a5daeaa7679d7743a5b78bd3dea1264e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5daeaa7679d7743a5b78bd3dea1264e_JaffaCakes118
Size

619KB
MD5

a5daeaa7679d7743a5b78bd3dea1264e
SHA1

8f9c07f39cc6c8d72cd94e3abba4b6498fe92a50
SHA256

67d5eb928786b6c6a310562af6d83cb4bd7be409429991d5805454580a00321e
SHA512

ac666bd743c202a03f85010c87342c2d6e7b473e31e35acda7c99365f45657214f87b01b697bc78598bc4de597a45bcde93e973bb7ef306f93a5f23218a84941
SSDEEP

12288:O9rRvER8Ki7k7rUAq34KAf6AdGKjxKd98ZwR78HA2AMccS:O9tEviY7rUKKAldGK4damYV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5daeaa7679d7743a5b78bd3dea1264e_JaffaCakes118

Files

a5daeaa7679d7743a5b78bd3dea1264e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a750419969b8a7f803b5462cd6f94db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\eor\b

Imports

user32

EnumPropsExW
RegisterClassExA
CharLowerW
GetMenuItemRect
CharNextA
DdeSetUserHandle
DrawTextExA
ReuseDDElParam
InsertMenuItemA
DestroyWindow
SendMessageTimeoutW
AttachThreadInput
ChildWindowFromPoint
ShowWindow
EnumWindows
GetMenuItemInfoW
PostMessageA
EnumPropsA
DeferWindowPos
MessageBoxW
CreateWindowStationW
RegisterClassA
IsDialogMessageW
GetForegroundWindow
SetDeskWallpaper
EmptyClipboard
GetShellWindow
GetClipboardData
DefWindowProcW
UnregisterHotKey
GetClipboardSequenceNumber
GetWindowDC
DefFrameProcA
wsprintfA
InSendMessage
ShowWindowAsync
ScreenToClient
DrawFocusRect
LoadCursorW
SetWindowsHookW
wvsprintfA
LoadCursorFromFileA
EnumChildWindows
IsChild
DdeConnectList
DispatchMessageW
CharToOemBuffA
CreateIconFromResource
DestroyCursor
CreateWindowExW
InvalidateRect
AnimateWindow
GetCapture
EnumClipboardFormats
IsCharAlphaA
DlgDirSelectExA
ChangeDisplaySettingsA
CharPrevExA
FillRect
ChangeDisplaySettingsExW

kernel32

HeapFree
HeapCreate
VirtualAlloc
GetFileSize
CloseHandle
LCMapStringW
TlsAlloc
GetSystemTimeAsFileTime
GetCPInfo
EnumSystemLocalesA
CreateMutexA
EnterCriticalSection
LoadLibraryA
SetLastError
FreeLibrary
DeleteCriticalSection
MultiByteToWideChar
LeaveCriticalSection
LCMapStringA
IsValidCodePage
CompareStringA
SetHandleCount
InterlockedExchange
SetFilePointer
GetStartupInfoA
TerminateProcess
ExitProcess
UnhandledExceptionFilter
GetModuleHandleA
VirtualFree
GetEnvironmentStrings
TlsGetValue
GetThreadContext
GetLocaleInfoA
GetSystemInfo
SetEnvironmentVariableA
FlushFileBuffers
GetModuleFileNameA
SetStdHandle
GetTimeFormatA
GetStringTypeW
WriteFile
HeapAlloc
GetStringTypeA
TlsSetValue
GetStdHandle
GetCurrentProcessId
GetProcAddress
GetCurrentThreadId
CompareStringW
HeapDestroy
VirtualQuery
OpenMutexA
GlobalLock
HeapReAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetACP
GetVersionExA
GetUserDefaultLCID
GetDateFormatA
IsBadWritePtr
IsValidLocale
WaitForSingleObjectEx
GetFileType
VirtualProtect
RtlUnwind
GetTickCount
GetTimeZoneInformation
HeapSize
TlsFree
GetOEMCP
GetLastError
ReadFile
GetLocaleInfoW
GetCurrentThread
QueryPerformanceCounter
GetCommandLineA
MoveFileA
FreeEnvironmentStringsW
InitializeCriticalSection
WideCharToMultiByte
GetCurrentProcess

wininet

ShowCertificate
GopherFindFirstFileW
ShowClientAuthCerts
InternetInitializeAutoProxyDll
HttpOpenRequestA

comctl32

ImageList_GetFlags
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_Create
InitCommonControlsEx
ImageList_SetFilter
ImageList_DrawIndirect
GetEffectiveClientRect
ImageList_Remove
DrawStatusTextW
ImageList_Write
ImageList_SetFlags
ImageList_Destroy
ImageList_Merge
DestroyPropertySheetPage
CreatePropertySheetPageW
CreateStatusWindowA
ImageList_LoadImageA
ImageList_SetOverlayImage
DrawStatusText
CreateToolbarEx
CreatePropertySheetPageA
_TrackMouseEvent
ImageList_LoadImage
ImageList_DrawEx

comdlg32

ChooseFontW
GetSaveFileNameA
ReplaceTextW
GetFileTitleW

Sections

.text
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 263KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a750419969b8a7f803b5462cd6f94db

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

wininet

comctl32

comdlg32

Sections

.text Size: 195KB - Virtual size: 194KB

.rdata Size: 263KB - Virtual size: 262KB

.data Size: 109KB - Virtual size: 119KB

.rsrc Size: 51KB - Virtual size: 51KB

.text
Size: 195KB - Virtual size: 194KB

.rdata
Size: 263KB - Virtual size: 262KB

.data
Size: 109KB - Virtual size: 119KB

.rsrc
Size: 51KB - Virtual size: 51KB