720d832533c5f09bd292dff6d0aa3960_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

720d832533c5f09bd292dff6d0aa3960_JaffaCakes118
Size

784KB
MD5

720d832533c5f09bd292dff6d0aa3960
SHA1

316d6ceabd095f2490d5624318c2c06a7c97903a
SHA256

52f58dfbe57bcbe9e599f892bbb414b6fb31c993a162c616a0642ee235734aaa
SHA512

9d4c8e7353421adc9e756a774e99cb63dec8fca5e844b93c4a4663d31483f1c449aba74592752e3d993a64da560d020aa0e14c78f0949ebf41992ad688e16126
SSDEEP

24576:MTldgoK2XhsKkJd63sc6smp1eL3jiFXEG:L4ky/Nmp1ezm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
720d832533c5f09bd292dff6d0aa3960_JaffaCakes118

Files

720d832533c5f09bd292dff6d0aa3960_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc059235e38a862d954b6837785cab55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ele

Imports

comdlg32

ReplaceTextW
PrintDlgA
GetSaveFileNameA

wininet

FindFirstUrlCacheEntryW
FtpOpenFileW

comctl32

DrawStatusTextW
ImageList_GetBkColor
ImageList_Create
ImageList_SetBkColor
ImageList_DragLeave
CreateStatusWindow
ImageList_AddIcon
DrawInsert
CreateMappedBitmap
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_BeginDrag
InitCommonControlsEx
ImageList_Write
DrawStatusText
ImageList_Read
ImageList_Replace
CreateToolbarEx
ImageList_GetIconSize
ImageList_Remove
CreatePropertySheetPageA
ImageList_SetIconSize
ImageList_GetImageInfo

user32

RemovePropW
BroadcastSystemMessageW
LoadMenuA
GetKeyboardType
GetUserObjectInformationW
DrawFrameControl
GetKeyboardLayoutNameW
DragDetect
ImpersonateDdeClientWindow
IsDialogMessageA
GetLastActivePopup
CharUpperA
UpdateWindow
GetMessageW
WinHelpA
GetWindowLongA
PeekMessageW
CreateWindowExW
SetScrollPos
TileWindows
GetProcessDefaultLayout
SetShellWindow
ShowCursor
CharNextExA
InvertRect
LoadAcceleratorsW
wvsprintfA
GetClassInfoExA
GrayStringA
InflateRect
PackDDElParam
LookupIconIdFromDirectory
GetMenuStringA
FindWindowExA
SetTimer
SendMessageTimeoutW
EnumDesktopsA
SetParent
SendDlgItemMessageA
SetCaretPos
IsCharLowerW
wsprintfW
MessageBoxA
GetMenu
DrawCaption
RegisterClassA
wsprintfA
EnumPropsW
IsCharAlphaA
FillRect
DefWindowProcW
GetKeyboardState
GetWindowTextA
OemToCharBuffW
RealChildWindowFromPoint
ShowWindow
ChildWindowFromPointEx
RegisterClassExA
LoadBitmapW
DestroyWindow
EnumDisplaySettingsExW
GetClassWord
EnableWindow
GetSubMenu
BringWindowToTop
DrawTextExA
SwitchToThisWindow
DdeGetLastError
GetAncestor
WaitForInputIdle
CreateWindowExA
IsDialogMessage
GetWindowTextLengthW
GetPropW
SetUserObjectInformationW

kernel32

GetCommandLineW
CloseHandle
VirtualAlloc
GetStartupInfoW
TerminateProcess
DeleteCriticalSection
InterlockedDecrement
SetEnvironmentVariableA
CreateDirectoryW
GetCurrencyFormatW
LCMapStringA
IsBadWritePtr
WritePrivateProfileSectionA
LeaveCriticalSection
GetModuleFileNameW
GetLastError
QueryPerformanceCounter
VirtualFree
GetCurrentThread
TlsFree
InterlockedIncrement
SetHandleCount
EnterCriticalSection
HeapAlloc
CreateRemoteThread
GetConsoleCP
WriteConsoleOutputCharacterW
SetStdHandle
VirtualQuery
TlsAlloc
WideCharToMultiByte
HeapCreate
LocalHandle
GetThreadPriorityBoost
GetModuleFileNameA
GetTimeZoneInformation
WriteFile
FlushFileBuffers
OpenMutexA
GetCommandLineA
LoadLibraryA
GetSystemTimeAsFileTime
GetCPInfo
InitializeCriticalSection
RtlUnwind
CompareStringW
CreateMutexA
GetEnvironmentStrings
HeapFree
FreeEnvironmentStringsA
GetStartupInfoA
HeapDestroy
SetVolumeLabelA
SetFilePointer
UnhandledExceptionFilter
TlsGetValue
GetStringTypeA
HeapReAlloc
GetCurrentProcessId
GetVersion
ExitProcess
GetCurrentProcess
GetStringTypeW
GetFileType
ReadFile
GetTickCount
GetSystemTime
GetLocalTime
InterlockedExchange
GetModuleHandleA
SetLastError
CompareStringA
GetEnvironmentStringsW
MultiByteToWideChar
GetStdHandle
TlsSetValue
FreeEnvironmentStringsW
CreateDirectoryExA
LCMapStringW
GetCurrentThreadId
GetProcAddress

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc059235e38a862d954b6837785cab55

Headers

File Characteristics

PDB Paths

Imports

comdlg32

wininet

comctl32

user32

kernel32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 396KB - Virtual size: 395KB

.data Size: 140KB - Virtual size: 136KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 396KB - Virtual size: 395KB

.data
Size: 140KB - Virtual size: 136KB

.rsrc
Size: 76KB - Virtual size: 74KB