6328a1c5f63261069f77b89cbaf640ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6328a1c5f63261069f77b89cbaf640ac_JaffaCakes118
Size

348KB
MD5

6328a1c5f63261069f77b89cbaf640ac
SHA1

e899582e4b95a422ff78901819551fa9d1674ddb
SHA256

1a6b15c9da9c1061f4c81672122506037a2d0132ac4113ef494a810ddd5ecfff
SHA512

67b299a91c6acfda07fcd49cf3ec7ae49973e60d73fa0572c1e8d4c769be3faad1cb831a61bc6e1b8bf5f7f7ab68e1e7d392778356945150413a8325a57d7bea
SSDEEP

6144:HFGsXc7nw6tyxUhQ00LPKJ4vn7/qTPhbatYooZrZLycM+SZ:HFGycrzyxUhQdyJlhbXrdM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6328a1c5f63261069f77b89cbaf640ac_JaffaCakes118

Files

6328a1c5f63261069f77b89cbaf640ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c04ff85d4ca2963a20dec5608e6e955c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\zrwtyox\eun\sboonjq.PDB

Imports

user32

RegisterClassExA
VkKeyScanW
RegisterClassA
EnumThreadWindows
SetSysColors
MessageBeep
CharUpperBuffW
UnpackDDElParam
SetWinEventHook
OpenDesktopW
GetDCEx
ScrollDC
CallMsgFilterA
GetMenuState
SendIMEMessageExW
FindWindowA
DispatchMessageA
AdjustWindowRect
OpenWindowStationW
ScreenToClient
DdePostAdvise
SetWindowContextHelpId
SendMessageTimeoutA

comctl32

ImageList_LoadImageA
ImageList_LoadImage
CreateToolbarEx
ImageList_Destroy
DrawStatusText
ImageList_EndDrag
ImageList_GetImageInfo
ImageList_GetImageCount
InitCommonControlsEx

kernel32

GetOEMCP
GetStdHandle
HeapReAlloc
GetEnvironmentStrings
LoadLibraryA
LCMapStringW
GetFileType
CompareStringA
CreateMutexA
ReadFile
CompareFileTime
GetTempFileNameW
EnumSystemLocalesA
GetTickCount
GetLongPathNameW
LocalAlloc
GetModuleHandleA
GetLocaleInfoW
EnumResourceTypesA
GetExitCodeThread
GetStartupInfoW
VirtualUnlock
OpenProcess
CloseHandle
GetUserDefaultLCID
VirtualAlloc
GetStartupInfoA
SetConsoleWindowInfo
GetCurrentDirectoryA
SetFilePointer
ExitProcess
SetFileAttributesW
SetLastError
InitializeCriticalSection
WriteConsoleOutputA
CreateFileA
GetEnvironmentStringsW
CreateDirectoryW
GlobalUnlock
RaiseException
InterlockedExchange
VirtualFree
GetModuleFileNameA
GetVolumeInformationW
LocalUnlock
GetCurrentProcessId
GetModuleFileNameW
IsBadWritePtr
HeapCreate
GetVersionExA
SetCurrentDirectoryW
SetStdHandle
FlushFileBuffers
VirtualProtect
DeleteAtom
TlsFree
EnterCriticalSection
VirtualQuery
TlsSetValue
FoldStringA
GetThreadTimes
OpenSemaphoreA
LeaveCriticalSection
IsValidLocale
LCMapStringA
GetVersion
GlobalGetAtomNameW
ReadFileEx
FindResourceExA
CompareStringW
RtlUnwind
MoveFileW
FreeLibrary
WideCharToMultiByte
LocalHandle
LockFile
CreateFileW
SetEnvironmentVariableA
GetLogicalDriveStringsW
GetSystemTimeAsFileTime
GetProcAddress
WritePrivateProfileSectionW
ReadConsoleW
UnmapViewOfFile
GetLogicalDrives
OpenMutexA
FreeEnvironmentStringsA
TlsAlloc
QueryPerformanceCounter
GetLocaleInfoA
GetTimeZoneInformation
IsValidCodePage
TransactNamedPipe
SetLocaleInfoA
GetPrivateProfileIntW
TerminateProcess
GetShortPathNameW
DeleteFiber
GetDateFormatA
GetFileAttributesExW
GetCurrentThreadId
FindFirstFileW
GetCurrentProcess
GetProfileIntW
GetACP
GetNamedPipeInfo
GetCommandLineW
WriteFile
GetStringTypeA
FreeEnvironmentStringsW
HeapValidate
GetConsoleCursorInfo
SetHandleCount
LoadModule
MultiByteToWideChar
GetCPInfo
GetLastError
FindNextFileW
FindNextChangeNotification
GetCommandLineA
ReadConsoleOutputA
DeleteCriticalSection
GetSystemInfo
HeapAlloc
RtlFillMemory
SuspendThread
GetFileSize
WritePrivateProfileStringA
WaitForDebugEvent
HeapFree
TlsGetValue
GetStringTypeW
UnhandledExceptionFilter
GetDiskFreeSpaceW
WriteProfileSectionA
HeapDestroy
GetTimeFormatA
ReadConsoleInputA
GetCurrentThread
HeapSize

comdlg32

ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW

shell32

SHGetDataFromIDListA
ShellExecuteW
ShellExecuteExA

advapi32

RegEnumKeyExW
CryptCreateHash
LookupSecurityDescriptorPartsA
CryptGetDefaultProviderA
CryptReleaseContext
CryptGetProvParam
CryptContextAddRef
RegOpenKeyW
ReportEventW

wininet

InternetOpenUrlA
InternetCreateUrlA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c04ff85d4ca2963a20dec5608e6e955c

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

comdlg32

shell32

advapi32

wininet

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 92KB - Virtual size: 103KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 92KB - Virtual size: 103KB

.rsrc
Size: 36KB - Virtual size: 33KB