62d57616f9c6affc90df2aee8a532c42_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62d57616f9c6affc90df2aee8a532c42_JaffaCakes118
Size

396KB
MD5

62d57616f9c6affc90df2aee8a532c42
SHA1

ffd133f21e81889e01359496e99cba514770da8e
SHA256

14f42f6f45efd73907786a5a6e3f9f04f7b93a368c8e640c99bcc679e2644ddd
SHA512

84ce8fb1f3edb2a202be16a454aec088824f6860c7e516828d6c7e59c8a6d32a31a0b88899cf5491fa16413b35841fc1a00120b9b58b705f258b3231f8433a5a
SSDEEP

12288:MPu/WYRbzRHEflkmJKXlIoxhgOZwGIsL:ImXGltKX6oXmGIm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62d57616f9c6affc90df2aee8a532c42_JaffaCakes118

Files

62d57616f9c6affc90df2aee8a532c42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdd0c7fdb1650c0941482fe927dd1caf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PFNOTFLYV\TKOB\KEEAQBRW\TPFOJXT\MH

Imports

advapi32

RegConnectRegistryW
ReportEventW
CryptReleaseContext
CryptSetProviderA
RegConnectRegistryA
CryptDeriveKey
RegLoadKeyA
CryptHashData

kernel32

FlushFileBuffers
GetStringTypeA
WaitForMultipleObjectsEx
GetEnvironmentStringsA
WriteConsoleW
SetLocaleInfoA
EnumResourceTypesW
GetCurrentThread
GetTimeFormatA
GetLongPathNameA
AddAtomW
GetEnvironmentStringsW
HeapDestroy
LockFileEx
GetCurrentProcess
GetModuleHandleA
GetProcAddress
FindResourceW
SetEnvironmentVariableA
CreateMutexA
TlsAlloc
SetFilePointer
CreateDirectoryW
GetUserDefaultLCID
CreateDirectoryA
InterlockedExchange
GetLogicalDrives
MoveFileW
GetStringTypeW
SetLastError
ExitProcess
LCMapStringW
TerminateProcess
CloseHandle
SetConsoleWindowInfo
GetCurrentThreadId
HeapReAlloc
EnumSystemLocalesA
GetFileType
ReadFile
GetTickCount
HeapFree
SetHandleCount
LoadLibraryExW
GetTimeZoneInformation
GetCalendarInfoA
SetCurrentDirectoryW
ExpandEnvironmentStringsW
WriteConsoleOutputW
GetTempFileNameA
CompareStringW
QueryPerformanceCounter
WideCharToMultiByte
VirtualAlloc
GetCurrentProcessId
IsBadWritePtr
OpenMutexA
LCMapStringA
InitializeCriticalSection
GetProfileStringA
WriteConsoleA
Sleep
GetModuleFileNameA
FreeEnvironmentStringsW
GetMailslotInfo
GlobalFlags
GetLastError
SetThreadPriority
GetPrivateProfileSectionNamesW
HeapCreate
TlsFree
lstrcatW
VirtualFree
GetVersionExA
EnumCalendarInfoA
GetStartupInfoA
LeaveCriticalSection
DeleteCriticalSection
FindNextChangeNotification
LoadLibraryA
HeapLock
GetDateFormatA
TlsGetValue
GetConsoleCursorInfo
UnhandledExceptionFilter
GetSystemInfo
lstrcat
GetSystemTimeAsFileTime
IsValidCodePage
MultiByteToWideChar
IsValidLocale
CreateFileW
EnterCriticalSection
GetOEMCP
GetEnvironmentStrings
GetCommandLineA
VirtualProtect
HeapSize
GetACP
VirtualQuery
TryEnterCriticalSection
HeapAlloc
SleepEx
WriteFile
GetStdHandle
GetCPInfo
GetLocaleInfoA
SetStdHandle
TlsSetValue
FreeEnvironmentStringsA
CompareStringA
RtlUnwind
GetLocaleInfoW
GetStringTypeExA

user32

CreateWindowExA
RegisterClassA
TabbedTextOutA
SetCaretBlinkTime
GetMenuItemInfoA
GetMonitorInfoA
DrawEdge
GetWindow
GetMenuItemInfoW
DestroyWindow
ChangeDisplaySettingsExW
EnumDesktopsW
IsDlgButtonChecked
MessageBoxA
CharToOemW
CopyIcon
ToAscii
DefWindowProcW
SendMessageA
TabbedTextOutW
GetWindowRect
GetWindowLongA
SwitchToThisWindow
UnhookWindowsHook
RegisterClassExA
GetMenuCheckMarkDimensions
GetClassLongA
InternalGetWindowText
UnhookWinEvent
SendIMEMessageExA
GetMenu
ShowWindow

comctl32

InitCommonControlsEx
DrawStatusTextW
CreateToolbar
ImageList_GetDragImage

Sections

.text
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdd0c7fdb1650c0941482fe927dd1caf

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

comctl32

Sections

.text Size: 132KB - Virtual size: 130KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 96KB - Virtual size: 113KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 132KB - Virtual size: 130KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 96KB - Virtual size: 113KB

.rsrc
Size: 60KB - Virtual size: 57KB