6896a141827185e1873200f305c385e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6896a141827185e1873200f305c385e6_JaffaCakes118
Size

572KB
MD5

6896a141827185e1873200f305c385e6
SHA1

8955c3079aaa869e18ee16c167f936db3dfd7323
SHA256

284e31d23e65d8070aabaa30f31548c81fa32f3f2dd66b6336b3dfce64f3c06f
SHA512

e8609e681fb225e02182be0d2c0cc1b0efb2f9d513ab460480a585c96b00a716c8c8f7f9a4a5979ec35cac3bc1ebc2b71d2f0314d416f3e9e03b1c1cc37e5587
SSDEEP

12288:BaJuu/PaH0pOUd/3trpVUVau0xiS2rLZPImqdN5R43xzhceQy24+D1C7/ZhJVr:BaJuoe0AUd/9tu/6XGNPlqVR4Zh/TchO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6896a141827185e1873200f305c385e6_JaffaCakes118

Files

6896a141827185e1873200f305c385e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dce845fc67aa65ec4acf528da7e59737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ruetojokt\kcyxe\ees

Imports

wininet

GopherGetAttributeW

gdi32

GetBitmapDimensionEx

comctl32

CreatePropertySheetPage
ImageList_BeginDrag
ImageList_Create
ImageList_Draw
ImageList_DragMove
ImageList_GetImageCount
CreateStatusWindow
ImageList_GetIconSize
DrawStatusText
ImageList_SetImageCount
ImageList_AddIcon
InitCommonControlsEx
ImageList_SetFlags
ImageList_GetIcon
ImageList_DrawEx
ImageList_SetDragCursorImage

comdlg32

GetFileTitleW
GetOpenFileNameA
PageSetupDlgA
PrintDlgW

user32

DdePostAdvise
TabbedTextOutW
CloseWindowStation
EndPaint
EnumDisplayDevicesA
SetCapture
CharToOemA
LoadImageW
GetProcessDefaultLayout
SendIMEMessageExA
IsRectEmpty
IsWindowVisible
DrawIcon
CreateIconFromResourceEx
ChildWindowFromPoint
GetMenuItemRect
FillRect
LoadBitmapA
MessageBoxExA
DrawTextExW
EnumPropsExW
ShowOwnedPopups
DrawStateA
EnableScrollBar
FreeDDElParam
MessageBoxA
GetClipCursor
CreateWindowExW
CopyImage
GetClipboardFormatNameW
SetWindowsHookExW
SetSysColors
IsZoomed
RegisterClassA
CreateMDIWindowA
SetClipboardData
TabbedTextOutA
wsprintfA
ActivateKeyboardLayout
InflateRect
ShowWindow
CreateCursor
GetNextDlgTabItem
DestroyWindow
DrawStateW
DdeReconnect
TranslateAcceleratorW
MonitorFromWindow
GetWindowWord
AnyPopup
WINNLSEnableIME
RegisterWindowMessageA
CopyIcon
MoveWindow
DefDlgProcA
RegisterClassExA
WinHelpA
GetIconInfo
MonitorFromPoint
DefWindowProcW
CheckMenuItem

advapi32

RegFlushKey
RegQueryValueExW
RegCreateKeyA
CryptSetHashParam
RegOpenKeyW
LookupAccountNameA
RegEnumValueA
CryptSetProviderW
StartServiceA
DuplicateToken
GetUserNameA

kernel32

InitializeCriticalSection
EnumSystemLocalesW
SetHandleCount
FlushViewOfFile
GetDateFormatA
GetCurrentProcessId
HeapCreate
GetCommandLineA
EnumResourceTypesA
CompareStringW
GetProfileSectionA
SetStdHandle
DeleteCriticalSection
GetCurrentThread
GetLastError
GetConsoleMode
GetDiskFreeSpaceExW
GetModuleFileNameA
ReadFile
WriteConsoleOutputCharacterA
GetACP
GetConsoleCP
CreateFileA
GetEnvironmentVariableW
CloseHandle
VirtualQuery
LeaveCriticalSection
LoadLibraryA
TlsAlloc
GetTempPathA
WriteConsoleA
GetSystemTimeAsFileTime
WaitForSingleObject
EnumSystemLocalesA
GlobalAlloc
CompareStringA
QueryPerformanceCounter
VirtualAlloc
TlsSetValue
GetVersionExA
HeapReAlloc
GetOEMCP
GlobalFix
EnterCriticalSection
GetCPInfo
HeapFree
IsValidCodePage
TlsFree
GetProcAddress
VirtualFree
GetStdHandle
TerminateProcess
GetTickCount
SetEnvironmentVariableA
GetStringTypeW
ReleaseSemaphore
RtlUnwind
FreeEnvironmentStringsW
GetThreadPriority
InterlockedExchange
GetLocaleInfoA
HeapSize
OpenMutexA
GetTimeZoneInformation
GetTempFileNameW
GetCurrentProcess
SetUnhandledExceptionFilter
GetUserDefaultLCID
GetFileType
GetEnvironmentStrings
TlsGetValue
FreeEnvironmentStringsA
GetTimeFormatA
LCMapStringW
SetLastError
SetConsoleCtrlHandler
GetStringTypeA
InterlockedIncrement
IsDebuggerPresent
MoveFileA
IsValidLocale
GetEnvironmentStringsW
GetStartupInfoA
GetCurrentThreadId
UnhandledExceptionFilter
HeapDestroy
FreeLibrary
InterlockedDecrement
GetProcessHeap
GetConsoleOutputCP
MultiByteToWideChar
VirtualQueryEx
WriteFile
FlushFileBuffers
HeapAlloc
SetFilePointer
ExitProcess
lstrcatW
GetLocaleInfoW
LCMapStringA
Sleep
WriteConsoleW
WideCharToMultiByte
CreateMutexA
GetCompressedFileSizeA
GetModuleHandleA

Sections

.text
Size: 180KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dce845fc67aa65ec4acf528da7e59737

Headers

File Characteristics

PDB Paths

Imports

wininet

gdi32

comctl32

comdlg32

user32

advapi32

kernel32

Sections

.text Size: 180KB - Virtual size: 176KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 116KB - Virtual size: 132KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 180KB - Virtual size: 176KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 116KB - Virtual size: 132KB

.rsrc
Size: 16KB - Virtual size: 13KB