5d6b6d4bd0bd9a37032a9c627d6ac16a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5d6b6d4bd0bd9a37032a9c627d6ac16a_JaffaCakes118
Size

932KB
MD5

5d6b6d4bd0bd9a37032a9c627d6ac16a
SHA1

49f7d0967c9d0448caed27febdcbc72d776e3852
SHA256

ba94ca5819fccd685bffd5277450d5c9ffe0494e00f68ab9eee19f3d8e145adb
SHA512

4796750a04d7c1b824f4a5696b34fba382651589d2d4676a76d7754df14795725f7eb77f847f48b2a76bac743b6cefc13231644ef658bc02ae7bd6ff2eb36f03
SSDEEP

24576:AQRPmoCfIo7XsRNtWRZgIOHPa1zr+LJLpFnpN7:AAPoAtKdOC1zcNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d6b6d4bd0bd9a37032a9c627d6ac16a_JaffaCakes118

Files

5d6b6d4bd0bd9a37032a9c627d6ac16a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c37ddfb02f8fdc91d76764d2f6c5e2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\tceqjo\eeehcwdgp\ecwsihyoad\rkb\rtdexgicc.pdb

Imports

shell32

SHGetMalloc
ShellExecuteW
ord155
DragQueryFileW
SHGetPathFromIDListW
DragFinish

user32

CreateWindowExW
ReleaseDC
UnhookWindowsHookEx
ReleaseCapture
RegisterClassExW
SetActiveWindow
GetMenuState
FillRect
GetSubMenu
OffsetRect
SetParent
GetWindowRect
DrawFocusRect
SetCursor
PostQuitMessage
LoadIconW
EndDeferWindowPos
GetSystemMetrics
SystemParametersInfoW
EnableMenuItem
SetWindowPlacement
InvalidateRgn
MessageBoxW
UnregisterClassA
UpdateWindow
InvalidateRect
GetScrollInfo
IsMenu
SetWindowsHookExW
CheckMenuItem
SetCapture
DefWindowProcW
SetWindowPos
GetMessagePos
IsWindow
TrackPopupMenu
SetRect
GetActiveWindow
DeferWindowPos
DrawStateW
CharNextW
SetFocus
GetFocus
MapWindowPoints
UnregisterClassW
UnpackDDElParam
IsWindowVisible
WindowFromPoint
LoadAcceleratorsW
SetScrollPos
GetDC
DestroyCursor
IsChild
GetDCEx
GetWindowDC
SetMenuDefaultItem
GetWindow
GetCursorPos
InsertMenuW
CopyRect
IsWindowEnabled
PostMessageW
GetWindowTextW
DrawTextW
DestroyMenu
SetMenuItemInfoW
TranslateMessage
ModifyMenuW
GetParent
CreatePopupMenu
GetCapture
EnableWindow
GetWindowPlacement
EndDialog
LoadMenuW
SetTimer
RedrawWindow
DestroyCaret
DispatchMessageW
PostThreadMessageW
MoveWindow
DestroyAcceleratorTable
OpenClipboard
BeginDeferWindowPos
RegisterWindowMessageW
WaitMessage
GetDlgItem
GetForegroundWindow
LoadStringW
LoadBitmapW
SetForegroundWindow
DestroyIcon
ShowWindow
GetWindowLongW
GetClientRect
InflateRect
SetRectEmpty
ClientToScreen
IsRectEmpty
PtInRect
IsClipboardFormatAvailable
MessageBeep
GetDesktopWindow
DrawIconEx
GetKeyState
GetClassNameW
LoadCursorW
DestroyWindow
RegisterClassW
GetTopWindow
GetSysColorBrush
GetMenuItemCount
KillTimer
CallWindowProcW
GetMenuItemID
DeleteMenu
FrameRect
FlashWindow

comctl32

ImageList_GetImageInfo
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ImageList_GetIcon
ImageList_ReplaceIcon
ImageList_DragShowNolock
CreatePropertySheetPageA
ImageList_Draw
ord17
ImageList_LoadImageA
InitCommonControlsEx
PropertySheetA
ImageList_SetBkColor

