59ea3f5ced076c00a9f36bfe1a9744d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

59ea3f5ced076c00a9f36bfe1a9744d7_JaffaCakes118
Size

472KB
MD5

59ea3f5ced076c00a9f36bfe1a9744d7
SHA1

a66c37dfd074069012c14dbe0510c8c1b897bf35
SHA256

ba1776d7825fd69d33bd1b8ea0094ef7ef41d2f68d9d64472b1040ee314324d1
SHA512

c189d2341788fa9fbb938e6e8b45cb769ef30b36b515acc5d2bfe23d9cacdf744cb8b763c1bd4e72a57f76b50eb2e90071fee28eeccb1aab0870fda6e3bae592
SSDEEP

6144:Qm0EWKj9Qf/413Ut0j4Q1p3l39P5cPaj5YsbKan7XLLF3iqXoUB+0s1zPBxU:QTDKjS2sMH39pj5t7PF3iajraBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59ea3f5ced076c00a9f36bfe1a9744d7_JaffaCakes118

Files

59ea3f5ced076c00a9f36bfe1a9744d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e120550aff271a66088c06128c5c7699

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\pdosptsdsq.pdb

Imports

shell32

DragQueryFileA
ExtractIconEx

kernel32

GetVersion
GetSystemTimeAsFileTime
GetStringTypeA
InitializeCriticalSection
SetEnvironmentVariableA
GetFileType
lstrcpynW
GetUserDefaultLCID
GetCurrentThread
GetCurrentProcessId
GetProcessShutdownParameters
SetStdHandle
CloseHandle
GetExitCodeProcess
OpenMutexA
LCMapStringW
RtlUnwind
TlsSetValue
WriteFile
GetTickCount
TryEnterCriticalSection
TlsAlloc
SetCurrentDirectoryW
LeaveCriticalSection
InterlockedIncrement
SetConsoleTextAttribute
GetEnvironmentStrings
ReadFile
LoadLibraryA
GetThreadTimes
UnhandledExceptionFilter
SetEnvironmentVariableW
HeapDestroy
LCMapStringA
DeleteFileA
SetLastError
ExitProcess
EnterCriticalSection
HeapFree
GetStringTypeW
GetEnvironmentStringsW
FindResourceExA
GetCommandLineA
FreeEnvironmentStringsW
IsBadReadPtr
GetStartupInfoA
LoadLibraryW
GetStdHandle
GetSystemTime
FreeEnvironmentStringsA
lstrcatA
GetLocalTime
GetPrivateProfileStringW
DeleteCriticalSection
CompareStringW
EnumResourceLanguagesW
VirtualQuery
GetConsoleCursorInfo
GetModuleFileNameA
QueryPerformanceCounter
SetTimeZoneInformation
WideCharToMultiByte
SetFilePointer
HeapAlloc
HeapReAlloc
SetHandleCount
MultiByteToWideChar
GetTimeZoneInformation
CreateRemoteThread
GetProcAddress
FlushFileBuffers
IsBadWritePtr
FindResourceExW
GetACP
GetModuleHandleA
WriteConsoleOutputAttribute
TerminateProcess
InterlockedExchange
TlsGetValue
TlsFree
GlobalFlags
GetLastError
GetAtomNameA
VirtualAlloc
VirtualFree
HeapCreate
GetOEMCP
CompareStringA
GetCurrentProcess
GetLogicalDriveStringsW
GetNumberFormatA
GetCurrentDirectoryW
CreateMutexA
GetCPInfo
WriteConsoleOutputCharacterA
GetCurrentThreadId
InterlockedDecrement

user32

LoadCursorA
DdeConnect
CreateMDIWindowA
GetComboBoxInfo
DrawTextExW
ReplyMessage
KillTimer
MonitorFromRect
RegisterClipboardFormatW
MapVirtualKeyExW
CreateWindowStationA
GetClassLongW
SwitchToThisWindow
DlgDirSelectExW
ChildWindowFromPoint
ChangeMenuW
CharUpperBuffW
LoadMenuW
SetCapture
DrawStateW
EnumPropsExA
IsDialogMessageA
SetCursorPos
EnumDisplayDevicesA
ModifyMenuA
DrawAnimatedRects
RegisterClassA
BroadcastSystemMessage
LoadStringW
PostThreadMessageA
PeekMessageA
SetUserObjectInformationW
LoadIconW
InflateRect
CreateIconFromResource
InSendMessage
GetMenuInfo
WindowFromDC
DefMDIChildProcW
DialogBoxIndirectParamA
EnumChildWindows
GetDC
OpenClipboard
TrackPopupMenuEx
LoadMenuA
TrackMouseEvent
CharPrevW
ChangeDisplaySettingsA
GetWindowDC
LoadBitmapA
MoveWindow
EndDialog
GetUserObjectInformationA
GetAncestor
SetCursor
IsMenu
GetWindowModuleFileNameW
GetMessageExtraInfo
LoadCursorFromFileW
SendMessageTimeoutW
PostMessageA
DdeQueryStringA
IsWindowVisible
RegisterClassExA
CharUpperA
GetCursorInfo
DdeAddData
RegisterDeviceNotificationA
SetSystemCursor
ArrangeIconicWindows
CallMsgFilterA
CreateAcceleratorTableW
MsgWaitForMultipleObjectsEx
ChangeDisplaySettingsExW
ChildWindowFromPointEx
SetUserObjectInformationA
OffsetRect
RegisterClassW
MessageBoxExA
AdjustWindowRectEx
SwapMouseButton
PostQuitMessage
CallMsgFilter
CharNextA
UnloadKeyboardLayout
GetForegroundWindow
CallMsgFilterW
SetShellWindow
MapDialogRect
VkKeyScanExW
CallNextHookEx
DefFrameProcW
GetQueueStatus
GetMenuItemRect
InSendMessageEx
DrawEdge
SendMessageW
DrawIconEx
DdeCreateDataHandle
DlgDirSelectComboBoxExA

wininet

InternetCrackUrlW
FtpRemoveDirectoryW
GopherOpenFileW
InternetDial

comctl32

ImageList_LoadImageW
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_Read
ImageList_BeginDrag
CreateUpDownControl
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_LoadImageA
ImageList_SetIconSize
CreateStatusWindowA
DrawStatusText
MakeDragList

advapi32

RegEnumKeyExA
RegQueryValueW
AbortSystemShutdownA

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e120550aff271a66088c06128c5c7699

Headers

File Characteristics

PDB Paths

Imports

shell32

kernel32

user32

wininet

comctl32

advapi32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 100KB - Virtual size: 106KB

.rsrc Size: 80KB - Virtual size: 79KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 100KB - Virtual size: 106KB

.rsrc
Size: 80KB - Virtual size: 79KB