84ea0f9100781b7540f699029d6db5cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84ea0f9100781b7540f699029d6db5cb_JaffaCakes118
Size

708KB
MD5

84ea0f9100781b7540f699029d6db5cb
SHA1

5d6e31b0b49ad0ede6d26855f0c2dce3a80d7da5
SHA256

ef7e1cb6c6bea326bfa5c0fce813d702ac8e4b0d2467727fbe00be69720f28a8
SHA512

34e0d269ab1bffd6498e433140a01127bae82c1b34e5298b6c50a3c493a3e39c59ee862620953f86e740fb2e3daf9a2e18a45e2e4df8f135b14e2aec49a2fff9
SSDEEP

12288:mMe/3XRhovH3DXPUZy+KSXFwJpvS1vnZ0fsmV9lxuxokdTJWSOdDpJA7:98RIHzEoiwmxefpV9/kokdQSA3A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84ea0f9100781b7540f699029d6db5cb_JaffaCakes118

Files

84ea0f9100781b7540f699029d6db5cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cbe05c79a79da84d97f31d4535e88a96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\eoo\des\ooo.pdb

Imports

kernel32

TerminateProcess
HeapCreate
GetOEMCP
HeapDestroy
QueryPerformanceCounter
FreeLibrary
SetStdHandle
GetStringTypeW
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
DeleteCriticalSection
TlsAlloc
FreeEnvironmentStringsW
IsValidLocale
TlsSetValue
VirtualAlloc
CompareStringA
InitializeCriticalSection
GetConsoleCP
FreeEnvironmentStringsA
Sleep
HeapFree
WriteConsoleA
SetEnvironmentVariableA
UnhandledExceptionFilter
GetVersionExA
GetTimeZoneInformation
GetCurrentProcess
WriteConsoleW
GetEnvironmentStringsW
LCMapStringW
GetModuleHandleA
GetConsoleOutputCP
SetLastError
EnumSystemLocalesA
InterlockedIncrement
CloseHandle
GetStringTypeA
GetDateFormatA
GetEnvironmentStrings
InterlockedDecrement
IsValidCodePage
GetLastError
RaiseException
HeapSize
IsDebuggerPresent
LoadLibraryA
WideCharToMultiByte
CreateMutexA
VirtualQuery
GetProcessHeap
SetHandleCount
InterlockedExchange
LeaveCriticalSection
GetProcAddress
GetLocaleInfoA
TlsGetValue
GetStartupInfoA
RtlUnwind
GetUserDefaultLCID
VirtualFree
GetModuleFileNameA
CreateFileA
SetUnhandledExceptionFilter
FatalAppExitA
HeapAlloc
GetFileType
ReadFile
GetCommandLineA
GetCurrentProcessId
WriteFile
GetTickCount
GetTimeFormatA
GetLocaleInfoW
EnterCriticalSection
TlsFree
GetCurrentThreadId
MultiByteToWideChar
GetCPInfo
FlushFileBuffers
SetFilePointer
ExitProcess
GetCurrentThread
CompareStringW
GetConsoleMode
GetStdHandle
LCMapStringA
GetACP
HeapReAlloc

wininet

HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetConnectA
InternetReadFile
InternetCanonicalizeUrlA
InternetCrackUrlA

user32

GetWindowLongA
GetMessageA
OffsetRect
SetMenuDefaultItem
GetSysColor
DestroyIcon
ReleaseCapture
SetCaretPos
GetDlgCtrlID
DrawIcon
CreateMenu
RegisterClassExA
EnableMenuItem
GetWindowTextA
VkKeyScanA
GetScrollRange
GetWindowTextLengthA
WaitMessage
PostMessageA
EndDialog
LoadCursorA
GetActiveWindow
RegisterClassA
MessageBoxA
DefWindowProcA
MessageBeep
DrawTextA
ShowWindow
DestroyWindow
MoveWindow
CreateWindowExA
SetWindowLongA
FindWindowA
GetScrollInfo
GetCursorPos
DrawIconEx
TranslateMessage
SetParent
LoadIconA
GetSysColorBrush
ReleaseDC
GetTopWindow
UnpackDDElParam
SetWindowPos

shell32

ShellExecuteW
DragAcceptFiles
SHGetFileInfoW
ExtractIconW

advapi32

CryptAcquireContextA
RegCloseKey
RegSetValueExA

gdi32

EnumObjects
GetKerningPairsA
GetObjectType
PlayMetaFileRecord
SelectClipRgn
GetTextFaceA
AnimatePalette
GetTextAlign
ExtTextOutA
DrawEscape
EndDoc
GetTextExtentPointA
CreateHalftonePalette
GetAspectRatioFilterEx
GetBkColor
GetStretchBltMode
DeleteObject
GetCharWidthFloatA
Chord
SetColorAdjustment
CreateDCA
CreatePen
GetClipBox
GetCharABCWidthsFloatA
StartDocA
StretchDIBits
BitBlt
GetFontData
CloseFigure
PolyBezier
ExtEscape
PlayEnhMetaFile
EnumMetaFile
CreateDIBPatternBrushPt
RealizePalette
GetObjectA
DeleteDC
PolyBezierTo
SelectObject
StartPage
SetTextColor
CreateCompatibleDC
CreatePatternBrush
InvertRgn
StrokeAndFillPath
GetCurrentObject
GetColorAdjustment
Polyline
CreateBrushIndirect
ResizePalette
GetBitmapDimensionEx
GetPolyFillMode
CreateFontA
SetBoundsRect
SetBitmapDimensionEx
GetCurrentPositionEx
SelectPalette
GetBrushOrgEx
CreateEllipticRgn
PathToRegion
RectVisible
GetPaletteEntries
TextOutA
GetWindowExtEx
GetNearestPaletteIndex
GetPath
GdiComment
GetBkMode
PolyPolygon
PlgBlt
SetMiterLimit
PolyDraw
PatBlt
EndPage
Arc
OffsetRgn
FlattenPath
AngleArc
SetViewportExtEx
ArcTo
SetMapperFlags
CreatePolyPolygonRgn
AbortPath
CreateFontIndirectA
Ellipse
WidenPath
GetMiterLimit
CreateDiscardableBitmap
DeleteMetaFile
GetDeviceCaps

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cbe05c79a79da84d97f31d4535e88a96

Headers

File Characteristics

PDB Paths

Imports

kernel32

wininet

user32

shell32

advapi32

gdi32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 460KB - Virtual size: 457KB

.data Size: 104KB - Virtual size: 100KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 460KB - Virtual size: 457KB

.data
Size: 104KB - Virtual size: 100KB

.rsrc
Size: 28KB - Virtual size: 25KB