ole32

CoTaskMemFree
OleDuplicateData
OleInitialize
CLSIDFromProgID

comdlg32

GetFileTitleA
ChooseColorA

gdi32

DPtoLP
SetROP2
GetWindowExtEx
CreateFontIndirectA
StretchDIBits
SetTextColor
RoundRect
GetTextExtentPointA
Ellipse
BitBlt
IntersectClipRect
GetCharWidthA
GetPixel
SetRectRgn
SetWindowExtEx
OffsetRgn
GetROP2
GetWindowOrgEx
PatBlt
OffsetViewportOrgEx
StartDocA
CreateBitmap
SetPolyFillMode
PtInRegion
FillRgn
ExtTextOutA
EnumFontFamiliesExA
GetBkMode
CreatePen
GetDIBits
ExtCreateRegion
SetTextAlign
CreateEllipticRgn
GetStockObject
CombineRgn
DeleteDC
GetCurrentPositionEx
ExtCreatePen
SetViewportExtEx
CreateSolidBrush
GetRegionData
CreateDCA
GetTextColor
LPtoDP
SetWindowOrgEx
SetDIBits
StretchBlt
GetViewportExtEx
Rectangle
CreateFontA
LineTo
CreatePolygonRgn
GetTextExtentPoint32A
GetTextAlign
SetPixelV
GetTextCharsetInfo
ExcludeClipRect
GetRgnBox
RectVisible
CreateDIBitmap
CreatePatternBrush
Polygon
SetViewportOrgEx
GetViewportOrgEx
TextOutA
GetStretchBltMode
Polyline
CreateCompatibleBitmap
RealizePalette
SaveDC
Escape
SelectObject
GetPolyFillMode
SelectClipRgn
MoveToEx
PtVisible
GetBkColor
DeleteObject
SetStretchBltMode
AbortDoc
CreateRectRgnIndirect
ExtFloodFill
GetDeviceCaps
GetTextMetricsA
CreateCompatibleDC
CreateRectRgn
RestoreDC
GetClipBox

kernel32

HeapReAlloc
WriteConsoleW
QueryPerformanceCounter
LeaveCriticalSection
GetCurrentProcess
ExitProcess
LocalFree
CloseHandle
GetModuleFileNameW
GetProcAddress
InterlockedDecrement
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
HeapValidate
IsDebuggerPresent
GetTimeFormatA
HeapDestroy
GetLastError
GetModuleHandleW
WriteConsoleA
IsValidCodePage
RtlUnwind
TerminateProcess
GetStringTypeW
CreateFileA
GetStdHandle
DebugBreak
GetConsoleMode
EnterCriticalSection
VirtualFree
GetConsoleOutputCP
LCMapStringW
TlsGetValue
GetACP
SetStdHandle
TlsFree
GetDateFormatA
IsBadReadPtr
Sleep
HeapFree
GetConsoleCP
DeleteCriticalSection
SetUnhandledExceptionFilter
FlushFileBuffers
MultiByteToWideChar
GetFileType
OutputDebugStringA
SetLastError
TlsSetValue
CreateMutexW
RaiseException
TlsAlloc
CompareStringW
InterlockedExchange
ReadFile
InitializeCriticalSection
WideCharToMultiByte
SetConsoleCtrlHandler
VirtualQuery
LCMapStringA
GetOEMCP
HeapSize
GetStartupInfoA
GetCurrentProcessId
InterlockedIncrement
CompareStringA
UnhandledExceptionFilter
OutputDebugStringW
GetEnvironmentStringsW
HeapAlloc
WaitForSingleObject
GetStartupInfoW
FreeEnvironmentStringsW
GetCPInfo
SetEnvironmentVariableA
LoadLibraryW
GetCommandLineW
VirtualAlloc
WriteFile
GetModuleFileNameA
GetSystemTimeAsFileTime
SetHandleCount
GetStringTypeA
GetCurrentThreadId
GetTimeZoneInformation
HeapCreate
LoadLibraryA
GetLocaleInfoA
GetTickCount

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c37ddfb02f8fdc91d76764d2f6c5e2d

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

comctl32

ole32

comdlg32

gdi32

kernel32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 512KB - Virtual size: 510KB

.data Size: 112KB - Virtual size: 110KB

.rsrc Size: 88KB - Virtual size: 85KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 512KB - Virtual size: 510KB

.data
Size: 112KB - Virtual size: 110KB

.rsrc
Size: 88KB - Virtual size: 85KB