619d5e47c312716f6b28e0774ce6ea1b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

619d5e47c312716f6b28e0774ce6ea1b_JaffaCakes118
Size

336KB
MD5

619d5e47c312716f6b28e0774ce6ea1b
SHA1

f19fdc7261ca442a09bcfde10022e622ee98a161
SHA256

4e9b6cbd0765669c2126fbda3609a1ec371f9487f358ffa5dd8db1ad71189196
SHA512

fe8ab8b5f62affd3e962e9f93554020dec262a7e45e638e435a1864d747fc56419bb524fe7240ec5abd6dacdaf3e3d0845ca4bac4cb480a94c66961b56a10bb2
SSDEEP

6144:L/Y1Jykmzag1L7XvWgJPQaQ1Xl1oAlGUXFyK2zuqNUZU2yEDSPI:rYGk2ag1nX9oljoSG8FybNi/yP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
619d5e47c312716f6b28e0774ce6ea1b_JaffaCakes118

Files

619d5e47c312716f6b28e0774ce6ea1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e84f9e6fe13609c4e705a7252336e61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\kws\oftrfccf.pdb

Imports

user32

ValidateRect
GetWindowModuleFileNameA
CreateWindowExA
CopyAcceleratorTableW
UnregisterHotKey
DrawEdge
SetFocus
RegisterClassExW
RegisterClassA
FrameRect
DefWindowProcA
GetWindowPlacement
LoadBitmapW
CreateDesktopW
CharNextW
DestroyWindow
InvalidateRgn
GetActiveWindow
CreateMenu
MapWindowPoints
SetClipboardViewer
GetWindowRgn
GrayStringW
MessageBoxW
RegisterClassExA
FindWindowA
wsprintfW
OpenWindowStationA
ExitWindowsEx
CloseWindowStation
ShowWindow
PaintDesktop

comctl32

ImageList_Read
ImageList_DragMove
InitCommonControlsEx
DrawStatusTextA

kernel32

CreateMutexW
GetCommandLineA
ReadFile
VirtualProtect
WriteConsoleW
SetConsoleScreenBufferSize
VirtualQuery
GetModuleHandleW
GetModuleHandleA
SetStdHandle
CompareStringA
GetFileType
QueryPerformanceCounter
GetEnvironmentVariableW
IsDebuggerPresent
GetProcessShutdownParameters
SetThreadPriority
RemoveDirectoryA
GetDateFormatA
GetTickCount
WritePrivateProfileSectionW
LeaveCriticalSection
GetFileAttributesA
TlsFree
lstrcatW
GetCurrentProcess
WriteFile
HeapDestroy
GetStringTypeW
VirtualFree
GetLastError
InitializeCriticalSectionAndSpinCount
CreateMutexA
IsValidLocale
HeapAlloc
WideCharToMultiByte
GetModuleFileNameW
OpenFileMappingA
TlsGetValue
HeapFree
TerminateProcess
GetLocaleInfoA
GetStartupInfoW
SetLastError
MultiByteToWideChar
FreeLibrary
HeapCreate
GetThreadLocale
WriteConsoleA
SetConsoleOutputCP
InterlockedDecrement
GetCommandLineW
GetTimeZoneInformation
DeleteCriticalSection
CompareStringW
GetCurrentProcessId
GetConsoleCP
GetStartupInfoA
GetOEMCP
GetCurrentThreadId
GetCPInfo
GetSystemTimeAdjustment
GetStringTypeA
EnumSystemLocalesA
ResetEvent
GetUserDefaultLCID
SetEnvironmentVariableA
LCMapStringA
GetConsoleMode
SetHandleCount
FlushInstructionCache
CreateFileA
GetProcAddress
LCMapStringW
GetTimeFormatA
LoadLibraryA
EnterCriticalSection
lstrlen
GlobalGetAtomNameW
HeapSize
GetSystemTimeAsFileTime
InterlockedExchange
TlsSetValue
SetFilePointer
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetNamedPipeHandleStateW
GetCurrentThread
GetLocaleInfoW
CloseHandle
OpenMutexA
Sleep
SetUnhandledExceptionFilter
TlsAlloc
RtlUnwind
FlushFileBuffers
HeapReAlloc
GetProfileStringA
OutputDebugStringA
ExitProcess
SetConsoleCtrlHandler
GetModuleFileNameA
InterlockedIncrement
GetConsoleOutputCP
IsValidCodePage
GetStdHandle
CreateDirectoryA
UnhandledExceptionFilter
GetACP
VirtualAlloc

Sections

.text
Size: 144KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e84f9e6fe13609c4e705a7252336e61

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 144KB - Virtual size: 140KB

.rdata Size: 80KB - Virtual size: 77KB

.data Size: 92KB - Virtual size: 101KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 144KB - Virtual size: 140KB

.rdata
Size: 80KB - Virtual size: 77KB

.data
Size: 92KB - Virtual size: 101KB

.rsrc
Size: 16KB - Virtual size: 14KB