83f991da0cb6f2597316d9ce77216f58_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83f991da0cb6f2597316d9ce77216f58_JaffaCakes118
Size

868KB
MD5

83f991da0cb6f2597316d9ce77216f58
SHA1

c26a376d9b64a267c8a21f43052a5e8e04182a30
SHA256

f4af8bb8d8774d976d7efc03f957d23426b034f6e4b2d649d4322bcdc1a647df
SHA512

44dd2c627a0f3714a4588ad00a97e4e2ecc707a0eb17b676a3c86b62d1aebf9227c682f80ae9d49dadea8769a80fccf02b7271316687d4144b98cc9cb075cda8
SSDEEP

24576:Fwx7OyyEydTaeQTA6cPKWD6mR10NFUp4WW:G1yd3UxWDN+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83f991da0cb6f2597316d9ce77216f58_JaffaCakes118

Files

83f991da0cb6f2597316d9ce77216f58_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f9cf01f476e14fc01c9871aa9086601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\rw\dsp\spscvse.pdb

Imports

shell32

SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW
SHChangeNotify
SHGetFileInfoW

user32

DrawFocusRect
GetMessagePos
SystemParametersInfoW
RemoveMenu
IsZoomed
SetCursor
RegisterClassExW
GetWindow
EmptyClipboard
SetForegroundWindow
LoadStringW
LoadBitmapW
OffsetRect
ReleaseDC
DestroyAcceleratorTable
MessageBoxW
GetClassInfoW
GetDesktopWindow
LoadCursorW
DestroyWindow
GetDlgItem
RegisterClassW
SendMessageW
CopyRect
IsClipboardFormatAvailable
SetTimer
GetMessageW
FindWindowW
KillTimer
GetDC
GetDoubleClickTime
MapWindowPoints
UnregisterClassA
GetScrollInfo
GetScrollPos
IsDlgButtonChecked
GetSysColor
IsWindowEnabled
DrawFrameControl
CheckMenuItem
OpenClipboard
UnpackDDElParam
CreateWindowExW
GetClassNameW
ShowWindow
LoadAcceleratorsW
DrawEdge
PostQuitMessage
DeleteMenu
GetUpdateRect
LoadImageW
DefWindowProcW
EnableWindow

kernel32

InitializeCriticalSection
SetEnvironmentVariableA
WriteFile
GetCurrentProcessId
TlsGetValue
HeapCreate
GetStartupInfoW
InterlockedDecrement
LeaveCriticalSection
MultiByteToWideChar
FlushFileBuffers
InterlockedExchange
CompareStringW
WaitForSingleObject
LoadLibraryA
GetStartupInfoA
IsValidCodePage
OutputDebugStringA
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
GetStdHandle
FreeEnvironmentStringsW
LoadLibraryW
WriteConsoleA
HeapValidate
TlsAlloc
ReadFile
Sleep
GetStringTypeW
WriteConsoleW
HeapReAlloc
GetConsoleCP
DebugBreak
HeapDestroy
VirtualFree
GetConsoleOutputCP
WideCharToMultiByte
RaiseException
GetLocaleInfoA
GetProcAddress
GetFileType
GetSystemTimeAsFileTime
VirtualQuery
GetModuleHandleA
TlsFree
GetModuleHandleW
GetCurrentProcess
QueryPerformanceCounter
SetHandleCount
VirtualAlloc
CreateFileA
ExitProcess
GetACP
SetConsoleCtrlHandler
TlsSetValue
GetCPInfo
LCMapStringA
TerminateProcess
SetFilePointer
RtlUnwind
GetDateFormatA
CompareStringA
GetConsoleMode
GetTimeFormatA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedIncrement
SetLastError
GetTickCount
CreateMutexW
GetModuleFileNameA
GetLastError
GetCommandLineW
IsBadReadPtr
CloseHandle
GetEnvironmentStringsW
LocalFree
GetOEMCP
GetModuleFileNameW
HeapFree
GetTimeZoneInformation
OutputDebugStringW
HeapAlloc
LCMapStringW
GetStringTypeA
SetStdHandle
EnterCriticalSection
HeapSize

comctl32

ImageList_GetImageCount
ImageList_AddMasked
_TrackMouseEvent
ImageList_GetIcon
ord17

shlwapi

PathFindFileNameA
PathRemoveFileSpecA
PathAppendA
PathRemoveExtensionA
PathStripToRootA
PathFindExtensionA
PathSkipRootA
SHDeleteKeyA
PathAddBackslashA
PathFileExistsA
PathIsUNCA

gdi32

BitBlt
RoundRect
EndPage
EndDoc
GetBkColor
GetDCOrgEx
GetMapMode
CreateRoundRectRgn
RealizePalette
CreateICA
GetStretchBltMode
GetTextExtentPointA
StartDocA
GetObjectType
PtVisible
CreatePen
GetRegionData
GetStockObject
SetBkColor
GetTextExtentPoint32A
StrokeAndFillPath
GetViewportOrgEx
GetTextCharacterExtra
CreatePolygonRgn
SelectPalette
Ellipse
GetCharWidthA
CreateFontA
SetBoundsRect
SetAbortProc
CreateSolidBrush
CreateBitmap
FillPath
CreateRectRgnIndirect
RestoreDC
GetTextMetricsA
DeleteObject
Escape
CloseFigure
OffsetViewportOrgEx
GetBoundsRect
GetTextFaceA
Polyline
CreateEllipticRgn
CreatePalette
SelectObject
PatBlt
CreatePenIndirect
GetClipBox
GetPolyFillMode
CreateRectRgn
GetDeviceCaps
LPtoDP
GetFontData
StartPage
CreateCompatibleDC
StretchBlt
GetNearestColor
DPtoLP
SetROP2
UnrealizeObject
ResetDCA
FloodFill
SaveDC
GetViewportExtEx
ExtFloodFill
DeleteMetaFile
SetRectRgn
SetStretchBltMode
SetTextAlign
StretchDIBits
OffsetRgn
SetMapMode
UpdateColors

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f9cf01f476e14fc01c9871aa9086601

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

kernel32

comctl32

shlwapi

gdi32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 504KB - Virtual size: 503KB

.data Size: 116KB - Virtual size: 125KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 504KB - Virtual size: 503KB

.data
Size: 116KB - Virtual size: 125KB

.rsrc
Size: 24KB - Virtual size: 20KB