a028e54e8da6981c7ea374e45d8bf30e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a028e54e8da6981c7ea374e45d8bf30e_JaffaCakes118
Size

632KB
MD5

a028e54e8da6981c7ea374e45d8bf30e
SHA1

3bc95eed9dc8879176cfb1a3cec150ce3547bca4
SHA256

5ed2f772cc30b2abd3b6be2ec16ddda8f9263533242208a02dfb3bd5c3e00638
SHA512

32aefc6f1f0b4051665b70aa6486bc39249d8c9b597f6a2b9c155920fbcab6ab0457da3cd298d3dd0fafdb7266ee67c4db770790face0d874f34626359c57186
SSDEEP

12288:wRtXYoZZkJlRkKliVCyaEnQOhKqs/d4qz538O2QaUd:GtVLSfliVCyFQ9/dpMvQai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a028e54e8da6981c7ea374e45d8bf30e_JaffaCakes118

Files

a028e54e8da6981c7ea374e45d8bf30e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb417b79af8e1f11d27c96cff0984f51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\otsripn\atyuhery\o

Imports

gdi32

PolylineTo
SetRectRgn
ExtTextOutA
CreateHalftonePalette
ModifyWorldTransform
PolyDraw
CreateFontIndirectA
OffsetWindowOrgEx
GetClipRgn
RoundRect
SetICMMode
RestoreDC
OffsetViewportOrgEx
CreateRectRgn
CreateDCA
SelectObject
GetObjectW
GetDeviceCaps
DeleteDC
GetTextExtentPoint32W
GetRgnBox
UpdateICMRegKeyW
ResizePalette
SetDIBits
PolyBezierTo
GetDIBits

shell32

DragAcceptFiles
FindExecutableW
RealShellExecuteExW

kernel32

WaitForSingleObject
GetPriorityClass
HeapAlloc
GetModuleFileNameA
GetProcessHeap
LCMapStringW
GetEnvironmentStrings
GetModuleHandleA
WriteConsoleA
SetUnhandledExceptionFilter
GetTimeFormatA
MoveFileExW
FlushFileBuffers
TlsAlloc
IsValidLocale
GetStringTypeA
GetCurrentProcess
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetDateFormatA
WriteConsoleW
VirtualFree
TransmitCommChar
SetHandleCount
GetACP
lstrcpynA
HeapFree
GetConsoleOutputCP
IsValidCodePage
WideCharToMultiByte
SetVolumeLabelW
GlobalFree
Sleep
SetWaitableTimer
SetThreadIdealProcessor
RtlUnwind
SetEndOfFile
CompareStringW
ReadFileEx
MultiByteToWideChar
SetEnvironmentVariableA
TlsGetValue
GetCurrentProcessId
GetLastError
PulseEvent
EnterCriticalSection
CreateMutexA
GetVolumeInformationA
SetVolumeLabelA
OpenWaitableTimerA
GetCPInfo
SetThreadAffinityMask
InitializeCriticalSection
LocalAlloc
SetCriticalSectionSpinCount
TlsFree
FreeEnvironmentStringsW
WriteFile
GlobalAddAtomA
GetConsoleMode
SetConsoleOutputCP
GetStringTypeW
CreateFileA
TransactNamedPipe
IsDebuggerPresent
HeapSize
WriteProfileStringW
GetOEMCP
GetLocaleInfoA
HeapCreate
VirtualAlloc
SetSystemTime
CloseHandle
GetSystemTimeAsFileTime
CompareStringA
GetConsoleCP
DeleteCriticalSection
GetCommandLineA
GetStartupInfoW
SetStdHandle
LeaveCriticalSection
GetStdHandle
InterlockedExchange
FillConsoleOutputCharacterA
EnumSystemLocalesA
GetTimeZoneInformation
GetVersionExA
GetCurrentThreadId
GetPrivateProfileStructA
OpenMutexA
SetConsoleCtrlHandler
lstrcpynW
GetProcAddress
SetFilePointer
GetFileType
LoadLibraryA
VirtualLock
SetConsoleTextAttribute
UnhandledExceptionFilter
HeapDestroy
LCMapStringA
QueryPerformanceCounter
GetTickCount
GetEnvironmentStringsW
TerminateProcess
TlsSetValue
FindAtomW
InterlockedIncrement
ExitProcess
GetUserDefaultLCID
SetLastError
HeapReAlloc
WritePrivateProfileStringW
OpenEventA
GetDiskFreeSpaceExW
VirtualQuery
ReadFile
FreeLibrary
SetTimeZoneInformation
ReleaseMutex
GetLocaleInfoW
GetTempPathA
GetStartupInfoA
InterlockedDecrement
FreeEnvironmentStringsA
lstrcpyW
GetCurrentThread
WritePrivateProfileStructW

comdlg32

PrintDlgW
ReplaceTextW
GetFileTitleA

user32

ChildWindowFromPointEx
NotifyWinEvent
ShowWindow
TileChildWindows
RegisterClassExA
DdeConnect
LoadAcceleratorsW
DefDlgProcA
SystemParametersInfoW
GetMessageA
LoadAcceleratorsA
MenuItemFromPoint
ShowWindowAsync
MessageBoxW
CascadeWindows
DdeAccessData
GetMenuState
EnumDesktopsA
FindWindowExA
GetMessageExtraInfo
DestroyWindow
MapDialogRect
DlgDirSelectExA
CreateIconFromResourceEx
BeginPaint
CreateIconIndirect
UnionRect
MonitorFromPoint
UnpackDDElParam
wvsprintfA
SetWindowsHookA
GetWindowContextHelpId
DialogBoxIndirectParamW
GetTopWindow
RegisterClassA
DefDlgProcW
DdeClientTransaction
IsCharLowerA
GetWindowModuleFileNameW
CopyAcceleratorTableA
GetMenuStringW
OpenInputDesktop
OpenDesktopA
DdeNameService
CreateAcceleratorTableW
CreateWindowExA
SetDoubleClickTime
BroadcastSystemMessage
DefWindowProcA
SetMenuItemInfoW
DdeQueryStringW
DdeCreateDataHandle
MessageBoxIndirectA
ChangeClipboardChain
TileWindows
GetShellWindow
LoadIconA
CopyIcon
GetClipboardOwner
RealChildWindowFromPoint
GetMenuItemRect
GetScrollBarInfo

comctl32

CreateMappedBitmap
ImageList_SetFlags
ImageList_GetBkColor
ImageList_SetFilter
CreateStatusWindowW
ImageList_DragEnter
InitMUILanguage
ImageList_SetBkColor
DrawStatusText
InitCommonControlsEx
ImageList_BeginDrag
CreateStatusWindowA

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb417b79af8e1f11d27c96cff0984f51

Headers

File Characteristics

PDB Paths

Imports

gdi32

shell32

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 268KB - Virtual size: 264KB

.data Size: 116KB - Virtual size: 126KB

.rsrc Size: 68KB - Virtual size: 65KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 268KB - Virtual size: 264KB

.data
Size: 116KB - Virtual size: 126KB

.rsrc
Size: 68KB - Virtual size: 65KB