77f66c9ec2df089c9f50d67f6950284f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77f66c9ec2df089c9f50d67f6950284f_JaffaCakes118
Size

792KB
MD5

77f66c9ec2df089c9f50d67f6950284f
SHA1

7d79fa3e2d758fbd6f86cd7ce6157eaee704b11a
SHA256

13f74166eb826aaf9b48ab62ed92eea94bab7876c466a3803ddb975e5a1678f5
SHA512

eee3818fcff2c9dddc42de9cb4fbeea655fa97f993becd3f13f09328e5351b717b5ab58f81dffdfd8c2672e5a96bf507c1e58741d1f82b613f03fbee637de6f1
SSDEEP

12288:CinStSu32SXZ6asxfzh6Z51wORDk6EcKmp8T5bQsD6tHfqt+0RetU:CiS7mSXAxfo5WOFkp75sg3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77f66c9ec2df089c9f50d67f6950284f_JaffaCakes118

Files

77f66c9ec2df089c9f50d67f6950284f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f12bd6987497110f602f81d0f5dfdf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eulr\yapasvpt\ofsek.pdb

Imports

gdi32

PtInRegion
GetROP2
SetPaletteEntries
Polygon
GetFontData
CreateScalableFontResourceA

kernel32

SetHandleCount
GetConsoleOutputCP
GetProcessHeap
QueryPerformanceCounter
ExitProcess
GetDiskFreeSpaceW
TlsGetValue
RtlUnwind
GetLocaleInfoW
GetPrivateProfileSectionNamesA
LeaveCriticalSection
OpenMutexA
SetEnvironmentVariableA
HeapSize
CompareStringA
SetConsoleCtrlHandler
GetStartupInfoA
TlsFree
GetModuleFileNameA
DeleteFiber
GetSystemTimeAsFileTime
GetCurrentProcessId
VirtualAlloc
CreateMutexA
CompareStringW
LCMapStringW
FreeEnvironmentStringsA
MultiByteToWideChar
GetCurrentProcess
GetConsoleMode
WideCharToMultiByte
GetLastError
VirtualQuery
HeapAlloc
FreeLibrary
GetTickCount
LoadLibraryA
GetEnvironmentStrings
GetStringTypeA
GetSystemTimeAdjustment
GetCurrentThread
InterlockedIncrement
GetStringTypeW
HeapReAlloc
GetOEMCP
SetUnhandledExceptionFilter
GetUserDefaultLCID
InterlockedExchange
GetDriveTypeA
GetShortPathNameA
VirtualFree
GetProcAddress
FlushFileBuffers
lstrcpyA
GetTimeFormatA
GetDateFormatA
SetStdHandle
GetStdHandle
InitializeCriticalSection
HeapDestroy
GetThreadPriorityBoost
CreateFileA
GetModuleHandleA
GetTimeZoneInformation
WriteFile
IsValidLocale
SetFilePointer
GetConsoleCP
Sleep
DeleteCriticalSection
CloseHandle
GetVersionExA
GetLocaleInfoA
InterlockedDecrement
WriteConsoleW
GetCurrentThreadId
GetCPInfo
IsValidCodePage
OpenFile
TlsSetValue
TlsAlloc
HeapCreate
SetLastError
UnhandledExceptionFilter
EnumSystemLocalesA
WriteConsoleInputW
FreeEnvironmentStringsW
GetFileType
GetEnvironmentStringsW
GetCommandLineA
WriteConsoleA
IsDebuggerPresent
TerminateProcess
GetProfileIntW
GetACP
HeapFree
LCMapStringA
ReadFile
EnterCriticalSection

shell32

RealShellExecuteExW
SHGetDataFromIDListA
ExtractIconExW

advapi32

RegOpenKeyA
RegOpenKeyExW
CryptEnumProviderTypesA
CryptDestroyHash
RegSetValueExA
InitializeSecurityDescriptor
RegEnumKeyExW
CryptEncrypt
LookupPrivilegeNameW
RegDeleteKeyA
StartServiceW
CryptSetProviderA
LookupPrivilegeValueW
RegRestoreKeyW
RegSaveKeyW
CryptSetProviderW
CryptDuplicateHash
RegQueryValueA

comctl32

CreateStatusWindowA
CreatePropertySheetPageA
ImageList_BeginDrag
ImageList_Merge
ImageList_SetOverlayImage
InitMUILanguage
ImageList_Read
DrawStatusTextA
CreatePropertySheetPage
ImageList_GetFlags
ImageList_SetBkColor
CreatePropertySheetPageW
ImageList_SetFilter
ImageList_Replace
ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetIconSize
ImageList_Remove
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_GetBkColor
GetEffectiveClientRect

user32

CharToOemBuffA
UpdateWindow
DdeConnectList
SetClipboardViewer
LoadMenuIndirectA
RegisterClassA
MessageBoxIndirectW
VkKeyScanExA
CreateDialogParamA
CreateCaret
DdeCreateStringHandleW
ToUnicode
FrameRect
SetWindowPlacement
RedrawWindow
SendMessageA
GetPropA
SetKeyboardState
DestroyWindow
GetOpenClipboardWindow
MonitorFromWindow
TranslateMDISysAccel
GetComboBoxInfo
DdeAccessData
GetCaretPos
VkKeyScanA
RegisterClassExA
EnumPropsW
GetKeyboardType
MessageBoxExW
BroadcastSystemMessageW
CharPrevA
GetClipboardSequenceNumber
SetCaretBlinkTime
RegisterDeviceNotificationW
EnumDisplaySettingsExA
SetSysColors
AnyPopup
GetCaretBlinkTime
DefWindowProcA
DdeKeepStringHandle
ShowWindow
SetWindowRgn
EnumDisplayDevicesW
EnumPropsExW
FindWindowExW
MessageBoxA
DefFrameProcW
WaitMessage
InvalidateRgn
OpenDesktopA
GetScrollInfo
RegisterDeviceNotificationA
DrawStateW
EnumDisplayDevicesA
SubtractRect
IsCharLowerA
CreateWindowExA
DialogBoxParamW
SetPropA
GetNextDlgGroupItem
SwitchToThisWindow
DrawFocusRect
ScrollWindow
GetTopWindow
GetClipboardFormatNameA
GetUserObjectSecurity
GetMessageW
CallNextHookEx

comdlg32

ChooseFontW
PrintDlgA

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f12bd6987497110f602f81d0f5dfdf5

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

shell32

advapi32

comctl32

user32

comdlg32

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 396KB - Virtual size: 393KB

.data Size: 144KB - Virtual size: 143KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 396KB - Virtual size: 393KB

.data
Size: 144KB - Virtual size: 143KB

.rsrc
Size: 36KB - Virtual size: 33KB