5f8b8e12f2a3939d85790e8389616503_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5f8b8e12f2a3939d85790e8389616503_JaffaCakes118
Size

912KB
MD5

5f8b8e12f2a3939d85790e8389616503
SHA1

d0c7c82009a18df15f7c9d51821907845ec12cd2
SHA256

f5237dd47b59126027df5538e4ee0a52a3d068feb2e2f3ed5c7e234d39c193ff
SHA512

23d895141ea39acba3ef1b130c7a95aad18292830b1409aa9815dbc47cf986cfb3ca5643d89e5c81b5e27ef69999d87ecfa821aa7fd8d82409aef8203ee6520e
SSDEEP

24576:ce3I4nBci1mTIm6wIvGxzKIBzopKRfejB9l5sPLAWZ2Z:R7qxTRI0KIBWCGbs7Z2Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f8b8e12f2a3939d85790e8389616503_JaffaCakes118

Files

5f8b8e12f2a3939d85790e8389616503_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5aff79ea6e2b83b941ebf369188f0376

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\jyoxhtc\svrtjjdo\nelguavbf.pdb

Imports

shell32

Shell_NotifyIconA
SHBrowseForFolderA
ShellExecuteA
DragFinish
SHGetPathFromIDListA
ord155
SHGetMalloc

oleaut32

LoadTypeLi

advapi32

RegDeleteValueA
RegQueryValueExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyExA
RegCreateKeyExA
RegCreateKeyA

kernel32

IsBadReadPtr
WaitForSingleObject
SetStdHandle
GetDateFormatA
GetEnvironmentStringsW
TlsAlloc
GetProcAddress
WriteFile
OpenMutexW
WideCharToMultiByte
LoadLibraryA
GetStartupInfoW
OutputDebugStringA
ReadFile
WriteConsoleW
TerminateProcess
HeapValidate
LCMapStringA
GetStdHandle
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
VirtualFree
HeapReAlloc
CompareStringA
GetConsoleOutputCP
GetStringTypeA
GetModuleHandleW
HeapSize
IsValidCodePage
SetHandleCount
RaiseException
QueryPerformanceCounter
GetCurrentThreadId
SetFilePointer
GetCurrentProcessId
GetCPInfo
SetConsoleCtrlHandler
DebugBreak
GetTimeFormatA
TlsSetValue
GetModuleFileNameW
HeapAlloc
TlsFree
GetLocaleInfoA
GetTickCount
GetStartupInfoA
IsDebuggerPresent
VirtualAlloc
TlsGetValue
HeapDestroy
GetSystemTimeAsFileTime
RtlUnwind
LCMapStringW
CreateMutexW
Sleep
CreateFileA
DeleteCriticalSection
GetModuleFileNameA
CompareStringW
HeapFree
InterlockedDecrement
GetOEMCP
GetCommandLineW
SetUnhandledExceptionFilter
GetCurrentProcess
InterlockedExchange
FlushFileBuffers
HeapCreate
CloseHandle
InterlockedIncrement
GetLastError
ExitProcess
VirtualQuery
GetFileType
GetACP
LoadLibraryW
OutputDebugStringW
GetConsoleCP
InitializeCriticalSectionAndSpinCount
WriteConsoleA
SetEnvironmentVariableA
GetTimeZoneInformation
UnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleA
SetLastError
FreeEnvironmentStringsW
GetStringTypeW

comctl32

ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_DragLeave
ImageList_Read
ImageList_Destroy
ImageList_Write
ImageList_GetIcon
ord17
ImageList_Create
ImageList_GetImageCount

user32

DrawFrameControl
ValidateRect
ClientToScreen
DeferWindowPos
RegisterClassW
SetActiveWindow
ScreenToClient
UnregisterClassW
IsChild
SetWindowRgn
SetScrollPos
GetWindowTextLengthW
SetTimer
MessageBoxW
FillRect
LoadIconW
GetMenuItemID
GetActiveWindow
RegisterWindowMessageA
EndDialog
DestroyWindow
LoadCursorW
WindowFromPoint
UpdateWindow
CreateWindowExW
RegisterClassExW
GetCursorPos
SetDlgItemInt
SetRectEmpty
EnableMenuItem
CopyRect
GetSysColor
GetMenuItemCount
GetSubMenu
AdjustWindowRectEx
InvalidateRect
DestroyMenu
SendMessageTimeoutW
DestroyIcon
EndPaint
KillTimer
SetFocus
GetMessageTime
MoveWindow
GetDC
GetDlgCtrlID
DefWindowProcW
GetUpdateRect
IntersectRect
DrawStateW
InsertMenuW
RedrawWindow
GetMessagePos
IsRectEmpty
GetFocus
GetIconInfo
LockWindowUpdate
wsprintfW
SetMenuItemBitmaps
GetSystemMenu
RemoveMenu
BeginPaint
GetKeyState
ShowWindow
MapWindowPoints
PostMessageW
PeekMessageW
LoadStringW
GetWindowTextW

ole32

CoGetMalloc
OleGetClipboard
OleInitialize
CoRegisterClassObject
StgCreateDocfile
OleDuplicateData
RevokeDragDrop
RegisterDragDrop
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance
OleRun
CoLockObjectExternal
CoTaskMemRealloc
CoInitialize
OleUninitialize
CoFreeUnusedLibraries
CoUninitialize
CoRevokeClassObject
CoTaskMemFree
DoDragDrop
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
StringFromGUID2
CreateILockBytesOnHGlobal
OleLockRunning

gdi32

SetPolyFillMode
GetCharWidthA
Polyline
EnumMetaFile
SetWindowOrgEx
Rectangle
PlayMetaFileRecord
GetCurrentObject
SetViewportOrgEx
ArcTo
GetTextExtentPoint32A
PolyDraw
DeleteObject
RoundRect
CreateFontA
CreateDIBPatternBrushPt
CreateBitmap
MoveToEx
GetDeviceCaps
FillRgn
SetStretchBltMode
SetColorAdjustment
SetMapperFlags
CreateICA
Arc

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 508KB - Virtual size: 505KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5aff79ea6e2b83b941ebf369188f0376

Headers

File Characteristics

PDB Paths

Imports

shell32

oleaut32

advapi32

kernel32

comctl32

user32

ole32

gdi32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 508KB - Virtual size: 505KB

.data Size: 116KB - Virtual size: 113KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 508KB - Virtual size: 505KB

.data
Size: 116KB - Virtual size: 113KB

.rsrc
Size: 60KB - Virtual size: 59KB