87922312b07e3af587900597ef1613aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87922312b07e3af587900597ef1613aa_JaffaCakes118
Size

576KB
MD5

87922312b07e3af587900597ef1613aa
SHA1

0db53fea4bbc718bcd0165ba4a115f273b61a7f5
SHA256

30544d5abf187c358be9ec4e42cb5ccb2037a5ad355160fde1b5734912c5aac7
SHA512

5ab058a37585b1cc7599f8434ffba84dc17992bd6490571199e5e0117347015ac2bb4a9c7834cc60b115c3ad6e5cf1a7e8cbe1a6a272be8718fabea751e29d25
SSDEEP

12288:k3tg0OXg1gco37jAgj2WawipGvILCm7LbQXaypSoNygeHcypO:k320TgcooE2Wat2f0LbwPyJK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87922312b07e3af587900597ef1613aa_JaffaCakes118

Files

87922312b07e3af587900597ef1613aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

394e9d682c1fcdb52e85a2f556e10a97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\uowtpa\waixn\zqusjavmk.PDB

Imports

user32

DdePostAdvise
EnumThreadWindows
SetWindowsHookW
GetTabbedTextExtentW
SetScrollPos
DlgDirListA
SetMenuItemInfoW
OffsetRect
ShowCursor
GetClassLongW
DefWindowProcA
RegisterClassExA
RegisterClassA
UnhookWindowsHookEx
GetListBoxInfo
GetClassWord
DdeFreeStringHandle
CreateWindowExW
DdeConnect
CharNextA
OpenWindowStationA
CountClipboardFormats
MessageBoxW
SetDlgItemTextW
EnumDisplaySettingsExA
SetPropW
ShowWindow
LoadStringW
CallWindowProcA
DestroyWindow

comctl32

ImageList_GetImageCount
DrawInsert
ImageList_AddMasked
CreateToolbar
ImageList_DrawIndirect
ImageList_Destroy
ImageList_LoadImageW
ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_GetBkColor
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_DragEnter
_TrackMouseEvent
ImageList_Duplicate
ImageList_ReplaceIcon
ImageList_Copy
ImageList_AddIcon
ImageList_SetDragCursorImage
ImageList_DrawEx
ImageList_Write
ImageList_BeginDrag
ImageList_GetDragImage

gdi32

AddFontResourceA
CreatePolygonRgn
GetViewportExtEx

kernel32

TransactNamedPipe
FreeEnvironmentStringsW
InterlockedIncrement
HeapDestroy
OpenWaitableTimerW
CreateFileW
UnmapViewOfFile
LoadLibraryExA
GetStringTypeExW
TerminateProcess
TlsSetValue
EnterCriticalSection
ReadConsoleInputW
SetConsoleCursorInfo
GetCurrentThread
GetSystemDefaultLangID
DeleteAtom
GetStringTypeW
GlobalLock
GetDateFormatA
IsBadWritePtr
GetTempFileNameA
ReadConsoleOutputCharacterW
TlsFree
CreateFileMappingW
WriteFile
VirtualFree
DosDateTimeToFileTime
GetConsoleTitleW
UnhandledExceptionFilter
GetEnvironmentStringsW
GetCurrentThreadId
GetEnvironmentStrings
lstrcmpiA
GetSystemDirectoryA
GetCurrentProcessId
WriteConsoleInputW
TlsGetValue
GetTimeFormatW
GetConsoleCP
LCMapStringA
GetFileType
GetModuleFileNameA
GetModuleHandleA
QueryPerformanceCounter
CreateMailslotW
GetLocalTime
SetConsoleTitleW
InitializeCriticalSection
ReadConsoleInputA
OpenMutexA
EnumResourceNamesW
CreateEventA
OpenProcess
GetProfileStringA
GetProcAddress
GetCurrentProcess
RemoveDirectoryW
TryEnterCriticalSection
HeapReAlloc
GetModuleFileNameW
GetStdHandle
LocalFree
GetThreadTimes
GetStartupInfoA
GetSystemTime
VirtualQuery
GetTimeZoneInformation
InterlockedExchange
LeaveCriticalSection
GetVersion
CompareStringW
WaitForMultipleObjects
GetStartupInfoW
SetThreadLocale
RtlMoveMemory
GetStringTypeA
ReadFile
GetCommandLineA
SetLastError
FlushInstructionCache
FindResourceW
lstrcmpi
FlushFileBuffers
SetFileTime
CloseHandle
CompareStringA
SetEnvironmentVariableA
HeapAlloc
WideCharToMultiByte
GetThreadLocale
lstrcat
SetFilePointer
TlsAlloc
GetTickCount
RtlUnwind
SetHandleCount
LoadLibraryA
DeleteCriticalSection
SetThreadAffinityMask
GetLocaleInfoA
OpenFileMappingA
GetSystemTimeAsFileTime
ReadConsoleOutputA
GlobalUnlock
ExitProcess
EnumSystemLocalesA
SetVolumeLabelW
ReadConsoleOutputW
SetThreadIdealProcessor
lstrcatW
MultiByteToWideChar
lstrlenW
FreeEnvironmentStringsA
GetLastError
HeapCreate
CreateMutexA
VirtualAlloc
HeapFree
GetCommandLineW
SetStdHandle
GetCPInfo
FreeResource
GetShortPathNameA
InterlockedDecrement
TransmitCommChar
LCMapStringW
GetFileAttributesExA

comdlg32

PrintDlgA
GetSaveFileNameA
GetSaveFileNameW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

394e9d682c1fcdb52e85a2f556e10a97

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 112KB - Virtual size: 123KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 112KB - Virtual size: 123KB

.rsrc
Size: 44KB - Virtual size: 43KB