a76645b57bc43c8c112db61eb8d33b3e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a76645b57bc43c8c112db61eb8d33b3e_JaffaCakes118
Size

480KB
MD5

a76645b57bc43c8c112db61eb8d33b3e
SHA1

9559a6db413f67bf1110e58abfb14486d2b398d2
SHA256

153c95fd5bd6fc7cf3d4a3bde7f4e89fa1c3e3cd4ddff3671854b18c6f1bc0ba
SHA512

957dc653fce7233ddba8cbe68ddfa0d9d2cd3ed870b6fb11bc1475849ea428cd11fe8011b570fef86e00f1a1b433e2bd34aca27b7e61e56cd7452d9bdcbec865
SSDEEP

12288:68ki8a7cm2zqKQ8cs0ARbUAkqo36U0/2D4GxE0kS:Cixpxqof0/2D4b0k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a76645b57bc43c8c112db61eb8d33b3e_JaffaCakes118

Files

a76645b57bc43c8c112db61eb8d33b3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a29e14cd8d039c7fa6af0c8a31e8d834

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\ZEZOZO\GRTXEAJCT.PDB

Imports

user32

SetClipboardData
EqualRect
EnableWindow
CreateWindowExA
BeginPaint
RegisterClassA
DrawStateA
WaitForInputIdle
SetWindowPos
LoadIconA
GetKeyState
DrawEdge
CharUpperA
GetWindow
LoadStringA
PeekMessageA
SetWindowRgn
GetKeyNameTextA
GetForegroundWindow
MessageBoxA
CloseClipboard
SetFocus
PtInRect
DefWindowProcA
GetNextDlgTabItem
IsDlgButtonChecked
MapDialogRect
MoveWindow
GetClassInfoExA
CallWindowProcA
GetActiveWindow
SetWindowPlacement
TrackPopupMenu
DestroyWindow
SetCursorPos
AppendMenuA
GetDlgItemTextA
ShowWindow
GetMessageA
DrawFrameControl
TranslateMessage
GetScrollInfo
KillTimer
GetFocus
DispatchMessageA
SystemParametersInfoA
GetWindowDC
GetWindowLongA
SetMenuItemBitmaps
DrawFocusRect
LoadCursorA
SetWindowLongA
GetDC
WaitMessage
ClientToScreen
CharNextA
DestroyMenu
GetClassLongA
CallNextHookEx
EndPaint
GetSubMenu
GetWindowThreadProcessId
GetSysColorBrush
CopyIcon
SetCursor
RegisterClassExA
DestroyCursor
UpdateWindow

comdlg32

CommDlgExtendedError
PrintDlgA
GetSaveFileNameA
ChooseFontA
PageSetupDlgA
ChooseColorA
GetOpenFileNameA

advapi32

RegOpenKeyExW
RegDeleteValueW
SetFileSecurityW
RegEnumValueW
RegOpenKeyExA
GetUserNameW
RegCreateKeyExW
OpenProcessToken
RegCloseKey
GetFileSecurityW
RegEnumKeyW
RegSetValueW
RegCreateKeyW
RegOpenKeyW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW

ole32

CoRegisterMessageFilter
OleRegGetUserType
CoTaskMemFree
CreateStreamOnHGlobal
CreateOleAdviseHolder
CLSIDFromProgID

kernel32

CloseHandle
InterlockedDecrement
InterlockedExchange
FlushFileBuffers
LCMapStringW
GetProcAddress
FreeEnvironmentStringsA
SetEnvironmentVariableA
ExitProcess
GetCommandLineW
GetModuleHandleA
VirtualQuery
HeapSize
VirtualFree
UnhandledExceptionFilter
GetStringTypeW
GetConsoleOutputCP
GetOEMCP
GetFileType
CreateFileA
GetConsoleCP
GetTickCount
HeapFree
GetDateFormatA
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetTimeFormatA
InterlockedIncrement
GetEnvironmentStrings
HeapReAlloc
GetLocaleInfoA
GetModuleHandleW
IsDebuggerPresent
TlsSetValue
SetLastError
TlsFree
LocalFree
GetCurrentProcess
RaiseException
CreateMutexA
WriteConsoleA
FreeEnvironmentStringsW
WideCharToMultiByte
GetCurrentProcessId
LeaveCriticalSection
LoadLibraryA
GetCurrentThreadId
QueryPerformanceCounter
GetACP
GetSystemTimeAsFileTime
EnterCriticalSection
DeleteCriticalSection
GetCommandLineA
GetTimeZoneInformation
LCMapStringA
ReadFile
VirtualAlloc
WriteConsoleW
RtlUnwind
GetStdHandle
SetUnhandledExceptionFilter
SetStdHandle
GetModuleFileNameA
CompareStringW
SetHandleCount
CompareStringA
InitializeCriticalSection
WriteFile
GetLastError
WaitForSingleObject
MultiByteToWideChar
GetStringTypeA
IsValidCodePage
TerminateProcess
TlsGetValue
SetFilePointer
GetCPInfo
TlsAlloc
Sleep
GetStartupInfoA
HeapAlloc
HeapCreate
GetEnvironmentStringsW

gdi32

SetPolyFillMode
CreateFontIndirectA
GetROP2
BitBlt
GetClipRgn
RoundRect
SetStretchBltMode
SelectClipRgn
CreateRectRgn
GetCurrentPositionEx
GetTextColor
SelectPalette
DPtoLP
ExtSelectClipRgn
GetRgnBox
CreateEllipticRgnIndirect
CreateSolidBrush
CreatePolygonRgn
GetBkColor
CombineRgn
Arc
SetTextJustification
SetTextCharacterExtra
RectInRegion
GetTextExtentPointA
GetFontData
LineTo
OffsetClipRgn
StrokeAndFillPath

shell32

ExtractIconA
ord155

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a29e14cd8d039c7fa6af0c8a31e8d834

Headers

File Characteristics

PDB Paths

Imports

user32

comdlg32

advapi32

ole32

kernel32

gdi32

shell32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 268KB - Virtual size: 265KB

.data Size: 76KB - Virtual size: 94KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 268KB - Virtual size: 265KB

.data
Size: 76KB - Virtual size: 94KB

.rsrc
Size: 16KB - Virtual size: 14KB