73e705dcaf85f4583188c2af27829a58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73e705dcaf85f4583188c2af27829a58_JaffaCakes118
Size

557KB
MD5

73e705dcaf85f4583188c2af27829a58
SHA1

0a82bc38066be9f2d72a6eaf65b303779cff11b3
SHA256

cd5fde82245acef2312cb8b79c67837a3624f23fc823a40d3ed2db1c05e212f1
SHA512

4052e796686dfbbda1a42125e3351d28459880685f18229691b93726d739acb03b0877cc4bc8e63433b625f79794085f246d2745c8e062e0801c12622a5a68d2
SSDEEP

12288:1tF6S3wFv8+OlKIuByQHrylWoMHrtbVmH0oUYDtZrHWE1VJY3uZeWY1WLJ:1T6SAd8+cKulWoqrtbVmUod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73e705dcaf85f4583188c2af27829a58_JaffaCakes118

Files

73e705dcaf85f4583188c2af27829a58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60968340af149922e3460b4050ee02b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\ybuuate.pdb

Imports

comctl32

ImageList_GetBkColor
DrawStatusTextW
ImageList_SetIconSize
ImageList_Create
DrawStatusText
ImageList_GetIconSize
CreatePropertySheetPageW
CreateStatusWindowA
CreateStatusWindow
ImageList_SetFlags
ImageList_SetFilter
ImageList_Remove
ImageList_Add
InitCommonControlsEx
ImageList_LoadImageW
ImageList_GetImageRect
InitMUILanguage
ImageList_Read
ImageList_SetDragCursorImage
ImageList_EndDrag
ImageList_DragEnter
ImageList_GetFlags

gdi32

PolyPolygon
StartDocW
GetTextMetricsW
SetRectRgn
EndPath
SetBkMode
GetGraphicsMode
Chord
EnumEnhMetaFile
CreateBitmap
GetDeviceCaps
GetLogColorSpaceW
GetClipBox
ArcTo
GetLayout

user32

GetWindowInfo
LoadStringW
SetCursor
DdeDisconnect
DeleteMenu
LookupIconIdFromDirectoryEx
OpenInputDesktop
CopyRect
DdeAccessData
RealGetWindowClass
DestroyWindow
GetMessageTime
IsWindowVisible
DrawTextExA
DdeInitializeW
DdeFreeStringHandle
MessageBoxW
GetMenu
UnhookWindowsHook
ShowWindow
DdeAbandonTransaction
GetMenuBarInfo
SendNotifyMessageW
SetWindowPos
ActivateKeyboardLayout
GetCursorPos
DlgDirListW
LoadImageA
DdeDisconnectList
MessageBoxExA
OemToCharBuffA
IsCharLowerW
IsCharAlphaA
InsertMenuItemA
GetClipboardFormatNameW
RegisterClipboardFormatA
OemKeyScan
DdeFreeDataHandle
CascadeChildWindows
DlgDirSelectComboBoxExA
SetScrollInfo
WindowFromPoint
IsZoomed
MessageBoxA
ReuseDDElParam
LookupIconIdFromDirectory
UnhookWinEvent
RegisterClassExA
DrawFrameControl
GetWindowTextLengthA
GetWindowTextW
RealChildWindowFromPoint
CreateIconIndirect
CharLowerA
SetUserObjectInformationW
DrawTextExW
DefWindowProcW
GetUserObjectInformationW
GetListBoxInfo
CreateAcceleratorTableA
IsCharUpperW
PtInRect
WINNLSGetIMEHotkey
ValidateRgn
SendDlgItemMessageA
FlashWindow
CloseClipboard
SetClassWord
DdePostAdvise
RemovePropA
GetMenuItemCount
IsWindow
DdeQueryConvInfo
SetCursorPos
OpenDesktopA
ChangeDisplaySettingsExA
CharUpperBuffW
SendIMEMessageExW
LoadKeyboardLayoutW
CascadeWindows
SwapMouseButton
SendIMEMessageExA
GetDlgItemInt
SetMenuItemInfoA
EnumThreadWindows
CreateDesktopW
GetWindowModuleFileNameW
LoadBitmapA
CharLowerW
DdeConnect
DdeCreateStringHandleA
GetSysColorBrush
CreateWindowExA
GetActiveWindow
EndPaint
GetKeyboardLayoutList
SetClassLongW
LoadMenuIndirectA
GetKeyboardLayoutNameA
LoadCursorW
GrayStringW
UnregisterHotKey
RegisterClassA

