707ea31e83aad85aa75cf67112506d82_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

707ea31e83aad85aa75cf67112506d82_JaffaCakes118
Size

620KB
MD5

707ea31e83aad85aa75cf67112506d82
SHA1

195c5e0fb292dfe52476a8ffa52b0cf4ae19d568
SHA256

aaa8b76cc8a2ffbf517989760b49539a4e578501f2bb1181deaa3666658a7633
SHA512

5c1cc331b1a719d7857da850c7566d7831f65413181528f614ffd3660e65925edc51b3daf8b9455ee0ab55be8eab8e8165953211f174302cba3a45d5c2156c82
SSDEEP

12288:suAwCiSrqLgy3wAXpAsg4cjpmUIJLUIbYl8WXEk1bcGZEM:kwhStMFpfgJ1mUqLvcllt1bLEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
707ea31e83aad85aa75cf67112506d82_JaffaCakes118

Files

707ea31e83aad85aa75cf67112506d82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4a6e7470392a3fd9e326237c33dcfd1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dsptmjerk\rogeopth.pdb

Imports

kernel32

GetCurrentDirectoryW
GetModuleHandleA
CreateFileA
IsValidCodePage
SetFileAttributesA
GetVolumeInformationW
VirtualFree
FileTimeToLocalFileTime
GetLastError
CompareStringA
lstrcpyn
GetTimeZoneInformation
SetWaitableTimer
HeapAlloc
GlobalHandle
EnumDateFormatsExW
GetLocaleInfoW
GetAtomNameA
RtlUnwind
SetFileAttributesW
GetProcessHeaps
InitializeCriticalSection
GetTickCount
GetVersionExA
FindResourceExA
ReadFile
GetStringTypeW
OpenMutexA
WriteConsoleInputW
WriteFile
ReadConsoleOutputA
TerminateProcess
GetConsoleScreenBufferInfo
SetLastError
WideCharToMultiByte
CompareStringW
LCMapStringW
GetCurrentThreadId
SetHandleCount
GetOEMCP
FileTimeToSystemTime
IsBadWritePtr
GetUserDefaultLCID
ExitProcess
SetConsoleCursorInfo
GetUserDefaultLangID
HeapFree
GlobalUnfix
SetConsoleCtrlHandler
GetPriorityClass
GetLogicalDriveStringsW
EnterCriticalSection
LocalFlags
GetCommandLineA
GetCurrentProcessId
GetTimeFormatA
GetCommandLineW
FreeEnvironmentStringsA
MoveFileExA
SetConsoleActiveScreenBuffer
HeapDestroy
SetEnvironmentVariableA
GetStringTypeA
MapViewOfFileEx
DeleteCriticalSection
GetModuleFileNameA
EnumSystemLocalesA
TlsFree
GetSystemInfo
CreateMutexA
HeapSize
GetACP
TlsAlloc
GetStdHandle
LoadLibraryA
GetStartupInfoA
InterlockedExchange
MultiByteToWideChar
GlobalLock
HeapReAlloc
IsValidLocale
FileTimeToDosDateTime
SetConsoleCP
VirtualProtect
GetEnvironmentStrings
GetFileType
GetCurrentThread
CloseHandle
TlsSetValue
GetModuleFileNameW
GetEnvironmentStringsW
GetComputerNameA
GetDateFormatA
DeleteFiber
GetSystemTimeAsFileTime
GetCPInfo
LCMapStringA
GetStartupInfoW
SetFilePointer
GetProcAddress
GetCurrentProcess
TlsGetValue
FreeEnvironmentStringsW
UnhandledExceptionFilter
VirtualQuery
QueryPerformanceCounter
GetLocaleInfoA
FlushFileBuffers
SetEvent
HeapCreate
SetStdHandle
VirtualAlloc
LeaveCriticalSection

gdi32

SetRectRgn
SetPaletteEntries

user32

DrawTextExW
ScrollWindow
LoadImageA
PackDDElParam
MonitorFromPoint
RegisterClassExA
GetKeyboardLayout
FlashWindowEx
SendDlgItemMessageA
GetMessageA
RegisterClassA
CreateIconFromResource
AdjustWindowRectEx
InsertMenuA
MessageBoxIndirectW
CloseWindow
GetSystemMetrics
GrayStringW
SetPropA
CreateMDIWindowW
MsgWaitForMultipleObjects
ArrangeIconicWindows

comctl32

CreatePropertySheetPageW
DrawStatusTextA
ImageList_DragMove
ImageList_AddIcon
CreateMappedBitmap
ImageList_DragEnter
ImageList_SetDragCursorImage
ImageList_GetIconSize
InitCommonControlsEx
CreatePropertySheetPage
ImageList_GetImageRect
DrawStatusText
ImageList_DragShowNolock
ImageList_Duplicate
ImageList_DrawEx
ImageList_DragLeave

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a6e7470392a3fd9e326237c33dcfd1f

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

comctl32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 248KB - Virtual size: 244KB

.data Size: 116KB - Virtual size: 124KB

.rsrc Size: 76KB - Virtual size: 75KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 248KB - Virtual size: 244KB

.data
Size: 116KB - Virtual size: 124KB

.rsrc
Size: 76KB - Virtual size: 75KB