5a2f7e840de170259bf62021ce9b1cb8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5a2f7e840de170259bf62021ce9b1cb8_JaffaCakes118
Size

364KB
MD5

5a2f7e840de170259bf62021ce9b1cb8
SHA1

d61655b4bde9660cd27149d841fa43190a0a48f9
SHA256

0801db373160c58febffda87a11fab41a9f06a3ff8afb16ea0467305449ea94c
SHA512

5ca0f53c0ab1972bc75dccdbe46853a368cc6f26446ec5ae5e40ced076adb66e4415595ddac140fdc51aa967012c7b78ccea901cadce6ea878dd199aa66a7bfc
SSDEEP

6144:50JOWu9uuwocd/6UXmFIc5T+VvG9WU1Ibhl7qS35ebA9Tmat/Ho3hwuRffjLd:8y9Cv6HFI8SVvwybhl7qS3U09TrHqumD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a2f7e840de170259bf62021ce9b1cb8_JaffaCakes118

Files

5a2f7e840de170259bf62021ce9b1cb8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea1a40ad00ffb2b2471da623311c62a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\oogogve\oreyr\ypermiznev.PDB

Imports

comctl32

ImageList_DrawIndirect
ImageList_SetDragCursorImage
ImageList_SetIconSize
DrawStatusText
CreateUpDownControl
ImageList_Replace
InitCommonControlsEx
ImageList_DragShowNolock
DrawInsert
ImageList_Write
MakeDragList
ImageList_GetDragImage
ImageList_DragMove
ImageList_LoadImageA
CreateToolbarEx
_TrackMouseEvent
DrawStatusTextW
ImageList_Destroy

kernel32

GetFileTime
FillConsoleOutputAttribute
GetCommandLineW
GetStartupInfoW
GetCurrentProcessId
GetStringTypeW
GetDiskFreeSpaceExW
FindNextFileA
GetCurrentProcess
WaitNamedPipeW
DeleteCriticalSection
SetHandleCount
CompareFileTime
OpenEventA
WaitCommEvent
GetLastError
InterlockedIncrement
SetStdHandle
ExitProcess
GetTempPathA
UnlockFileEx
OpenMutexA
SetVolumeLabelW
EnumTimeFormatsA
VirtualQuery
GetStartupInfoA
GetModuleHandleA
GlobalLock
LoadLibraryA
GetDiskFreeSpaceA
TlsAlloc
GetProfileSectionW
GetFileAttributesExW
GetTimeZoneInformation
VirtualFree
OutputDebugStringA
GetTickCount
CommConfigDialogA
ReadConsoleOutputCharacterW
DebugBreak
HeapCreate
GetCurrentThread
GetProcAddress
GetSystemTimeAsFileTime
GetCommandLineA
TlsFree
HeapFree
PulseEvent
FindResourceExW
LocalUnlock
WriteFile
EnumResourceLanguagesA
RtlUnwind
SetFilePointer
GetExitCodeProcess
SetLastError
GetCPInfo
GetLocalTime
GetUserDefaultLCID
CreateDirectoryW
InterlockedDecrement
OpenEventW
CreateNamedPipeA
CompareStringW
GetPriorityClass
LCMapStringA
LeaveCriticalSection
EnumSystemCodePagesA
GetVersion
GlobalFix
MultiByteToWideChar
CloseHandle
CreateFileMappingA
WriteFileEx
HeapAlloc
SetEnvironmentVariableA
InterlockedExchange
FreeResource
GetLogicalDrives
GetFileType
GetCompressedFileSizeW
GetDriveTypeA
FindNextFileW
FormatMessageA
LocalSize
LoadLibraryExA
DeleteFileA
SetLocaleInfoW
GetVersionExW
GetPrivateProfileSectionNamesW
GetModuleFileNameW
WriteProfileSectionA
AddAtomW
ReleaseMutex
SetEndOfFile
CreateMailslotA
GetEnvironmentStrings
WritePrivateProfileStructA
GetModuleFileNameA
InitializeCriticalSection
RaiseException
GetCurrentThreadId
CopyFileA
GetConsoleMode
IsBadWritePtr
UnhandledExceptionFilter
GetProfileSectionA
FoldStringA
GlobalHandle
GetWindowsDirectoryA
QueryPerformanceCounter
FreeEnvironmentStringsW
GetEnvironmentStringsW
LCMapStringW
GetSystemTime
CompareStringA
EnterCriticalSection
GetVolumeInformationW
GetTimeFormatA
HeapReAlloc
LockFileEx
GetStdHandle
ReadFile
TerminateProcess
FlushFileBuffers
WideCharToMultiByte
ResumeThread
TlsSetValue
TlsGetValue
CreateMutexA
GetStringTypeA
MoveFileW
HeapDestroy
VirtualAlloc
FreeEnvironmentStringsA

advapi32

RegConnectRegistryW
RegNotifyChangeKeyValue
RegEnumKeyW
LookupPrivilegeDisplayNameW
InitializeSecurityDescriptor
RegSaveKeyW
CryptSetKeyParam
ReportEventW
CryptSetProviderExW
CryptSetHashParam
CryptHashSessionKey
CryptGenRandom
InitiateSystemShutdownW
RegOpenKeyExW
RegQueryInfoKeyW
RegConnectRegistryA

user32

EnumPropsA
CreateWindowExA
PeekMessageA
GetDCEx
ShowOwnedPopups
RemoveMenu
DefWindowProcW
OemToCharBuffW
DdeQueryNextServer
DdeQueryConvInfo
DestroyWindow
SetUserObjectInformationW
SetDlgItemTextA
GetClassInfoExA
MessageBoxW
RegisterClassA
InsertMenuW
DialogBoxIndirectParamW
ReleaseDC
RegisterClassExA
SetForegroundWindow
DefWindowProcA
GetScrollBarInfo
GetClipboardSequenceNumber
ShowWindow
BringWindowToTop
GetDlgCtrlID
InsertMenuItemW

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea1a40ad00ffb2b2471da623311c62a9

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

advapi32

user32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 92KB - Virtual size: 109KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 92KB - Virtual size: 109KB

.rsrc
Size: 60KB - Virtual size: 59KB