61903c24f8622f6b6f45ea012899aae9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

61903c24f8622f6b6f45ea012899aae9_JaffaCakes118
Size

728KB
MD5

61903c24f8622f6b6f45ea012899aae9
SHA1

3ef4e5db7862c506af470c8d6143d6c259e237e2
SHA256

c39238d19ee5d9a4c1708ac9247f4d9dd227ed0eb8c5534c4a09d0214ae4664e
SHA512

99d93f4933716dfb5be79e9706aa0f67bc6b9520f0291c8f9f4276799d53b02b63e7d68877f41273dd751e61d9606209d0b70447b234a3c9ac2d1fa70d2850bd
SSDEEP

12288:6zkkCXwiwmoNh7GvQG7WVi9CxlGt//5D29pDDFJYcxuyToKRI:KIwS5vF7W4CWdo9d8QuyToKRI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61903c24f8622f6b6f45ea012899aae9_JaffaCakes118

Files

61903c24f8622f6b6f45ea012899aae9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d418296e459dcc88284628088e2bb1c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\esstoyro\koeqfs\rihueockzb\d

Imports

shell32

ShellExecuteExA
DragQueryPoint
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

ImageList_Draw
PropertySheetA
ImageList_Remove
ImageList_GetImageInfo
ord17
ImageList_GetImageCount
ImageList_Destroy
ImageList_AddMasked
ImageList_GetIcon
_TrackMouseEvent
ImageList_ReplaceIcon
InitCommonControlsEx

kernel32

WideCharToMultiByte
IsDebuggerPresent
CloseHandle
GetCommandLineW
GetStartupInfoA
RtlUnwind
GetCPInfo
FatalAppExitA
CompareStringW
FreeEnvironmentStringsW
GetModuleFileNameA
GetFileType
GetTimeZoneInformation
HeapFree
GetModuleFileNameW
GetOEMCP
IsValidCodePage
GetProcAddress
VirtualFree
SetFilePointer
IsValidLocale
GetStdHandle
MultiByteToWideChar
GetCurrentProcessId
LoadLibraryA
HeapDestroy
GetTickCount
VirtualAlloc
GetEnvironmentStrings
GetCurrentThreadId
SetUnhandledExceptionFilter
CreateFileA
UnhandledExceptionFilter
InterlockedExchange
GetLocaleInfoA
TlsSetValue
GetSystemTimeAsFileTime
FlushFileBuffers
GetModuleHandleW
GetStringTypeW
GetConsoleMode
WriteFile
GetEnvironmentStringsW
InitializeCriticalSection
HeapCreate
LeaveCriticalSection
SetHandleCount
HeapSize
LCMapStringW
CompareStringA
VirtualQuery
GetModuleHandleA
TlsFree
TlsGetValue
GetLastError
RaiseException
SetStdHandle
GetCurrentProcess
GetUserDefaultLCID
GetConsoleOutputCP
WriteConsoleW
ExitProcess
GetLocaleInfoW
Sleep
ReadFile
GetCommandLineA
GetACP
WriteConsoleA
QueryPerformanceCounter
HeapAlloc
GetConsoleCP
SetLastError
InterlockedIncrement
GetStartupInfoW
GetStringTypeA
EnterCriticalSection
SetEnvironmentVariableA
GetCurrentThread
TlsAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetVersionExA
LCMapStringA
GetTimeFormatA
CreateMutexW
TerminateProcess
FreeLibrary
GetProcessHeap
InterlockedDecrement
DeleteCriticalSection
SetConsoleCtrlHandler
GetDateFormatA

comdlg32

CommDlgExtendedError
ChooseColorA
GetOpenFileNameA

user32

GetDesktopWindow
GetWindowTextW
GetWindowLongW
MessageBoxW
GetWindowRect
EqualRect
InflateRect
DestroyIcon
GetTopWindow
DestroyWindow
KillTimer
CreateWindowExW
SendDlgItemMessageA
GetSubMenu
GetForegroundWindow
CheckMenuItem
GetSysColorBrush
IsWindow
SetMenuDefaultItem
SetScrollInfo
ReleaseDC
EnableMenuItem
GetWindowThreadProcessId
InsertMenuW
TrackPopupMenuEx
CallNextHookEx
GetWindow
BeginDeferWindowPos
DefWindowProcW
GetDC
GetAsyncKeyState
IsRectEmpty
GetClipboardData
AttachThreadInput
UpdateWindow
wsprintfW
TrackPopupMenu
LoadIconW
SystemParametersInfoA
GetWindowTextLengthW
GetFocus
ShowWindow
wsprintfA
SetMenu
IsZoomed
DispatchMessageW
MapDialogRect
GetMenuCheckMarkDimensions
SetWindowPlacement
GetClientRect
SetParent
AdjustWindowRectEx
IsWindowEnabled
OpenClipboard
DrawIcon
PostQuitMessage
SetDlgItemTextW
MessageBeep
EndPaint
GetWindowDC
ReleaseCapture
SetFocus
SendMessageW
FlashWindow
GetDlgItem
DrawEdge
EndDeferWindowPos
CreateDialogIndirectParamW
GetSystemMenu
SetWindowTextW
ClientToScreen
IsWindowVisible
SetActiveWindow
PtInRect
SetTimer
SetDlgItemInt
EnableWindow
DrawFrameControl
GetSysColor
SetRect
DestroyMenu
GetParent
GetMenuItemInfoW
DeferWindowPos
RedrawWindow
RegisterClipboardFormatW
SetCursor
IntersectRect
BeginPaint
IsClipboardFormatAvailable
GetScrollInfo
RegisterClassW
MoveWindow
UnregisterClassA
UnhookWindowsHookEx
GetSystemMetrics
IsDlgButtonChecked
GetWindowTextA
RemoveMenu
IsChild
TranslateMessage
CreatePopupMenu
GetKeyState
SetRectEmpty
MapWindowPoints
SetWindowsHookExW
IsIconic
DeleteMenu
DestroyCaret
RegisterClassExW
ScreenToClient
GetScrollPos
GetMessageW
EmptyClipboard
SystemParametersInfoW
GetActiveWindow
CopyRect
GetMenuItemCount

winmm

mmioAscend
waveOutReset
waveOutClose
mmioClose
mixerOpen
mmioOpenA
mixerGetLineControlsA
mixerSetControlDetails
waveOutGetNumDevs
waveOutPause
PlaySoundW
mixerGetLineInfoA
timeGetTime
mixerGetNumDevs
mixerClose
mixerGetControlDetailsA
waveOutUnprepareHeader
PlaySoundA

gdi32

DeleteDC
CreatePatternBrush
GdiFlush
CreateSolidBrush
GetTextColor
CreateCompatibleBitmap
GetDeviceCaps
Rectangle
SetStretchBltMode
CreateDIBSection
CreateFontIndirectW
CreateBrushIndirect
SelectObject
CreateDCW
GetPixel
GetObjectW
RectInRegion
MoveToEx
SetWindowExtEx
OffsetRgn
SetTextAlign
GetDIBits
CreateCompatibleDC
GetRegionData
CreateRectRgn
SetROP2

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d418296e459dcc88284628088e2bb1c8

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

kernel32

comdlg32

user32

winmm

gdi32

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 460KB - Virtual size: 458KB

.data Size: 108KB - Virtual size: 106KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 460KB - Virtual size: 458KB

.data
Size: 108KB - Virtual size: 106KB

.rsrc
Size: 36KB - Virtual size: 32KB