8c82957cdd3211eb71746a92cf745780_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c82957cdd3211eb71746a92cf745780_JaffaCakes118
Size

513KB
MD5

8c82957cdd3211eb71746a92cf745780
SHA1

eec61e694c8a91efaba6fd02dfbf10b6c6941807
SHA256

19ddd74d597b62f6d0eaffb82f787bc19e1abc1352396fb97b48add65766cf3b
SHA512

a51496cc0beb188e87200e1adfae6ea6df43ae7948092cbb7f55a93bf5553cc4101e80fb35f247099bc8572fa1f04c14ffd49257d889e8464ca98887415aa108
SSDEEP

12288:B9a2/s/ONWwWPgNb7CIp5tgP57ckSmBh+yNOt9nwzTSjJu:CSuOhWw2IHSc7m2yN4nFQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c82957cdd3211eb71746a92cf745780_JaffaCakes118

Files

8c82957cdd3211eb71746a92cf745780_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49edd47d9b34b30e5537df198902b2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\fygcgjxyd.pdb

Imports

advapi32

CryptGetHashParam
RegConnectRegistryA
CryptSetProviderExA
RegEnumValueA

kernel32

SetEnvironmentVariableA
WriteFile
InterlockedDecrement
VirtualQuery
GetDateFormatA
EnumSystemLocalesA
GetNamedPipeInfo
GetLastError
ExitProcess
GetTimeFormatW
GetModuleHandleW
IsValidCodePage
GetStringTypeW
GetACP
GetTempPathA
CreateSemaphoreA
GetTimeZoneInformation
CompareStringA
GetTickCount
HeapSize
GetTimeFormatA
WriteConsoleA
GetFileType
GetCommandLineA
HeapCreate
WriteConsoleW
GetStdHandle
GetConsoleMode
WriteProfileSectionW
LoadLibraryA
GetSystemTimeAsFileTime
LeaveCriticalSection
GetModuleHandleA
IsDebuggerPresent
GetAtomNameW
TlsGetValue
SetStdHandle
LocalShrink
GetModuleFileNameW
FreeEnvironmentStringsW
MultiByteToWideChar
GetStartupInfoA
CloseHandle
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCPInfo
GetExitCodeProcess
ReadFile
VirtualAlloc
FreeLibrary
GetCommandLineW
GetConsoleCP
FlushFileBuffers
WideCharToMultiByte
CreateMutexA
HeapAlloc
OpenMutexA
SetLastError
CreateThread
GetEnvironmentStringsW
TlsSetValue
GetLocaleInfoA
SetHandleCount
GetStartupInfoW
GetCurrentThread
SetEvent
WaitForSingleObject
TlsFree
HeapFree
GetCurrentThreadId
WriteConsoleInputW
RtlUnwind
InitializeCriticalSectionAndSpinCount
HeapDestroy
GetOEMCP
CompareStringW
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetConsoleOutputCP
SetConsoleCtrlHandler
AllocConsole
GetStringTypeA
GetUserDefaultLCID
CompareFileTime
HeapReAlloc
GetModuleFileNameA
GetProcAddress
ReadConsoleOutputCharacterA
LCMapStringW
GetThreadLocale
GetLocaleInfoW
IsValidLocale
TlsAlloc
CreateFileA
InterlockedIncrement
UnhandledExceptionFilter
Sleep
SetFilePointer
FillConsoleOutputCharacterA
PulseEvent
GetCurrentProcessId
VirtualFree
TerminateProcess
LCMapStringA
GlobalFix
InterlockedExchange

user32

DlgDirSelectComboBoxExA
ChangeDisplaySettingsExW
MessageBoxA
GetNextDlgGroupItem
RegisterClassExA
SetUserObjectInformationW
CheckMenuRadioItem
CreateMDIWindowA
ToUnicodeEx
GetTitleBarInfo
OpenDesktopA
DdeReconnect
CreateWindowExW
DefDlgProcW
ShowWindow
ScrollWindow
ToAscii
RegisterClassA

gdi32

CreateFontA
SetLayout
CreateDCW
PolyTextOutA
SetDeviceGammaRamp
SetWindowExtEx
ScaleViewportExtEx
GetDeviceCaps
SetTextColor
GetTextExtentPointA
TextOutW
GetMetaFileBitsEx
DrawEscape
DeleteDC
GetRgnBox
FrameRgn
GetTextExtentPoint32W
CreateFontIndirectW
SetEnhMetaFileBits
GetTextCharacterExtra
CopyMetaFileW
TextOutA

comdlg32

ReplaceTextW
ChooseFontW
GetOpenFileNameW
ChooseFontA

wininet

InternetSetCookieA

comctl32

_TrackMouseEvent
ImageList_Remove
ImageList_Duplicate
CreateStatusWindow
CreateToolbarEx
ImageList_GetImageRect
ImageList_SetImageCount
CreateUpDownControl
ImageList_DrawEx
InitCommonControlsEx
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_GetDragImage
ImageList_SetIconSize
ImageList_DragEnter
DrawStatusTextW
DrawStatusTextA
ImageList_GetIconSize
CreateToolbar
ImageList_SetFilter
DrawStatusText
ImageList_GetImageCount
ImageList_Merge

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49edd47d9b34b30e5537df198902b2bd

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

gdi32

comdlg32

wininet

comctl32

Sections

.text Size: 339KB - Virtual size: 339KB

.rdata Size: 43KB - Virtual size: 69KB

.data Size: 104KB - Virtual size: 104KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 339KB - Virtual size: 339KB

.rdata
Size: 43KB - Virtual size: 69KB

.data
Size: 104KB - Virtual size: 104KB

.rsrc
Size: 25KB - Virtual size: 25KB