4dee91df29302e34bd59b61caaaf1849_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4dee91df29302e34bd59b61caaaf1849_JaffaCakes118
Size

336KB
MD5

4dee91df29302e34bd59b61caaaf1849
SHA1

7f9c6b86afb82da9fe4f25c3002f6cce000e0cd3
SHA256

e4faf6430bd2e4facf8ac821cca10345a48983d0cb1908ed682917e3f6c45376
SHA512

b6ea436719cba3ce4e7f43b882e102cbfde6be13d263fd84a1517b11462d9a6b4c72f4c0f5db73c1bd32b9d5b29944526b8665c4a96cfbc48ee4e3b190fe9e54
SSDEEP

6144:oq7Nplj8dFQNtlu6U/Um3OtjtMeWXcMFhrIwqgBlxiDNlcaS:xMyblECq3hBqYkNlca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4dee91df29302e34bd59b61caaaf1849_JaffaCakes118

Files

4dee91df29302e34bd59b61caaaf1849_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5d9f3a6200546584dbf4e1b306834bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\armoz\byx\pmbdweism\cnmango\dpfr\acogr.pdb

Imports

gdi32

CreateBrushIndirect
GetEnhMetaFileA
CreateMetaFileA
SetSystemPaletteUse
GetICMProfileA
GetRegionData
AbortDoc
CreateBitmap
SetPixel
SetRectRgn
TextOutW
GetDeviceCaps
FixBrushOrgEx
GetGlyphOutlineW
CreateHalftonePalette
EnumFontFamiliesW
GetTextMetricsA
DeviceCapabilitiesExA
OffsetClipRgn

comdlg32

GetFileTitleA
FindTextW
ChooseColorW
ChooseFontA

user32

SetMessageQueue
UnregisterHotKey
DrawStateA
WINNLSGetEnableStatus
SetWindowsHookExW
SetClassLongA
LoadMenuIndirectA
DlgDirListComboBoxW
SetActiveWindow
ExitWindowsEx
BeginDeferWindowPos
GetMonitorInfoA
DdeKeepStringHandle
DrawTextExA
GetClipboardOwner
NotifyWinEvent
LoadCursorW
GetDlgItemTextA
SetWindowWord
GetWindowPlacement
SetFocus
CreateAcceleratorTableA
SetSystemCursor
SystemParametersInfoW
TranslateMDISysAccel
WinHelpW
SystemParametersInfoA
EnumWindowStationsA
SetDebugErrorLevel
ChangeMenuA
DrawMenuBar
FlashWindow
ShowWindow
EndDialog
SetClipboardData
BlockInput
DrawIcon
IsDialogMessage
GetScrollBarInfo
GetSysColor
ImpersonateDdeClientWindow
GetMenuDefaultItem
SetWindowsHookExA
CountClipboardFormats
DrawTextA
GetWindowRect
GetScrollInfo
LoadAcceleratorsW
GetParent
RegisterClassA
SwapMouseButton
GetCapture
GetSystemMetrics
VkKeyScanExW
InsertMenuItemA
EnumPropsW
CreatePopupMenu
RegisterClassExA
GetDlgItem
MapDialogRect
SetDlgItemTextA
GetMenuItemCount
DestroyWindow
AdjustWindowRectEx
GetScrollPos
PackDDElParam
wsprintfW
GetWindowTextW
SendIMEMessageExW
DefWindowProcA
MessageBoxW
FindWindowExA
SwitchDesktop
SetCapture
UnionRect
GetClipCursor
DrawStateW
SetWindowPlacement
EnumDesktopsA
ShowWindowAsync
FindWindowExW
CharToOemBuffA
CopyImage
SetProcessDefaultLayout
SetCursor
IsWindowUnicode
TrackMouseEvent
ScrollWindowEx
PaintDesktop
CreateWindowExW
IsWindow
SetKeyboardState
GetProcessWindowStation
DdeClientTransaction
BroadcastSystemMessageA
IsIconic
ActivateKeyboardLayout
LoadCursorA

comctl32

ImageList_Create
DrawInsert
ImageList_SetFlags
CreatePropertySheetPageW
ImageList_GetImageCount
CreateUpDownControl
CreateStatusWindowA
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_LoadImageA
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_LoadImage
InitCommonControlsEx
ImageList_GetDragImage

kernel32

GetSystemTimeAsFileTime
OpenMutexA
WideCharToMultiByte
ReadFile
InitializeCriticalSection
GetThreadContext
GetCommandLineW
GetCurrentThread
GetCommandLineA
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
EnumCalendarInfoExW
SetStdHandle
FlushFileBuffers
InterlockedExchange
HeapAlloc
InterlockedIncrement
HeapReAlloc
InterlockedDecrement
TerminateProcess
TlsSetValue
GetCurrentProcessId
GetSystemTime
FreeEnvironmentStringsW
IsBadWritePtr
GetModuleFileNameA
GetTimeZoneInformation
GetCPInfo
WriteFile
UnhandledExceptionFilter
HeapDestroy
LeaveCriticalSection
GetModuleFileNameW
MultiByteToWideChar
HeapCreate
GetLastError
GetPrivateProfileStringA
SetHandleCount
GetStringTypeA
QueryPerformanceCounter
TlsGetValue
GetSystemDirectoryA
SetLastError
CreateMutexA
ReadConsoleInputW
DeleteCriticalSection
GlobalCompact
VirtualQuery
VirtualFree
HeapFree
WriteConsoleOutputAttribute
GetStringTypeW
CompareStringA
VirtualAlloc
SetEnvironmentVariableA
TlsAlloc
FreeEnvironmentStringsA
LCMapStringA
GetStdHandle
SetFilePointer
GetTickCount
ExitProcess
GetVersion
IsDebuggerPresent
GetFileType
TlsFree
EnterCriticalSection
GetProcAddress
CompareStringW
LoadLibraryA
CloseHandle
CreateFileW
GetLocalTime
GetEnvironmentStringsW
LCMapStringW
VirtualFreeEx
GetEnvironmentStrings
RtlUnwind
GetStartupInfoW
GetCurrentThreadId

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5d9f3a6200546584dbf4e1b306834bc

Headers

File Characteristics

PDB Paths

Imports

gdi32

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 104KB - Virtual size: 102KB

.data Size: 88KB - Virtual size: 115KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 104KB - Virtual size: 102KB

.data
Size: 88KB - Virtual size: 115KB

.rsrc
Size: 24KB - Virtual size: 21KB