8504eeb0f4521fccb5594e06cee40980_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8504eeb0f4521fccb5594e06cee40980_JaffaCakes118
Size

348KB
MD5

8504eeb0f4521fccb5594e06cee40980
SHA1

26ad31e6f846eaf80097c63ac5f95aeae953bf07
SHA256

187242c1e94e5e3334a8d55205065a651685ec6849de6c2e18e248bb1596cb75
SHA512

f1a75496fc56bb989572441460e36d6af706e6493475bb195c09c2c460f5ab455282f08f02ab4836625f99cda60cbfbf30329cd1c4fea482e35e3758cee35545
SSDEEP

6144:rzl/ddAC1L56zfLOMx3k5lesQuXPBwH7vQZTSMfYNM3K1OJV5xnSghLLKg:R3poLOM65ljQuXiHbQdSxNUJV5l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8504eeb0f4521fccb5594e06cee40980_JaffaCakes118

Files

8504eeb0f4521fccb5594e06cee40980_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1881ed92fcff73118cd4f701f1987194

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\hpsuais\ljuweebks.PDB

Imports

kernel32

GetLongPathNameW
VirtualAlloc
GetLocaleInfoW
CloseHandle
GetProcessHeaps
TlsAlloc
GetStringTypeA
VirtualProtect
GetCPInfo
HeapAlloc
GetFileTime
TlsGetValue
IsValidCodePage
HeapDestroy
WideCharToMultiByte
GetVersionExA
GetStringTypeW
GetProcAddress
LoadLibraryA
RtlUnwind
GetCurrentProcessId
GetEnvironmentStringsW
InitializeCriticalSection
GetDateFormatA
SetLastError
lstrcatA
GetModuleHandleA
DeleteCriticalSection
LeaveCriticalSection
ReadFileEx
RtlMoveMemory
GetStdHandle
WriteFile
LCMapStringW
FlushFileBuffers
SystemTimeToTzSpecificLocalTime
GetLogicalDriveStringsA
IsValidLocale
TerminateProcess
GetStartupInfoA
QueryPerformanceCounter
SetFilePointer
GetTimeFormatA
GlobalAddAtomW
GlobalFlags
VirtualFree
GetTimeZoneInformation
WriteConsoleW
CompareStringW
GetLastError
GetEnvironmentStrings
GetDiskFreeSpaceExW
SetConsoleOutputCP
GetTempFileNameW
SetPriorityClass
SetHandleCount
HeapFree
CompareStringA
GetUserDefaultLCID
GetACP
SetWaitableTimer
HeapSize
EnterCriticalSection
InterlockedExchange
FillConsoleOutputCharacterW
FreeEnvironmentStringsA
MultiByteToWideChar
GetCommandLineA
GetNamedPipeHandleStateW
GetSystemInfo
VirtualQuery
GetConsoleTitleW
WriteConsoleOutputCharacterA
GetOEMCP
GetCalendarInfoA
HeapCreate
SetEnvironmentVariableA
GetLocaleInfoA
EnumSystemLocalesA
UnhandledExceptionFilter
GetModuleFileNameA
TlsSetValue
OpenFileMappingA
GetCurrentProcess
CreateMutexA
HeapReAlloc
LCMapStringA
GetCurrentThreadId
GetSystemTimeAsFileTime
SetStdHandle
FreeEnvironmentStringsW
GetSystemTimeAdjustment
GetTickCount
LockFileEx
ReadFile
CopyFileExA
GetCurrentThread
TlsFree
GetFileType
IsBadWritePtr
CreateDirectoryA
ExitProcess
OpenMutexA

shell32

ExtractAssociatedIconA
ShellHookProc
ShellAboutA
SHFormatDrive

comctl32

CreatePropertySheetPage
InitCommonControlsEx
CreateStatusWindowW
ImageList_LoadImageA
ImageList_SetFlags
ImageList_Duplicate
ImageList_GetDragImage
DrawInsert
ImageList_BeginDrag

advapi32

CryptGenRandom
RegEnumKeyExA
ReportEventW
CryptDuplicateHash
RegEnumKeyW
RegOpenKeyExW
InitiateSystemShutdownA
CryptEnumProviderTypesA
CryptHashSessionKey
LookupAccountNameW
CryptSetProviderExW
LookupPrivilegeDisplayNameW
CreateServiceW
RegCreateKeyExW
StartServiceA
RegSetValueA
CryptReleaseContext
RegSaveKeyW
CryptSetHashParam
CryptAcquireContextA
GetUserNameW

user32

DefWindowProcW
GetOpenClipboardWindow
GetInputDesktop
InvalidateRect
CreatePopupMenu
GetMenuItemID
ShowOwnedPopups
DrawStateW
ShowWindow
RegisterClassExA
WINNLSEnableIME
DdeCmpStringHandles
RegisterClassA
SetRect
GetMenuCheckMarkDimensions
PeekMessageW
MessageBoxA
MessageBoxW
GetSysColorBrush
SetMenuContextHelpId
GetKeyboardLayout
DdeCreateStringHandleA
LoadAcceleratorsW
RegisterClassExW
OpenWindowStationA
GetDlgItemTextW
UnpackDDElParam
IsDlgButtonChecked
GetClipboardFormatNameW
PostQuitMessage
TranslateAcceleratorA
VkKeyScanW
EndMenu
SetKeyboardState
EnumDesktopWindows
WINNLSGetIMEHotkey
DdeQueryStringA
GetDesktopWindow
CreateWindowExA
IsCharUpperA
DestroyWindow
FindWindowA

comdlg32

ChooseFontA

gdi32

SetColorAdjustment
CreateHatchBrush
GetCharABCWidthsFloatA
DescribePixelFormat
ResetDCW
CreateFontIndirectW
DeleteMetaFile
EnumFontFamiliesW
CreateDCA
CopyEnhMetaFileW
GetTextCharsetInfo
StretchDIBits
ResizePalette
EqualRgn

Sections

.text
Size: 152KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1881ed92fcff73118cd4f701f1987194

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

comctl32

advapi32

user32

comdlg32

gdi32

Sections

.text Size: 152KB - Virtual size: 150KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 100KB - Virtual size: 121KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 152KB - Virtual size: 150KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 100KB - Virtual size: 121KB

.rsrc
Size: 24KB - Virtual size: 23KB