82cc9cd27cadc7c10ead41cd757eb87c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82cc9cd27cadc7c10ead41cd757eb87c_JaffaCakes118
Size

620KB
MD5

82cc9cd27cadc7c10ead41cd757eb87c
SHA1

8eb2a832c0d2511be8b20df8b833ac11627725a9
SHA256

d7dc6a17d39b0aaf843df643c442e48dceeb4e875d554b929062c356aec802c9
SHA512

e7880bf681fae7434887971a15e44a562bcdcbb50ca8be29822cfc364683e19e9e249000d385d4d729c214e0135864bf39e6302a55f3220e8b799aee6dec2378
SSDEEP

12288:7y3ft0rwnHHMSyGDpjg0Nysb4tNmpyZD1prVYwlfh4:7qerwKGDZ71Gg0R9YwVh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82cc9cd27cadc7c10ead41cd757eb87c_JaffaCakes118

Files

82cc9cd27cadc7c10ead41cd757eb87c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4546e1e2b0c25f8c7e9782249d17d549

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\oea\zqneaemc\ejocxj\stecel.pdb

Imports

wininet

LoadUrlCacheContent
InternetShowSecurityInfoByURLW
HttpEndRequestW
InternetQueryDataAvailable
InternetSecurityProtocolToStringW

comdlg32

ChooseColorA
ReplaceTextA
PageSetupDlgW
GetFileTitleW

user32

GetMenuItemInfoA
RegisterClassA
TabbedTextOutA
GetCaretBlinkTime
SetDebugErrorLevel
TranslateAcceleratorA
InsertMenuA
GetUserObjectInformationA
SwitchToThisWindow
ScrollDC
GetTabbedTextExtentA
SetWindowLongA
GetCaretPos
ChangeClipboardChain
ModifyMenuA
CloseWindow
GetMenu
ToUnicodeEx
SetShellWindow
VkKeyScanA
SetUserObjectInformationW
TranslateMessage
DialogBoxIndirectParamW
IsMenu
EnumDesktopWindows
MessageBoxA
IsWindowEnabled
DrawTextA
CharNextA
CreateWindowExW
CharToOemBuffW
CharUpperA
DragObject
RegisterClassExA
MessageBoxW
OpenIcon
GetWindowLongW
DdeInitializeW
DestroyWindow
LoadStringA
PostQuitMessage
GetScrollBarInfo
DefWindowProcA
VkKeyScanW
GetClassNameW
DrawStateW
GetClipboardOwner
BroadcastSystemMessageW
SwitchDesktop
ShowWindow
RealGetWindowClass
IsZoomed
ExcludeUpdateRgn
EnumDisplayDevicesA
IsCharLowerW

advapi32

RegQueryValueExA
AbortSystemShutdownW
RegEnumKeyExW
LookupAccountNameW

kernel32

GetFileAttributesExA
GetCommandLineA
GetFileType
VirtualFree
GetLocaleInfoW
GetUserDefaultLCID
UnhandledExceptionFilter
IsBadWritePtr
ExitProcess
TerminateProcess
TlsAlloc
GetProcAddress
GetStartupInfoA
GetDiskFreeSpaceW
GetStringTypeA
GetVersionExA
TlsSetValue
GetModuleHandleA
SetHandleCount
HeapReAlloc
GetModuleFileNameA
FlushFileBuffers
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetCurrentThread
SetLastError
CompareStringA
IsValidCodePage
GetLastError
HeapFree
EnumSystemLocalesW
VirtualQuery
LoadLibraryA
TlsGetValue
GetEnvironmentStringsW
DebugBreak
GetACP
InterlockedIncrement
HeapValidate
GetCPInfo
GetCurrentProcessId
WriteFile
CreateMutexA
CreateWaitableTimerA
VirtualProtect
GetLocaleInfoA
EnterCriticalSection
GetComputerNameW
InterlockedDecrement
InterlockedCompareExchange
SetStdHandle
SetFilePointer
GetTimeZoneInformation
OutputDebugStringA
GetSystemInfo
GetEnvironmentStrings
VirtualAlloc
EnumResourceTypesA
GetTimeFormatA
HeapDestroy
InterlockedExchange
GetStdHandle
HeapCreate
EnumSystemLocalesA
IsValidLocale
CloseHandle
HeapAlloc
GetTickCount
TlsFree
OpenEventW
OpenMutexA
IsBadReadPtr
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
FindFirstFileW
GetDateFormatA
LCMapStringA
FreeEnvironmentStringsW
ReadFile
GetPrivateProfileIntA
WideCharToMultiByte
LeaveCriticalSection
GetStringTypeW
FreeEnvironmentStringsA
LCMapStringW
MultiByteToWideChar
RtlUnwind
GetCurrentThreadId
CompareStringW
QueryPerformanceCounter
SetConsoleCtrlHandler
GetOEMCP

gdi32

AddFontResourceA
ScaleViewportExtEx
GdiPlayScript
ArcTo
GetMetaFileW
ExtEscape
GetTextFaceA
PlayEnhMetaFile
ResetDCA
GetCharABCWidthsW
GetCharWidth32A
CreateRoundRectRgn

comctl32

ImageList_SetDragCursorImage
ImageList_EndDrag
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_GetImageRect
ImageList_Copy
ImageList_GetImageCount
ImageList_DragMove
ImageList_DragShowNolock
ImageList_LoadImageW
CreateUpDownControl
ImageList_GetImageInfo
CreateMappedBitmap
CreatePropertySheetPageW
_TrackMouseEvent
MakeDragList
ImageList_Remove
CreatePropertySheetPage
ImageList_Read
InitCommonControlsEx
ImageList_LoadImage
ImageList_GetDragImage
ImageList_Destroy
ImageList_Add
DrawStatusText

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4546e1e2b0c25f8c7e9782249d17d549

Headers

File Characteristics

PDB Paths

Imports

wininet

comdlg32

user32

advapi32

kernel32

gdi32

comctl32

Sections

.text Size: 216KB - Virtual size: 212KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 112KB - Virtual size: 138KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 216KB - Virtual size: 212KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 112KB - Virtual size: 138KB

.rsrc
Size: 24KB - Virtual size: 20KB