62a32e2bfbac359860bc1ce85fc9fc2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62a32e2bfbac359860bc1ce85fc9fc2c_JaffaCakes118
Size

492KB
MD5

62a32e2bfbac359860bc1ce85fc9fc2c
SHA1

68f1f301c1e5dd2d2a3360bed675d7ebdf0c4a8f
SHA256

0f50f9340287d480a1d9e4e9f07d06c4ffcd79fd598697e6675eecc65510624e
SHA512

8a7af3035ad02c5a9628611bd6c6709b4cc4bde76d4108980483a2f580dfd44fff10fb424bd3f89e75711858ba9907f570d04994265b613d807c7f1a0f8298e7
SSDEEP

12288:TCqNMHIv71IXmc18wfb8E/IKWtk0Pj8uNskcIH:vQgCJHj/QJkKj8uNr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a32e2bfbac359860bc1ce85fc9fc2c_JaffaCakes118

Files

62a32e2bfbac359860bc1ce85fc9fc2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a90ffcc0a0a3208645cf74780fa18b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\z

Imports

comctl32

ImageList_AddMasked
_TrackMouseEvent
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_SetIconSize
ImageList_SetFlags
CreateStatusWindowW
MakeDragList
InitCommonControlsEx
ImageList_LoadImageA
ImageList_Create
CreateStatusWindow
ImageList_Write
InitMUILanguage
ImageList_Add
CreatePropertySheetPage
CreateToolbarEx
DrawStatusText
ImageList_LoadImageW
ImageList_Destroy
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Read
ImageList_GetImageCount
ImageList_Remove
DrawInsert

user32

RemovePropA
CreateIcon
ClipCursor
GetScrollBarInfo
OpenWindowStationW
SetDlgItemTextA
FindWindowExA
MapVirtualKeyExA
ShowCursor
LoadImageA
GetMenuItemCount
RegisterClassA
RegisterClassExA
DefMDIChildProcW
FreeDDElParam
SetRectEmpty
DrawFrame
DlgDirSelectExA
MessageBoxIndirectW
MonitorFromPoint

shell32

RealShellExecuteExW
SHGetDataFromIDListW
InternalExtractIconListW
DoEnvironmentSubstW

kernel32

VirtualAlloc
ReadFile
CreateThread
ExitProcess
GetConsoleOutputCP
CreateFileA
VirtualFree
WriteConsoleOutputW
FindResourceW
InterlockedExchange
GetDateFormatA
GlobalDeleteAtom
DeleteCriticalSection
DuplicateHandle
CloseHandle
UnlockFile
VirtualQuery
GetCurrentProcessId
GlobalFindAtomW
GetStdHandle
lstrlen
SetConsoleCtrlHandler
LockResource
UnhandledExceptionFilter
TlsFree
GetModuleHandleW
RtlUnwind
SetUnhandledExceptionFilter
QueryPerformanceCounter
SetFilePointer
WriteConsoleA
GetModuleHandleA
GetFileType
LocalReAlloc
RaiseException
GlobalFree
GetCommandLineA
WriteFile
GetTimeFormatA
GetProcessHeaps
lstrlenA
AddAtomA
GetACP
HeapValidate
GetEnvironmentStringsW
GetCurrentProcess
IsValidCodePage
GetVersion
IsBadReadPtr
FreeLibrary
SetStdHandle
MultiByteToWideChar
WriteConsoleW
GetTimeZoneInformation
IsValidLocale
GetCPInfo
OpenMutexA
FoldStringW
IsDebuggerPresent
GetCurrentThreadId
GetStartupInfoA
GetModuleFileNameA
DebugBreak
RtlFillMemory
HeapAlloc
CreateMutexA
GetModuleFileNameW
EnterCriticalSection
GetProcessHeap
SetHandleCount
LCMapStringW
InterlockedIncrement
GetStringTypeA
Sleep
GetStringTypeW
GetEnvironmentStrings
HeapCreate
GetOEMCP
GetLocaleInfoA
SetLastError
GetUserDefaultLCID
GetProcAddress
GetSystemTimeAsFileTime
TlsSetValue
GetConsoleMode
OutputDebugStringA
HeapSize
GetTickCount
GetWindowsDirectoryA
DeleteFileW
WideCharToMultiByte
HeapFree
CompareStringW
InterlockedDecrement
TlsAlloc
OutputDebugStringW
CreateMutexW
lstrcmpiA
GetCurrentThread
TerminateProcess
LoadLibraryW
TlsGetValue
LCMapStringA
GetConsoleCP
SetEnvironmentVariableA
SetThreadIdealProcessor
FlushFileBuffers
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetLastError
HeapReAlloc
LoadLibraryA
CompareStringA
LeaveCriticalSection
EnumSystemLocalesA
GetLocaleInfoW
HeapDestroy
FreeEnvironmentStringsW

Sections

.text
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a90ffcc0a0a3208645cf74780fa18b42

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

shell32

kernel32

Sections

.text Size: 276KB - Virtual size: 272KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 96KB - Virtual size: 105KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 276KB - Virtual size: 272KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 96KB - Virtual size: 105KB

.rsrc
Size: 12KB - Virtual size: 10KB