62dc833f452b3ddc65414d22de46c152_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62dc833f452b3ddc65414d22de46c152_JaffaCakes118
Size

584KB
MD5

62dc833f452b3ddc65414d22de46c152
SHA1

2a7ee7d09ee08364e8bf64a2fbd2b0671485a4aa
SHA256

627adbc9b51930aca813af4e666c3409b03c9ea4342041adb43c33e9a9770592
SHA512

47b363fcb903e6450a3981c8b9465811139bb042af95b875d8c863a980b9b91689e8ab43b7c34947c42fa5c2e89656d0035a37ba18d61a2434ab31939eadca35
SSDEEP

12288:9eij21KP3YKo7n5KUcHnvFc3KrpDqamdadfutcV8hN1XW3k6Gxh2twN:9T21rKoMUcHnvVcdUfuw81Xv6s5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62dc833f452b3ddc65414d22de46c152_JaffaCakes118

Files

62dc833f452b3ddc65414d22de46c152_JaffaCakes118
.exe windows:4 windows x86 arch:x86

845058e0fb98e5aa9d7f44eb9ba80225

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\jvfageksns\epoo\zrnekmkog.pdb

Imports

comctl32

ImageList_Replace
DestroyPropertySheetPage
CreateUpDownControl
ImageList_GetImageRect
ImageList_Read
DrawStatusTextW
ImageList_Write
ImageList_GetFlags
ImageList_GetBkColor
ImageList_GetImageCount
MakeDragList
ImageList_SetOverlayImage
CreatePropertySheetPageA
DrawStatusTextA
ImageList_AddIcon
DrawStatusText
CreateMappedBitmap
ImageList_SetFilter
ImageList_GetIcon
CreateToolbarEx
InitCommonControlsEx
ImageList_GetImageInfo
InitMUILanguage
ImageList_ReplaceIcon
CreatePropertySheetPageW

kernel32

FlushFileBuffers
Sleep
GetProfileSectionW
MapViewOfFile
InterlockedCompareExchange
RtlUnwind
GetACP
FindNextFileA
ExpandEnvironmentStringsA
WriteConsoleOutputCharacterW
SetSystemTime
GetStartupInfoA
GetStringTypeW
GetDateFormatA
FillConsoleOutputCharacterA
GetFileSize
InterlockedDecrement
GetLocaleInfoA
UnhandledExceptionFilter
GetNamedPipeHandleStateW
SetLastError
GetEnvironmentVariableW
GetCPInfo
SetThreadLocale
HeapSize
LCMapStringW
HeapFree
FlushConsoleInputBuffer
GetStdHandle
GetCurrentDirectoryA
SetEnvironmentVariableA
WideCharToMultiByte
GetCurrentProcess
GetOEMCP
GetModuleFileNameW
ContinueDebugEvent
LCMapStringA
CreateMutexA
GetSystemTimeAsFileTime
IsValidCodePage
GetModuleHandleA
ReleaseMutex
ExitProcess
AddAtomW
GetNamedPipeHandleStateA
GetFileAttributesA
SetEvent
OpenProcess
GetProfileIntA
TlsGetValue
EnumSystemLocalesA
InterlockedExchange
CommConfigDialogA
GetPrivateProfileIntA
GetEnvironmentStringsW
SetConsoleCtrlHandler
ReadFile
GetProcAddress
EnumCalendarInfoExW
GetCommandLineW
TerminateProcess
IsDebuggerPresent
VirtualFree
GetFileType
TlsSetValue
OpenFile
WriteFile
GetCurrentProcessId
GetConsoleCP
SetFileTime
GetTimeFormatA
GetUserDefaultLCID
WriteConsoleW
FreeEnvironmentStringsW
GetLocaleInfoW
MultiByteToWideChar
OpenMutexA
GetPrivateProfileStructW
FreeLibrary
EnterCriticalSection
GetLastError
VirtualAlloc
GetTickCount
GetModuleHandleW
GetConsoleOutputCP
LoadLibraryA
HeapLock
QueryPerformanceCounter
GetLocalTime
lstrcmpiW
GetModuleFileNameA
GetStartupInfoW
DeleteCriticalSection
EnumSystemCodePagesA
InterlockedIncrement
FreeResource
SetLocaleInfoW
SetHandleCount
LocalUnlock
GetCommandLineA
GetTimeZoneInformation
FindFirstFileExA
SetStdHandle
LoadLibraryExW
HeapCreate
CreateFileA
GetCurrentThread
GetStringTypeExA
VirtualProtect
EnumTimeFormatsA
EnumCalendarInfoA
SetFilePointer
GlobalAddAtomW
CompareStringA
ReadConsoleOutputCharacterW
CreateMailslotW
SetConsoleCP
GetProcessAffinityMask
GetCurrentThreadId
TlsAlloc
SetUnhandledExceptionFilter
HeapDestroy
HeapValidate
LocalReAlloc
GetConsoleMode
HeapAlloc
OpenSemaphoreA
GetNumberFormatA
GlobalFree
SetConsoleTitleW
InitializeCriticalSectionAndSpinCount
TransactNamedPipe
CloseHandle
WriteConsoleA
SetConsoleTextAttribute
DebugActiveProcess
GlobalAddAtomA
LeaveCriticalSection
TlsFree
GetStringTypeA
FindResourceExW
IsValidLocale
VirtualQuery
FillConsoleOutputCharacterW
CompareStringW
HeapReAlloc
lstrcpynA
SetLocaleInfoA

user32

SetWindowPos
SetCapture
DrawIconEx
DlgDirSelectComboBoxExW
SubtractRect
DdeAccessData
ValidateRect
GetSystemMetrics
DdeSetQualityOfService
CascadeChildWindows
DispatchMessageW
DrawTextA
ChildWindowFromPointEx
CharUpperBuffA
GetMenuStringW
EnumThreadWindows
GetInputDesktop
BlockInput
DrawFocusRect
CloseWindow
ShowCaret
GetGuiResources
LoadKeyboardLayoutA
GetDlgItem
LockWindowUpdate
GetMenuBarInfo
SetKeyboardState
LookupIconIdFromDirectory
MessageBoxW
GetMenuItemCount
DefWindowProcW
GetClassInfoA
DdeAbandonTransaction
DestroyIcon
RegisterClassExA
ShowOwnedPopups
EnumDisplaySettingsA
CreateWindowExA
GetFocus
MapVirtualKeyW
GetKeyboardType
SetWindowTextA
DestroyWindow
GetClipboardData
ShowWindow
UnregisterDeviceNotification
IsCharAlphaNumericA
NotifyWinEvent
DrawTextExA
SetDlgItemTextW
OemToCharW
GetCursor
DialogBoxParamW
MoveWindow
RegisterClassA

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ReplaceTextW

advapi32

RegQueryMultipleValuesW
RegEnumKeyExA
RegSetValueW
RegLoadKeyA
CryptEnumProvidersW
GetUserNameA
RegOpenKeyW
RegCreateKeyExW
CryptContextAddRef
StartServiceW
CryptAcquireContextW
RegOpenKeyA

shell32

RealShellExecuteExA

wininet

RegisterUrlCacheNotification
FtpGetCurrentDirectoryA

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

845058e0fb98e5aa9d7f44eb9ba80225

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

comdlg32

advapi32

shell32

wininet

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 133KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 133KB

.rsrc
Size: 32KB - Virtual size: 30KB