82ad47d4bb53b74ddf75c7fc55d6ea16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82ad47d4bb53b74ddf75c7fc55d6ea16_JaffaCakes118
Size

552KB
MD5

82ad47d4bb53b74ddf75c7fc55d6ea16
SHA1

f0df3f389797f5f65825120e039c336824513eae
SHA256

de6db6c09cf8f6defc7a2da1b125961db3ea368e103f0cd10fb0807f30bc150f
SHA512

c00718600eb55c35cc95764b14ef0a4a98bc85f1bb428b6976a2079fb5f8eae9b079579b4d345e6d8ddf8d08da2f634c54bc0e996a5498e3f5d4966d31eed929
SSDEEP

12288:D9uGTNxfQ8a7UlDMvmP0+ZgFsIDh3Ij7at6FNZ/hW:DAofDa7UpM7XFDh4j7aUFn/h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82ad47d4bb53b74ddf75c7fc55d6ea16_JaffaCakes118

Files

82ad47d4bb53b74ddf75c7fc55d6ea16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

078449f0911ad1a975f54d570c1d3d07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\oamcte

Imports

shell32

DragQueryFileW
DragAcceptFiles
ExtractAssociatedIconW
SHQueryRecycleBinW
DragQueryFileA

user32

SetMenuContextHelpId
CharUpperA
CharLowerA
DdeQueryNextServer
CharToOemW
GetMonitorInfoW
UnregisterClassA
RegisterClassA
CreateIconFromResourceEx
GrayStringA
GetMenuItemInfoA
OpenWindowStationW
EqualRect
GetMenuContextHelpId
SendIMEMessageExW
CreateWindowExA
AttachThreadInput
InvalidateRect
SetScrollInfo
InsertMenuW
DdeSetQualityOfService
ReplyMessage
IsWindowVisible
GetDialogBaseUnits
RegisterClassW
MessageBoxA
MessageBoxExA
DestroyWindow
MapVirtualKeyExA
DefWindowProcA
SetDoubleClickTime
ScrollWindowEx
DrawStateW
EnumClipboardFormats
CreateMDIWindowA
EnumPropsExA
SetWindowLongW
EnumDisplaySettingsW
RegisterClassExA
GetTabbedTextExtentA
EnumWindows
InsertMenuItemW
ChangeMenuW
UnhookWindowsHook
LockWindowUpdate
GetThreadDesktop
IsZoomed
GetKeyboardLayoutNameW
ShowWindow
GetKeyboardLayoutNameA

comdlg32

PageSetupDlgA
ChooseColorA
ReplaceTextW
GetSaveFileNameA

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsA
MapViewOfFileEx
GetUserDefaultLCID
InitializeCriticalSection
VirtualAlloc
GetCurrentProcessId
lstrlenA
HeapCreate
GetLogicalDriveStringsW
LocalFlags
WriteFile
lstrcpynA
FileTimeToLocalFileTime
TlsFree
HeapSize
GetVersionExA
GetPrivateProfileStructW
FlushInstructionCache
GetLastError
LoadLibraryA
SetEnvironmentVariableW
GetTickCount
GetCurrentThread
HeapDestroy
GetFileSize
VirtualQueryEx
HeapFree
GetTimeZoneInformation
GlobalFix
VirtualFree
RtlUnwind
TlsGetValue
GetModuleFileNameW
lstrcmpiW
WideCharToMultiByte
GetCurrentThreadId
SetStdHandle
GetModuleFileNameA
CompareStringA
SetSystemTime
WriteConsoleW
InterlockedIncrement
GetStringTypeA
FreeEnvironmentStringsW
GetLocaleInfoA
LockResource
LeaveCriticalSection
ReadConsoleOutputAttribute
GetACP
IsValidLocale
CreateMutexA
IsValidCodePage
CreateFileW
EnterCriticalSection
TerminateProcess
GetPrivateProfileStructA
OpenSemaphoreA
CreateRemoteThread
UnhandledExceptionFilter
LCMapStringW
GetStdHandle
WaitForSingleObjectEx
ReadFile
TlsAlloc
VirtualFreeEx
TransactNamedPipe
GetDiskFreeSpaceExW
InterlockedDecrement
GetOEMCP
MultiByteToWideChar
GetVersion
EnumSystemLocalesA
GetLocaleInfoW
GetCommandLineA
lstrlenW
RtlMoveMemory
CloseHandle
RtlZeroMemory
ExitProcess
GetTimeFormatA
FindClose
SetThreadAffinityMask
GetStartupInfoW
LCMapStringA
HeapAlloc
GetModuleHandleA
IsBadWritePtr
FindNextFileA
SetEnvironmentVariableA
VirtualQuery
QueryPerformanceCounter
ConvertDefaultLocale
LockFileEx
SetHandleCount
CopyFileA
GetCurrentProcess
SetFilePointer
GetSystemTimeAsFileTime
GetDateFormatA
InterlockedExchange
CompareStringW
GetCommandLineW
TlsSetValue
GetProfileStringA
GetEnvironmentStrings
GetFileTime
FlushFileBuffers
GetNamedPipeHandleStateW
DeleteCriticalSection
HeapReAlloc
GetStringTypeW
SetLastError
GetProcAddress
GetCPInfo
GetFileType
OpenMutexA
GetStartupInfoA
VirtualProtect
GetSystemInfo

comctl32

ImageList_Draw
DestroyPropertySheetPage
ImageList_Duplicate
ImageList_ReplaceIcon
CreateMappedBitmap
ImageList_SetFilter
InitCommonControlsEx
ImageList_Merge
ImageList_Destroy
ImageList_SetImageCount
InitMUILanguage
ImageList_BeginDrag
DrawStatusTextW
ImageList_SetBkColor

advapi32

RegEnumKeyA
RegSetValueExA
CryptGenRandom
RegSetValueExW
RegOpenKeyExA
RegRestoreKeyA
RegQueryMultipleValuesW
LookupAccountNameA
CryptSetProviderExW
CryptEnumProvidersA
RegQueryInfoKeyW
CryptGenKey
DuplicateTokenEx
RevertToSelf
LookupAccountSidW
InitiateSystemShutdownW
CryptSetKeyParam
CryptContextAddRef

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

078449f0911ad1a975f54d570c1d3d07

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

comdlg32

kernel32

comctl32

advapi32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 268KB - Virtual size: 267KB

.data Size: 104KB - Virtual size: 124KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 268KB - Virtual size: 267KB

.data
Size: 104KB - Virtual size: 124KB

.rsrc
Size: 20KB - Virtual size: 19KB