944793c1e3f78a7e5236a3ae8f9aae0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

944793c1e3f78a7e5236a3ae8f9aae0b_JaffaCakes118
Size

600KB
MD5

944793c1e3f78a7e5236a3ae8f9aae0b
SHA1

ab3eee11ec4f59f7406a2f30cc9d902350a8fcda
SHA256

d4c6ca559ee5b9366276518f0c72321e718a6a244cb7914719f0fbe96421b2fd
SHA512

75edd0e51558b7da4d38c86351ccfacc9498f24cecacc72b5bd22eddf7f6e86750311395c82396dd8ac518d4e3f626907e1b2ef8a7a6e58a64b40be0a068171d
SSDEEP

12288:X/e4klxPqJboZPDH+fe4cUq+VFEMQPAGhK177M61nWEc1N:PEcbo5+q+VOT4GhBF1N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
944793c1e3f78a7e5236a3ae8f9aae0b_JaffaCakes118

Files

944793c1e3f78a7e5236a3ae8f9aae0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b69837b36dbddac5b5c364aae0b6fbb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\eeuy\wbzsy\

Imports

user32

DdeDisconnect
GetScrollRange
SetWindowsHookExW
RegisterClassA
MessageBoxW
SetKeyboardState
ChangeDisplaySettingsW
CharLowerW
GetMonitorInfoW
RegisterClassExA
GetWindowTextLengthA
SetClassWord
DdeQueryStringW
IsIconic
DdeConnectList
ShowWindow
NotifyWinEvent
GetWindowRect
DestroyWindow
LoadStringA
InSendMessageEx
CreateWindowExA
SetCursorPos
PaintDesktop
DlgDirSelectExA
DefWindowProcA
BroadcastSystemMessageW
GetSystemMenu

advapi32

RegEnumValueW
RegCreateKeyW
LookupSecurityDescriptorPartsW
CryptImportKey
RegOpenKeyW
RegEnumValueA
RegQueryMultipleValuesW

shell32

CheckEscapesW
SHFileOperation
DragFinish

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Replace
ImageList_GetIconSize
GetEffectiveClientRect
ImageList_DragShowNolock
_TrackMouseEvent
CreateUpDownControl
InitCommonControlsEx
ImageList_DragEnter
ImageList_SetFilter
ImageList_Merge
ImageList_LoadImageW
ImageList_SetDragCursorImage
InitMUILanguage
ImageList_SetFlags
ImageList_DrawIndirect
ImageList_SetOverlayImage
ImageList_LoadImage
ImageList_GetImageInfo
ImageList_GetBkColor
CreateToolbarEx

comdlg32

LoadAlterBitmap
GetOpenFileNameA
PrintDlgA

kernel32

HeapValidate
GetCurrentProcessId
DeleteCriticalSection
GetLastError
GetLocaleInfoA
CompareStringW
OpenEventW
InitializeCriticalSection
LoadLibraryA
EnumResourceNamesA
TerminateProcess
HeapSize
GetCommandLineA
GetCurrentProcess
LoadLibraryExA
GetShortPathNameA
GetProfileIntW
LockFile
IsBadWritePtr
GetModuleFileNameA
TlsSetValue
GetPrivateProfileIntA
LeaveCriticalSection
GetEnvironmentStrings
CommConfigDialogA
SetHandleCount
HeapFree
GetModuleHandleA
GetProcAddress
GlobalDeleteAtom
GlobalFix
SetStdHandle
RtlMoveMemory
EnumCalendarInfoExW
VirtualQuery
SetFileAttributesA
SetEnvironmentVariableA
GetLocaleInfoW
ExitProcess
SetLastError
GetTempFileNameW
IsValidLocale
HeapCreate
GetUserDefaultLCID
SetThreadAffinityMask
GetEnvironmentStringsW
IsValidCodePage
OpenMutexA
GetDriveTypeA
InterlockedExchange
GetSystemTimeAsFileTime
FindNextFileW
TlsFree
EnumSystemCodePagesW
GetCurrentThreadId
FreeEnvironmentStringsW
RtlUnwind
lstrcpynW
TlsGetValue
GetStringTypeA
HeapDestroy
SetVolumeLabelA
CompareStringA
WaitForSingleObjectEx
GetDiskFreeSpaceExW
GetACP
GetCurrencyFormatA
VirtualProtect
GetStartupInfoA
EnumSystemLocalesW
SetFilePointer
FreeEnvironmentStringsA
Sleep
LCMapStringA
CreateMutexA
GetCurrentThread
FileTimeToDosDateTime
GetDateFormatW
CreateEventA
GetTimeZoneInformation
GetTickCount
GetCPInfo
GetSystemInfo
TlsAlloc
GetStringTypeW
HeapReAlloc
ReadFile
SetLocaleInfoA
DeleteFiber
GetExitCodeThread
FindFirstFileExA
WritePrivateProfileStringA
VirtualFree
UnhandledExceptionFilter
GetLongPathNameW
VirtualAlloc
FindAtomW
FlushFileBuffers
CreateThread
WideCharToMultiByte
GetCurrentDirectoryW
EnterCriticalSection
lstrcatA
LocalFlags
GetVersionExA
WriteFile
GetEnvironmentVariableA
HeapAlloc
FlushConsoleInputBuffer
GetTimeFormatA
LCMapStringW
GetStdHandle
GetOEMCP
GetFileTime
GetStringTypeExA
MultiByteToWideChar
EnumSystemLocalesA
GetFileType
GetNumberFormatA
CloseHandle
OutputDebugStringA
QueryPerformanceCounter
GetDateFormatA
FillConsoleOutputCharacterW
VirtualAllocEx

gdi32

SetDeviceGammaRamp
CreatePen
StartDocA
GetDeviceCaps
GetOutlineTextMetricsA
CloseEnhMetaFile
GetOutlineTextMetricsW
SetMetaRgn
DeviceCapabilitiesExA
AbortPath
GetTextFaceW
GetCharacterPlacementA
GetWindowOrgEx
GetBkMode

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b69837b36dbddac5b5c364aae0b6fbb8

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

shell32

comctl32

comdlg32

kernel32

gdi32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 112KB - Virtual size: 139KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 112KB - Virtual size: 139KB

.rsrc
Size: 60KB - Virtual size: 56KB