8a4977931596113c62b57754c8b4e2c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a4977931596113c62b57754c8b4e2c1_JaffaCakes118
Size

856KB
MD5

8a4977931596113c62b57754c8b4e2c1
SHA1

91bd87c758bd2692b2f98cc7a01d466c88ccc670
SHA256

a320154dd674843a72c59702ba64aca1ddde867129b3efebf7a598f95741fc8b
SHA512

67385742902dccbcca5dfca1178164bcd787d473e69b750e6ddedb81aac5a1b374cec1535586c77f6702f2bb1decf26dcb70be568c2c445896646410fd246d76
SSDEEP

12288:IoFUeSGYphWwlW4J608bMFl2Zv9agMjts10NkY6maIDYWVY9SogVtujmod6WiRTf:owsu4gbwIHaD00V5GYHamK6WaRUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4977931596113c62b57754c8b4e2c1_JaffaCakes118

Files

8a4977931596113c62b57754c8b4e2c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e97ca0c307d99a17ee3b348fe5999174

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\rhoe\eiwdpoue\evsanerooe\uyeeswkv\eoeozegos\ateg.pdb

Imports

advapi32

GetLengthSid
OpenProcessToken
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
InitializeAcl
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegSetValueExA
RegQueryValueExA
OpenThreadToken
DuplicateToken
AllocateAndInitializeSid
RegOpenKeyA
RegCreateKeyExA
FreeSid
RegQueryValueA
SetSecurityDescriptorGroup
RegEnumKeyA
AddAccessAllowedAce
AccessCheck
SetSecurityDescriptorDacl

gdi32

SetPixel
CloseEnhMetaFile
RoundRect
GetTextExtentPointA
RectVisible
LPtoDP
StrokePath
CreateBrushIndirect
RestoreDC
CreatePolygonRgn
GetObjectType
GetGlyphOutlineA
FloodFill
ArcTo
PolyBezier
SetBoundsRect
Chord
SetAbortProc
GetObjectA
InvertRgn
GetWindowExtEx
PolyDraw
CreateBitmap
CreatePatternBrush
Rectangle
BitBlt
SetViewportExtEx
GetWindowOrgEx
SetPaletteEntries
EqualRgn
ResizePalette
GetStockObject
FillPath
CreateRectRgnIndirect
SetViewportOrgEx
GetPath
EnumMetaFile
ExcludeClipRect
GetMapMode
GetPixel
PlayMetaFileRecord
SetBkMode
ResetDCA
GetClipRgn
CreateDIBitmap
BeginPath
SetMapperFlags
CreatePen
GetBoundsRect
OffsetWindowOrgEx
PathToRegion
SetWindowOrgEx
DeleteDC
SetStretchBltMode
GetRgnBox
DeleteObject
GetROP2
RectInRegion
CreateEnhMetaFileA
MoveToEx
StartDocA
GetBkMode
SelectObject
StretchDIBits
OffsetViewportOrgEx
CreateCompatibleBitmap
Polygon
ExtCreateRegion
PaintRgn
CreateRectRgn
AbortDoc
GetViewportExtEx
PlayEnhMetaFile
GetFontData
SetMapMode
PolyPolygon
PtVisible
FlattenPath
OffsetClipRgn
GetTextExtentPoint32A
SetColorAdjustment
GetClipBox
SetROP2
GetBitmapDimensionEx
SetBitmapDimensionEx
SelectClipPath
SetBitmapBits
ExtFloodFill
EndPath
CreateCompatibleDC
SetTextColor
CreateEllipticRgn
SetTextAlign
FillRgn
GetOutlineTextMetricsA
CopyMetaFileA
CreateDIBPatternBrushPt
SaveDC
LineTo
GetTextCharacterExtra
Polyline
CreateRoundRectRgn
OffsetRgn
UnrealizeObject
GetNearestColor
CreateDCA

comdlg32

ChooseColorA
GetFileTitleA

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_Draw
ImageList_AddMasked
ImageList_EndDrag
ImageList_GetImageCount
_TrackMouseEvent
InitCommonControlsEx
ImageList_Destroy
ImageList_Add
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_DragMove
ord17
CreatePropertySheetPageA
ImageList_LoadImageA
ImageList_DrawEx
ImageList_SetBkColor

shell32

SHGetMalloc
Shell_NotifyIconW
ord155
SHGetPathFromIDListW

oleaut32

LoadTypeLi

wininet

InternetErrorDlg
InternetGetConnectedState
InternetCrackUrlA
InternetOpenA
HttpQueryInfoA
HttpSendRequestExA
InternetGetLastResponseInfoA
InternetWriteFile
InternetCloseHandle
InternetSetOptionA
InternetConnectA
InternetGetCookieA
HttpSendRequestA
HttpOpenRequestA

