67781cb290d7b9de9c7972a9189369e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67781cb290d7b9de9c7972a9189369e3_JaffaCakes118
Size

448KB
MD5

67781cb290d7b9de9c7972a9189369e3
SHA1

0066d2ae35c32930a951806ca1067128d38a62e0
SHA256

b84a83db3619b1d5ad4b1b594db195f250b889cbb252889f7ad3f5cd8b7bec16
SHA512

394ab13cd6f4c65ed5e2524e36a32ea103eb27ed254493e21d65a3709f22fae18818fa01599b97ad17306b706f4f27e1d6d274971b3377f540c7aca1e22464d5
SSDEEP

6144:dDAaQYO+DiUGYNJhSoJzLyb6X6D9hbFS+txTHhnDfRxnCOVKHUULb:d0MO+DiUVNJhSWyU6bZSc1Hd7COVKV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67781cb290d7b9de9c7972a9189369e3_JaffaCakes118

Files

67781cb290d7b9de9c7972a9189369e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10d52162cedcdd5d4c3fbd9b1b66bfdc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ahxutheac.pdb

Imports

shell32

ExtractIconEx
DragQueryFileW
SHEmptyRecycleBinA

wininet

InternetInitializeAutoProxyDll
DeleteUrlCacheEntryA
HttpQueryInfoW
SetUrlCacheEntryGroup
FtpSetCurrentDirectoryA

kernel32

WriteConsoleInputW
GetStringTypeA
WriteConsoleA
GetTimeFormatA
InterlockedIncrement
VirtualFree
OpenWaitableTimerA
FreeEnvironmentStringsW
ReadConsoleOutputCharacterA
FileTimeToSystemTime
CompareStringA
GetStartupInfoA
GetTickCount
FreeLibrary
GetDateFormatA
AllocConsole
HeapFree
GetUserDefaultLCID
GlobalFlags
ExitProcess
FlushFileBuffers
ReadFile
GetConsoleCP
WriteProfileSectionA
GetMailslotInfo
HeapDestroy
TlsSetValue
HeapReAlloc
IsValidCodePage
MultiByteToWideChar
FindFirstFileExA
WaitForSingleObject
SetFilePointer
GetStringTypeW
GetFileType
GetLocaleInfoA
IsDebuggerPresent
GetPrivateProfileIntA
GetDiskFreeSpaceW
GetTempPathA
InterlockedDecrement
MapViewOfFileEx
GetDiskFreeSpaceExW
TlsGetValue
lstrcmpA
GetConsoleOutputCP
FreeEnvironmentStringsA
GetConsoleMode
WriteFile
LoadLibraryExW
GetStringTypeExA
TlsFree
GetCurrentThread
GetStdHandle
GetCPInfo
GetPrivateProfileSectionA
GetTimeFormatW
SystemTimeToTzSpecificLocalTime
GetProcAddress
CreateMutexA
TlsAlloc
SetUnhandledExceptionFilter
GetModuleHandleW
VirtualAlloc
ReadConsoleA
InterlockedExchange
GetCommandLineW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTimeZoneInformation
EnumSystemCodePagesA
LCMapStringA
EnumResourceTypesW
CreateWaitableTimerW
SetEvent
SetEnvironmentVariableA
GetCurrentProcess
CreateEventW
FoldStringA
LeaveCriticalSection
DeleteCriticalSection
GetDriveTypeA
SetConsoleCtrlHandler
LCMapStringW
IsValidLocale
FindNextFileW
GetCalendarInfoA
GetLocaleInfoW
WriteConsoleOutputCharacterA
TerminateProcess
GetCurrentProcessId
FillConsoleOutputCharacterA
GetOEMCP
EnumResourceNamesA
GetLastError
CompareStringW
EnumSystemLocalesA
SetStdHandle
GetConsoleScreenBufferInfo
HeapAlloc
LoadLibraryA
GetEnvironmentVariableW
CreateFileA
WideCharToMultiByte
GetStringTypeExW
FindFirstFileA
GetModuleFileNameA
MoveFileA
MoveFileExA
RtlUnwind
ReadConsoleW
CloseHandle
WriteConsoleW
HeapLock
EnumResourceLanguagesW
SetHandleCount
GetEnvironmentStrings
HeapCreate
UnhandledExceptionFilter
OpenMutexA
GetACP
FillConsoleOutputAttribute
GetVersionExA
WriteProfileStringW
VirtualQuery
SetLastError
GetCurrentThreadId
GetModuleHandleA
HeapSize
LockFile
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
Sleep
ReleaseSemaphore
GetCommandLineA
GetProcessHeap
EnterCriticalSection
EnumDateFormatsExW

user32

RegisterClassExA
EnumWindowStationsW
LoadKeyboardLayoutW
CreateIconFromResource
LockWindowUpdate
ChangeDisplaySettingsW
ImpersonateDdeClientWindow
SystemParametersInfoW
GetComboBoxInfo
DestroyWindow
InsertMenuItemA
GetWindowInfo
RegisterClassExW
FindWindowW
DdeReconnect
CheckMenuRadioItem
RemoveMenu
SetDlgItemTextW
CreateAcceleratorTableW
UnhookWindowsHook
GetMenuDefaultItem
CreateWindowExW
PtInRect
GetScrollPos
GetKeyboardLayoutNameA
VkKeyScanExA
FindWindowA
ModifyMenuW
CreateAcceleratorTableA
SwitchToThisWindow
SetCapture
CreateIconIndirect
DrawTextExW
SendMessageTimeoutW
MessageBoxA
GetParent
GetDlgItem
DefWindowProcA
SetWindowWord
MessageBeep
NotifyWinEvent
CreatePopupMenu
RegisterDeviceNotificationA
SetClipboardData
ReplyMessage
ShowWindow
RealGetWindowClass
FindWindowExA
EnumDisplaySettingsExW
GetTopWindow
FrameRect
SendNotifyMessageA
RegisterClassA
PostQuitMessage
GetMenuState
SetPropW
DdeClientTransaction
TranslateMDISysAccel
EnumDisplaySettingsA
UnhookWinEvent
SubtractRect
SetDoubleClickTime
BlockInput
GetWindowTextLengthA
BroadcastSystemMessage
MsgWaitForMultipleObjects
ToAscii

comctl32

CreateToolbar
CreateStatusWindowW
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_Copy
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_DragLeave
ImageList_AddMasked
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_LoadImage
ImageList_EndDrag
ImageList_DrawEx
ImageList_Replace
ImageList_AddIcon

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10d52162cedcdd5d4c3fbd9b1b66bfdc

Headers

File Characteristics

PDB Paths

Imports

shell32

wininet

kernel32

user32

comctl32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 104KB - Virtual size: 128KB

.rsrc Size: 52KB - Virtual size: 48KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 104KB - Virtual size: 128KB

.rsrc
Size: 52KB - Virtual size: 48KB