowFromPoint
GetCaretBlinkTime
GetWindowTextLengthW
DrawAnimatedRects
CharLowerA
IsDlgButtonChecked
GetClipboardViewer
ChangeMenuW
UnhookWindowsHook
ShowWindowAsync
DdeReconnect
RegisterClassExA
CharPrevA
DrawTextW
DestroyCursor
LoadCursorFromFileW
GetWindowLongW
ChangeDisplaySettingsExW
IsDialogMessage
CopyAcceleratorTableW
IsCharAlphaA
ArrangeIconicWindows
DlgDirSelectComboBoxExW
OemKeyScan
EnableWindow
TranslateMessage
OemToCharA
SetParent
IsCharAlphaNumericA
ActivateKeyboardLayout
VkKeyScanW
MonitorFromPoint
CopyAcceleratorTableA
RegisterClassA
GetKeyboardLayoutList
DlgDirListW
MapVirtualKeyA
FlashWindow
OpenClipboard
CharPrevExA
LoadMenuIndirectW
DdeAddData
EndDialog
CreateWindowExA
BroadcastSystemMessageA
SetDeskWallpaper
RegisterHotKey
GetUpdateRect
CopyIcon
GetWindowTextW
GetClipboardData
DrawStateA
EnumWindowStationsA
ShowWindow
FreeDDElParam
GetMenuInfo
DdeAbandonTransaction
GetActiveWindow
DefWindowProcW
MessageBoxW
EnumPropsW
CallMsgFilterW
GetProcessWindowStation
DdeUnaccessData
SetWindowContextHelpId
EnumChildWindows
MessageBeep
GetCursor
SetDlgItemTextW
GetClassLongA
ChangeMenuA
ModifyMenuA
WindowFromPoint
GetDlgItem
IsMenu
GetKeyNameTextA
wsprintfW

kernel32

GetCurrentProcess
GetModuleHandleW
HeapAlloc
EnterCriticalSection
QueryPerformanceCounter
VirtualAlloc
GetEnvironmentStrings
SetEnvironmentVariableA
LoadLibraryW
TerminateProcess
IsValidLocale
SetFilePointer
GetCurrentThreadId
Sleep
SetWaitableTimer
WriteConsoleW
HeapCreate
ReadFile
GetLocaleInfoW
HeapReAlloc
GetModuleFileNameA
GetConsoleOutputCP
CreateFileA
GetEnvironmentStringsW
GetCurrentProcessId
GetTimeFormatA
GetStdHandle
TlsAlloc
lstrlenA
HeapDestroy
GetDateFormatA
OutputDebugStringW
VirtualQuery
InterlockedExchange
OutputDebugStringA
SetHandleCount
SetLastError
InterlockedIncrement
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetLastError
InterlockedDecrement
GetLocaleInfoA
IsBadReadPtr
WriteFile
FreeEnvironmentStringsA
GetProcessHeap
GetProcAddress
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetStringTypeA
GetConsoleCP
GetCPInfo
GetFileType
UnhandledExceptionFilter
LoadLibraryA
GetStringTypeW
LCMapStringW
CreateMutexA
HeapValidate
CloseHandle
FreeLibrary
FlushFileBuffers
TlsFree
TlsSetValue
EnumDateFormatsExW
CompareStringA
LocalSize
TlsGetValue
GetOEMCP
ExitProcess
GetCompressedFileSizeW
GetCurrentThread
DeleteCriticalSection
SetUnhandledExceptionFilter
GetTickCount
LCMapStringA
GetModuleHandleA
GlobalUnfix
GetUserDefaultLCID
RaiseException
IsDebuggerPresent
HeapSize
GetCommandLineA
WaitNamedPipeA
IsValidCodePage
RtlUnwind
GetStartupInfoA
EnumSystemLocalesA
CompareStringW
GetModuleFileNameW
SetStdHandle
GetSystemTimeAsFileTime
GetTimeZoneInformation
DebugBreak
GetACP
GetConsoleMode
SetConsoleCtrlHandler
FreeEnvironmentStringsW
LeaveCriticalSection
OpenMutexA
HeapFree

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fcce5265565e7b1e842a224cb809f71

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

gdi32

advapi32

comdlg32

user32

kernel32

Sections

.text Size: 204KB - Virtual size: 201KB

.rdata Size: 136KB - Virtual size: 135KB

.data Size: 88KB - Virtual size: 92KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 204KB - Virtual size: 201KB

.rdata
Size: 136KB - Virtual size: 135KB

.data
Size: 88KB - Virtual size: 92KB

.rsrc
Size: 20KB - Virtual size: 16KB