winspool.drv

DocumentPropertiesA
GetPrinterA
ord204
OpenPrinterA
ClosePrinter
SetPrinterA

kernel32

FreeEnvironmentStringsW
HeapAlloc
GetCurrentThread
SetConsoleCtrlHandler
SetErrorMode
GetCommandLineA
GetCPInfo
GetUserDefaultLCID
SetUnhandledExceptionFilter
GetVersionExA
UnhandledExceptionFilter
GetTickCount
GetModuleFileNameW
lstrcpyW
OutputDebugStringW
TerminateProcess
TlsAlloc
CreateThread
GetStartupInfoA
FindClose
LCMapStringW
GetFileType
GetProcessHeap
WideCharToMultiByte
SetEndOfFile
WriteConsoleA
FreeLibrary
GlobalHandle
FileTimeToSystemTime
IsValidLocale
GetCurrentProcessId
GetModuleFileNameA
GetConsoleOutputCP
WriteConsoleW
GetFullPathNameA
LoadLibraryA
IsValidCodePage
OutputDebugStringA
GetDateFormatA
CreateMutexW
CloseHandle
RaiseException
GetConsoleMode
LocalFileTimeToFileTime
ExitProcess
DeleteCriticalSection
MultiByteToWideChar
DebugBreak
InitializeCriticalSection
GetOEMCP
SetEnvironmentVariableA
GetTimeFormatA
GetConsoleCP
SetHandleCount
HeapCreate
GetLocaleInfoA
GetStringTypeW
CreateFileA
FatalAppExitA
QueryPerformanceCounter
TlsSetValue
GlobalFree
HeapDestroy
GetEnvironmentStringsW
EnterCriticalSection
FindNextFileA
HeapReAlloc
VirtualAlloc
GetCurrentProcess
LeaveCriticalSection
TlsFree
LoadLibraryW
RtlUnwind
GetStdHandle
ReadFile
GetModuleHandleA
GetStringTypeA
FreeEnvironmentStringsA
TlsGetValue
InterlockedExchange
SetFilePointer
lstrlenA
InterlockedDecrement
GetModuleHandleW
GetCommandLineW
InterlockedIncrement
SetLastError
LoadResource
GetLocaleInfoW
VirtualQuery
GetCurrentThreadId
GetLastError
WriteFile
CompareStringA
IsDebuggerPresent
GetACP
FlushFileBuffers
HeapValidate
GlobalSize
GetProcAddress
GlobalLock
LCMapStringA
IsBadReadPtr
CompareStringW
HeapFree
SetStdHandle
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetEnvironmentStrings
GetStartupInfoW
lstrcpyA
VirtualFree

user32

DefWindowProcW
IsWindowEnabled
ReleaseDC
SetWindowPos
ReleaseCapture
InvalidateRect
IsClipboardFormatAvailable
TranslateMessage
RegisterClassW
DrawTextW
GetDlgItem
DrawEdge
AppendMenuW
SetWindowTextW
RegisterClassExW
SetMenu
SetWindowPlacement
SetFocus
FillRect
SystemParametersInfoW
LockWindowUpdate
GetMenuState
SendMessageTimeoutW
MessageBeep
ShowWindow
LoadAcceleratorsW
IsZoomed
UpdateWindow
GetSysColorBrush
SendMessageW
InflateRect
KillTimer
PostQuitMessage
MessageBoxW
DestroyMenu
SetMenuDefaultItem
ScreenToClient
GetClientRect
SetMenuItemInfoW
DeferWindowPos
GetCursorPos
LoadImageW
IsMenu
RedrawWindow
EnableMenuItem
GetTopWindow
SetCapture
EnableWindow
DestroyWindow
DrawTextExW
LoadIconW
GetWindowLongW
GetMenuItemCount
ClientToScreen
SetCursor
GetSubMenu
GetMenuStringW
EndPaint
IntersectRect
GetDlgCtrlID
ReuseDDElParam
PtInRect
BeginPaint
GetClassLongW
IsIconic
CheckDlgButton
CreateWindowExW
GetMessagePos
GetMessageW
AttachThreadInput
SetParent
SetScrollPos

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 496KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e97ca0c307d99a17ee3b348fe5999174

Headers

File Characteristics

PDB Paths

Imports

advapi32

gdi32

comdlg32

comctl32

shell32

oleaut32

wininet

winspool.drv

kernel32

user32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 496KB - Virtual size: 494KB

.data Size: 96KB - Virtual size: 95KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 496KB - Virtual size: 494KB

.data
Size: 96KB - Virtual size: 95KB

.rsrc
Size: 48KB - Virtual size: 45KB