71ea7664b409f269092396a7e436280c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71ea7664b409f269092396a7e436280c_JaffaCakes118
Size

768KB
MD5

71ea7664b409f269092396a7e436280c
SHA1

512ed859db2b73cfbc2c24a334913f645ab26fd5
SHA256

681bf3e161effe2237ad6b79bbe09d6ccd9abda93aec2de5f6f0ec094a67d52d
SHA512

108f37585c3ec3740c69bd35895826de237c69902d18ca6b53b6b2b51beb95db58f9fd6289f0caf50eb66f5d580e93cc2877ff3d6a0c16479355da77cba9420d
SSDEEP

12288:cf71UQ8pOnwhPFUel6sPaarwdhchNttx7y7Wd9Nib8nDYhv36HojT1BK4G1G/1qK:cz1UxZ+sP38hchNttxy7Wbobj6I/1y1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ea7664b409f269092396a7e436280c_JaffaCakes118

Files

71ea7664b409f269092396a7e436280c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e464acdde102afd37af8f35edeeeea8d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\eywtoye\xasjylhi\dgscseo\veutesnrrs.PDB

Imports

user32

MsgWaitForMultipleObjects
DdeDisconnect
DispatchMessageW
ChangeDisplaySettingsW
AttachThreadInput
IsDialogMessageW
SetMenuInfo
ShowWindow
TranslateAccelerator
SetTimer
CharPrevExA
RegisterClassExA
DdeImpersonateClient
EditWndProc
PeekMessageA
DestroyWindow
EnumDesktopWindows
SetSysColors
OpenClipboard
AnyPopup
EnumDisplaySettingsW
GetKeyboardLayoutNameW
GetSystemMetrics
RegisterClassA
ReleaseCapture
IsChild
CreateWindowExA
CharUpperA
ChangeDisplaySettingsA
DefWindowProcW
RedrawWindow
EnumPropsExA
GetWindowRgn
GetDesktopWindow
GetClassLongW
GetActiveWindow
RegisterDeviceNotificationW
CreateDialogIndirectParamW
DrawFrameControl
TranslateAcceleratorW
DlgDirSelectExW
GetClipCursor
ChildWindowFromPoint
DestroyMenu
ClientToScreen
UnionRect
SetRectEmpty
SetDlgItemTextA
SetWindowsHookA
MessageBoxW
GetClipboardFormatNameW
GetMenuStringW
DdePostAdvise
DdeUnaccessData

comctl32

ImageList_Read
CreateToolbar
ImageList_SetFlags
InitCommonControlsEx
ImageList_GetFlags
ImageList_DragEnter
ImageList_DragMove
ImageList_GetDragImage
CreateToolbarEx
ImageList_SetBkColor
ImageList_DrawEx
DestroyPropertySheetPage
CreatePropertySheetPage
CreateMappedBitmap
CreateUpDownControl
ImageList_AddIcon
DrawInsert
ImageList_EndDrag
ImageList_BeginDrag

kernel32

ReadFile
LoadLibraryW
DebugBreak
SetEnvironmentVariableA
GetConsoleMode
GetModuleFileNameA
GetOEMCP
FreeEnvironmentStringsW
UnlockFileEx
CreateFileA
HeapCreate
InterlockedIncrement
OutputDebugStringA
TlsFree
lstrcpy
IsBadReadPtr
GetPriorityClass
GetVersionExA
WideCharToMultiByte
GetProcessHeap
GetProcAddress
VirtualQuery
ReadConsoleInputA
IsValidLocale
CompareStringA
SetConsoleScreenBufferSize
WriteFileEx
WriteConsoleOutputCharacterA
lstrcat
WriteConsoleOutputA
UnhandledExceptionFilter
OutputDebugStringW
GetStringTypeW
EnumCalendarInfoW
HeapValidate
GlobalAddAtomA
EnumDateFormatsExA
WriteProfileStringW
EnumSystemLocalesA
VirtualFreeEx
EnumCalendarInfoExA
GetStringTypeA
TerminateProcess
SetVolumeLabelA
WriteProfileSectionW
HeapDestroy
GetEnvironmentStringsA
GetCommandLineA
GetStartupInfoA
InterlockedCompareExchange
MoveFileExW
GetShortPathNameA
RaiseException
TransmitCommChar
GetCommandLineW
OpenFileMappingW
InterlockedDecrement
GetTimeZoneInformation
InitializeCriticalSection
FlushFileBuffers
FreeEnvironmentStringsA
HeapReAlloc
lstrcpyW
LeaveCriticalSection
CreateDirectoryA
GetLastError
GetTickCount
SetConsoleCtrlHandler
GetModuleHandleA
FindNextFileA
HeapAlloc
VirtualUnlock
GetLocaleInfoW
GetExitCodeThread
GetCPInfo
QueryPerformanceCounter
GetEnvironmentStrings
EnterCriticalSection
GetEnvironmentStringsW
IsValidCodePage
GetUserDefaultLCID
SetFilePointer
OpenSemaphoreA
GlobalLock
FlushConsoleInputBuffer
SetUnhandledExceptionFilter
lstrlenA
CreateMutexA
GetCurrentProcess
SetVolumeLabelW
OpenMutexA
ReadConsoleOutputCharacterA
GetProfileStringW
GetEnvironmentVariableA
TlsGetValue
MoveFileA
EnumDateFormatsW
GetTimeFormatA
RtlUnwind
GetACP
VirtualAlloc
ReadConsoleOutputA
SetFileTime
SetComputerNameA
GetConsoleOutputCP
GetCompressedFileSizeW
LCMapStringA
GetAtomNameW
GetLocaleInfoA
WriteConsoleA
CloseHandle
TlsAlloc
FreeLibrary
FormatMessageW
GetConsoleCP
HeapFree
WriteConsoleW
GetStdHandle
CompareStringW
WriteFile
GetCurrentThreadId
SetStdHandle
GetDateFormatA
ExitProcess
GetFileType
MultiByteToWideChar
GetCurrentProcessId
GetSystemTimeAdjustment
FindFirstFileExA
SetHandleCount
LoadLibraryA
TlsSetValue
SetLastError
FileTimeToSystemTime
VirtualFree
FindResourceW
GetCurrentThread
DeleteFileW
HeapSize
InterlockedExchange
DeleteCriticalSection
WaitNamedPipeW
EnumSystemCodePagesA
GetProfileSectionA
IsDebuggerPresent
LCMapStringW
GetModuleFileNameW
SetConsoleTitleW
GetStartupInfoW
GlobalGetAtomNameW
GetSystemTimeAsFileTime
AddAtomW

Sections

.text
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e464acdde102afd37af8f35edeeeea8d

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 344KB - Virtual size: 342KB

.rdata Size: 284KB - Virtual size: 282KB

.data Size: 120KB - Virtual size: 141KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 344KB - Virtual size: 342KB

.rdata
Size: 284KB - Virtual size: 282KB

.data
Size: 120KB - Virtual size: 141KB

.rsrc
Size: 16KB - Virtual size: 13KB