advapi32

RegDeleteValueA
CryptHashSessionKey
LogonUserA
RegRestoreKeyA
RegQueryMultipleValuesA
RegSetValueExA

shell32

SHGetPathFromIDListW
SHQueryRecycleBinW
SHFormatDrive
SHGetPathFromIDListA
ExtractIconA

wininet

InternetSetOptionA
IsUrlCacheEntryExpiredW

kernel32

GlobalHandle
OpenEventW
EnterCriticalSection
GetOEMCP
GetFileTime
WriteProfileSectionA
GetEnvironmentStrings
WriteConsoleOutputAttribute
GetLocaleInfoW
TlsSetValue
VirtualAlloc
GetConsoleCursorInfo
GetComputerNameA
CreateProcessW
LeaveCriticalSection
GetTickCount
GetCurrencyFormatA
WriteFile
GetVersionExA
lstrcpy
OpenMutexA
GetStringTypeW
IsBadWritePtr
ExitThread
VirtualQuery
RemoveDirectoryW
GetDateFormatA
GetACP
GlobalUnlock
InitializeCriticalSection
TlsAlloc
DeleteFileW
SetTimeZoneInformation
QueryPerformanceCounter
EnumSystemLocalesA
MultiByteToWideChar
WideCharToMultiByte
SetCurrentDirectoryW
GetCurrentProcess
GetUserDefaultLCID
SetHandleCount
WaitForMultipleObjects
CompareStringA
GetCurrentThread
SetEnvironmentVariableA
GetFileAttributesExA
GetProfileStringA
CloseHandle
SetConsoleMode
GetModuleHandleA
LocalAlloc
GetStdHandle
GetSystemTimeAdjustment
TerminateProcess
GetFileType
VirtualFree
LCMapStringW
GetFileAttributesA
GetModuleFileNameA
HeapAlloc
RtlUnwind
SetConsoleCursorInfo
GlobalGetAtomNameA
LCMapStringA
GetThreadContext
ReadFile
OpenEventA
SetConsoleTextAttribute
GetLongPathNameA
lstrcpynW
LocalHandle
EnumResourceNamesW
GetEnvironmentStringsW
GetCurrentProcessId
CompareFileTime
SetSystemTime
ExitProcess
LocalFlags
GetProcAddress
FindFirstFileA
DeleteCriticalSection
SetLastError
TlsFree
GetSystemInfo
GetStringTypeA
EnumDateFormatsA
GetTimeZoneInformation
CreateMutexA
GetStringTypeExW
WriteProfileStringA
GetStartupInfoA
GlobalGetAtomNameW
HeapReAlloc
HeapCreate
FlushFileBuffers
SetEnvironmentVariableW
GetTimeFormatA
InterlockedIncrement
SetFilePointer
VirtualProtect
FreeEnvironmentStringsW
lstrcatA
WriteConsoleOutputA
IsValidCodePage
CreateFileMappingA
HeapSize
TlsGetValue
GetCommandLineA
GetAtomNameA
EnumResourceNamesA
VirtualAllocEx
UnhandledExceptionFilter
CreatePipe
FindAtomW
InterlockedExchange
HeapFree
GetLastError
LocalSize
FormatMessageW
CommConfigDialogA
LocalFree
SystemTimeToFileTime
SetFileTime
GetConsoleScreenBufferInfo
GetCurrentThreadId
GetLocaleInfoA
HeapDestroy
GetSystemTimeAsFileTime
SetStdHandle
LoadLibraryA
GetCPInfo
GlobalAddAtomA
CompareStringW
IsValidLocale
LoadResource
InterlockedCompareExchange
EnumResourceLanguagesA
FreeEnvironmentStringsA

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60968340af149922e3460b4050ee02b7

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

user32

advapi32

shell32

wininet

kernel32

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 253KB - Virtual size: 253KB

.data Size: 108KB - Virtual size: 131KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 253KB - Virtual size: 253KB

.data
Size: 108KB - Virtual size: 131KB

.rsrc
Size: 34KB - Virtual size: 33KB