9632c8bb3cba036468a0784127b0ab23_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9632c8bb3cba036468a0784127b0ab23_JaffaCakes118
Size

503KB
MD5

9632c8bb3cba036468a0784127b0ab23
SHA1

e20184a05699412ea71a5ebe9508acb46c14667f
SHA256

c1ab4d688831067f1e5efe41af56a80d6b9deae41bfe25a178e911ffcba4fd4b
SHA512

26577bc930b8350f615ba061936d74f688c5fa7b8cb65820c8565b82cdc50068392273aee113563e1d994e8124fc1d84c967335a3c1c980681d9de0b7b8b7a9b
SSDEEP

12288:xWS4Z0ZDxVv95jUdFS1pcHrpw62x0Jy5PsV1wu7g81R505HK:xWSXDxV95PwpD44zlR5Aq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9632c8bb3cba036468a0784127b0ab23_JaffaCakes118

Files

9632c8bb3cba036468a0784127b0ab23_JaffaCakes118
.exe windows:4 windows x86 arch:x86

365ccfca1e08eb9ee67b75170021c3ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\ezem

Imports

comctl32

ImageList_EndDrag
CreatePropertySheetPageA
CreateToolbarEx
CreateMappedBitmap
ImageList_LoadImage
ImageList_Duplicate
ImageList_Read
ImageList_DragEnter
ImageList_SetIconSize
ImageList_DragShowNolock
ImageList_GetFlags
ImageList_DragLeave
ImageList_BeginDrag
ImageList_AddMasked
InitCommonControlsEx
ImageList_SetFlags

shell32

SHEmptyRecycleBinW
SHBrowseForFolderW
SHGetDataFromIDListW
ExtractIconExA

user32

TrackPopupMenuEx
DeferWindowPos
CreateCursor
RegisterClassExA
GetThreadDesktop
BroadcastSystemMessageA
CharUpperBuffA
SetShellWindow
DestroyWindow
GetWindowThreadProcessId
GetClipboardData
CreateWindowExA
GetSystemMetrics
MessageBoxA
DefWindowProcW
ToAsciiEx
RegisterClassA
ShowWindow

gdi32

EnumICMProfilesW
DescribePixelFormat
GetBrushOrgEx
SetGraphicsMode
CreateDCA
CreateBitmap
SetMapMode
EnumFontFamiliesW

advapi32

RegDeleteKeyW
LogonUserA
LookupPrivilegeValueW
CryptSetHashParam
CryptEnumProvidersA
CryptSetProvParam
LookupAccountSidA

kernel32

TerminateProcess
GetStringTypeA
InterlockedIncrement
LCMapStringW
ExitProcess
GetProcAddress
SetLastError
LCMapStringA
GlobalFlags
GetDriveTypeW
GetVersion
FreeEnvironmentStringsW
HeapDestroy
GetDiskFreeSpaceA
SetComputerNameA
RtlUnwind
SetConsoleActiveScreenBuffer
SetStdHandle
FlushInstructionCache
CompareStringW
InitializeCriticalSection
TlsFree
WideCharToMultiByte
FreeEnvironmentStringsA
HeapFree
GetCommandLineA
IsBadWritePtr
LocalHandle
UnhandledExceptionFilter
GetStringTypeW
LoadLibraryA
CreateToolhelp32Snapshot
DeleteCriticalSection
SetSystemTime
GetLocalTime
GetStartupInfoA
GetModuleFileNameW
SetEnvironmentVariableA
VirtualAlloc
CompareStringA
CreateMutexA
lstrcpynA
QueryPerformanceCounter
GetModuleHandleA
VirtualProtect
LeaveCriticalSection
GetProcessShutdownParameters
GetCurrentProcess
MultiByteToWideChar
GetCurrentProcessId
lstrcmpW
CreateFileW
GetCommandLineW
GetTimeZoneInformation
GetCurrentThreadId
HeapReAlloc
HeapCreate
FlushFileBuffers
TlsGetValue
GetEnvironmentStrings
EnterCriticalSection
GetCurrentThread
WriteConsoleInputA
VirtualFree
FreeResource
WriteFile
FreeLibraryAndExitThread
VirtualLock
ReadFile
SetFilePointer
GetFileType
GetStartupInfoW
VirtualUnlock
GetDiskFreeSpaceExA
GetUserDefaultLangID
GetModuleFileNameA
SetHandleCount
GetLastError
GetEnvironmentStringsW
WaitCommEvent
GetStdHandle
OpenMutexA
GetSystemTime
GetCPInfo
TlsAlloc
CloseHandle
GetTickCount
InterlockedExchange
HeapAlloc
TlsSetValue
FindAtomA
InterlockedDecrement
VirtualQuery
GetSystemTimeAsFileTime

comdlg32

ChooseColorW

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

365ccfca1e08eb9ee67b75170021c3ab

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

user32

gdi32

advapi32

kernel32

comdlg32

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 195KB - Virtual size: 222KB

.data Size: 111KB - Virtual size: 111KB

.rsrc Size: 53KB - Virtual size: 52KB

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 195KB - Virtual size: 222KB

.data
Size: 111KB - Virtual size: 111KB

.rsrc
Size: 53KB - Virtual size: 52KB