69859149db17545451602a0b968d3712_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

69859149db17545451602a0b968d3712_JaffaCakes118
Size

409KB
MD5

69859149db17545451602a0b968d3712
SHA1

834a675d47ac2b7e6be53e1a9966bc9c56e8bace
SHA256

9f6e15ae0f6408c5a5ffe6d9865be7897aed0e7eeb06d3110919db9f080e8a63
SHA512

557f515b132ad5d090bb8d61547daaf3728325633db7082384b1bf71a2fb92eaf945e617a2865efb9c399c5315dbff72969087f632a8d50035078a432f2df6c4
SSDEEP

6144:hW95+hiVzWelQUI8wXfnVRrTgqb5mUi3jSY1o1G60ppylI0q76LtrXtEvB3:M94hiVzrUDfnnsqbYrSAGH8p2q0rXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69859149db17545451602a0b968d3712_JaffaCakes118

Files

69859149db17545451602a0b968d3712_JaffaCakes118
.exe windows:4 windows x86 arch:x86

faa866259f88d88ad0661d2b8a8048ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\awme.pdb

Imports

kernel32

GetACP
TlsAlloc
OpenMutexA
GetProcessShutdownParameters
FindResourceA
RtlUnwind
GetCurrentThreadId
UnlockFile
SetEnvironmentVariableA
FreeEnvironmentStringsW
SetLastError
TlsGetValue
HeapFree
GetShortPathNameA
UnhandledExceptionFilter
SetFilePointer
QueryPerformanceCounter
GetStringTypeA
GetLastError
CreateMutexA
GetCommandLineA
LCMapStringW
GetStringTypeW
GetCPInfo
GetLongPathNameA
HeapReAlloc
InterlockedDecrement
HeapAlloc
MoveFileExA
TlsSetValue
VirtualAlloc
FindResourceW
TlsFree
TerminateProcess
GetFileType
SetHandleCount
InterlockedIncrement
HeapDestroy
InterlockedExchange
CloseHandle
GetComputerNameA
MultiByteToWideChar
LCMapStringA
DeleteCriticalSection
IsBadWritePtr
InitializeCriticalSection
OpenSemaphoreA
GetCurrentProcessId
GetSystemTime
LoadLibraryA
GetEnvironmentStringsW
VirtualQuery
GetVersion
GetCurrentThread
LocalFlags
WriteFile
WaitForSingleObject
RtlMoveMemory
GetModuleHandleA
GetLocalTime
GetEnvironmentStrings
GetStartupInfoA
SetStdHandle
GetTickCount
CompareStringA
ReadFile
FreeEnvironmentStringsA
CompareStringW
GetOEMCP
LeaveCriticalSection
EnterCriticalSection
GetProfileIntW
GetModuleFileNameA
GetStdHandle
GetSystemTimeAsFileTime
VirtualFree
WideCharToMultiByte
FlushFileBuffers
GetTimeZoneInformation
ExitProcess
GetCurrentProcess
HeapCreate
GetEnvironmentVariableA
GetProcAddress

gdi32

Arc
Ellipse
GetStockObject
OffsetClipRgn
GetEnhMetaFilePaletteEntries
GdiPlayDCScript
CopyEnhMetaFileW
GetCharacterPlacementA
AbortDoc
ArcTo
GdiPlayJournal
GetMiterLimit
EnumFontFamiliesExW
GetROP2
GetMetaFileA
Chord
EnumICMProfilesW
CreateBitmap
PaintRgn
GetBoundsRect
SwapBuffers
SelectClipRgn
SetDIBColorTable
GetICMProfileW

wininet

SetUrlCacheGroupAttributeW
HttpSendRequestA
InternetGoOnlineA

comctl32

ImageList_BeginDrag
CreateMappedBitmap
ImageList_Destroy
ImageList_GetFlags
_TrackMouseEvent
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_AddMasked
DrawInsert
ImageList_Read
ImageList_Create
CreatePropertySheetPageW
InitCommonControlsEx
DrawStatusText
ImageList_DragLeave
CreateToolbarEx
ImageList_DragMove
InitMUILanguage

shell32

ShellExecuteExA

user32

IsCharAlphaW
GetWindowThreadProcessId
CascadeChildWindows
CharUpperA
DdeClientTransaction
DestroyWindow
DdeConnect
RegisterClassExA
OffsetRect
MessageBoxExW
MapVirtualKeyExA
CharLowerA
CreateDesktopW
CallMsgFilter
LoadBitmapW
SetUserObjectInformationA
MessageBoxA
DestroyCursor
WINNLSGetEnableStatus
RegisterClassA
GetPriorityClipboardFormat
ChangeDisplaySettingsW
DdeQueryNextServer
SendIMEMessageExA
BroadcastSystemMessageW
ShowWindow
CopyIcon
OemToCharW
GetWindowRect
CreateWindowExA
CreateDialogIndirectParamW
IsWindowEnabled
EndDeferWindowPos
GetMessageW
VkKeyScanA
ChangeDisplaySettingsA
SetForegroundWindow
IsClipboardFormatAvailable
GetUpdateRgn
CloseWindow
GetQueueStatus
CascadeWindows
BeginDeferWindowPos
DefWindowProcA

Sections

.text
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

faa866259f88d88ad0661d2b8a8048ea

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

wininet

comctl32

shell32

user32

Sections

.text Size: 175KB - Virtual size: 175KB

.rdata Size: 92KB - Virtual size: 92KB

.data Size: 92KB - Virtual size: 116KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 175KB - Virtual size: 175KB

.rdata
Size: 92KB - Virtual size: 92KB

.data
Size: 92KB - Virtual size: 116KB

.rsrc
Size: 48KB - Virtual size: 47KB