a480146c541cf79263f108865d5804cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a480146c541cf79263f108865d5804cb_JaffaCakes118
Size

528KB
MD5

a480146c541cf79263f108865d5804cb
SHA1

2642f584aa91aeeaefc20664627d9e0a0549fb0d
SHA256

7804ba2eda1e15d5a79bd94b5c66f1374b4a66569bfc4bd6fc4379cd5f1c66c8
SHA512

d0250b9b4c61ddef14e715e4d5d86941dcf36a703782633cfc7b591aa4b12b1b2d6ff4ec4162dd1c00aa9984295e5f7324918e72a77a7fc4d42698321ccba61e
SSDEEP

12288:cmR+llByTXAN2pm2Zzcxu3wpbBpGUIiY3EDGQAfKFgFInSOQSN85z:cA+ITQNi/SB8QqSFggSos

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a480146c541cf79263f108865d5804cb_JaffaCakes118

Files

a480146c541cf79263f108865d5804cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff87721cbc57b091ea6babdbdecb34e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\meze\avbuqgfe\qeftj.pdb

Imports

user32

UnloadKeyboardLayout
DrawStateA
SetForegroundWindow
CreateAcceleratorTableW
RegisterDeviceNotificationW
GetWindowWord
DefWindowProcW
GetWindowTextA
ValidateRgn
DestroyWindow
CharPrevExA
GetDlgItemTextW
InSendMessage
WINNLSGetIMEHotkey
EnumDisplaySettingsW
GetWindowLongW
ShowWindow
CreateIconFromResource
DdeInitializeA
MessageBoxA
GrayStringW
IntersectRect
DrawIconEx
RegisterClassA
GetProcessDefaultLayout
CreateWindowExA
RegisterClassExA
GetMenuCheckMarkDimensions
GetClassInfoA
CreateWindowStationA
DdeUninitialize

kernel32

OpenFileMappingW
LockFileEx
TlsFree
LeaveCriticalSection
RtlUnwind
GetCurrentDirectoryW
GetShortPathNameA
WaitForSingleObjectEx
HeapDestroy
IsBadWritePtr
TerminateProcess
LocalUnlock
QueryPerformanceCounter
GetOEMCP
EnterCriticalSection
UnhandledExceptionFilter
FlushFileBuffers
CreateEventW
FindFirstFileExA
GetStdHandle
EnumResourceTypesW
GetShortPathNameW
GetEnvironmentStringsW
WideCharToMultiByte
LocalAlloc
LCMapStringA
SetLastError
SleepEx
OpenMutexA
EnumResourceNamesA
GetSystemTime
FlushInstructionCache
GetTickCount
GetCurrentProcessId
FreeEnvironmentStringsA
SetStdHandle
GetTimeFormatA
TlsGetValue
ReadConsoleW
VirtualAlloc
VirtualQuery
SetFilePointer
GetProcessHeaps
GetCommandLineA
FreeEnvironmentStringsW
GetModuleFileNameA
FoldStringA
ExitProcess
InterlockedDecrement
GetPrivateProfileStringW
HeapCreate
SetEnvironmentVariableA
WritePrivateProfileStringA
GetCurrentProcess
ConvertDefaultLocale
LoadLibraryA
GlobalDeleteAtom
GetStringTypeA
HeapFree
GetTimeZoneInformation
CompareStringW
GlobalAlloc
SetFileAttributesW
GetCompressedFileSizeW
LCMapStringW
GetSystemTimeAsFileTime
GetVersion
CloseHandle
GetDiskFreeSpaceW
GetLastError
MoveFileW
MultiByteToWideChar
CompareStringA
GetACP
SuspendThread
CommConfigDialogW
ReadFile
GetStringTypeW
WaitForSingleObject
HeapAlloc
EnumSystemLocalesW
GetStartupInfoA
GetFileAttributesExW
SetPriorityClass
TlsSetValue
HeapReAlloc
SetLocaleInfoW
GetCompressedFileSizeA
GetModuleHandleA
WriteConsoleOutputCharacterW
TlsAlloc
GetCurrentDirectoryA
VirtualFree
GetProcAddress
WriteConsoleOutputAttribute
InterlockedExchange
SetHandleCount
GlobalFindAtomA
InitializeCriticalSection
GetEnvironmentStrings
GetCPInfo
GetCurrentThread
CreateMutexA
GetFileType
InterlockedIncrement
GetCurrentThreadId
DeleteCriticalSection
WriteFile
GetLocalTime

comctl32

ImageList_DragEnter
ImageList_LoadImage
CreateToolbarEx
ImageList_DragShowNolock
ImageList_BeginDrag
ImageList_DrawEx
DrawStatusText
ImageList_Destroy
ImageList_GetImageCount
ImageList_GetBkColor
CreateToolbar
ImageList_SetDragCursorImage
ImageList_SetFlags
DestroyPropertySheetPage
ImageList_Read
CreateStatusWindowW
ImageList_ReplaceIcon
ImageList_DragLeave
_TrackMouseEvent
CreateMappedBitmap
DrawStatusTextA
ImageList_SetImageCount
ImageList_LoadImageW
ImageList_GetImageInfo
InitCommonControlsEx

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateRectRgn
PolyBezier
GetEnhMetaFilePaletteEntries
AngleArc
GetBoundsRect
FrameRgn
DeleteDC
PlgBlt
GetObjectW
GetMetaFileBitsEx
GetRasterizerCaps
CreateEllipticRgnIndirect
EndPath
CreateDCA
CreateFontA
PlayEnhMetaFileRecord
ExtCreateRegion
GetLogColorSpaceW
OffsetViewportOrgEx
GetStretchBltMode
GetObjectType
CreateEnhMetaFileW
UpdateICMRegKeyW

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff87721cbc57b091ea6babdbdecb34e1

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

gdi32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 244KB - Virtual size: 243KB

.data Size: 112KB - Virtual size: 127KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 244KB - Virtual size: 243KB

.data
Size: 112KB - Virtual size: 127KB

.rsrc
Size: 16KB - Virtual size: 13KB