a9279626f8f98283231f02adb4ee9455_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9279626f8f98283231f02adb4ee9455_JaffaCakes118
Size

748KB
MD5

a9279626f8f98283231f02adb4ee9455
SHA1

8bb463e4412864426c499347d9a769c27ce2f392
SHA256

10bc650e72d79b717a4411f7aaaf22ac9f8dc3046065af0e1f269eaafc871dc5
SHA512

56b368587d1468bc06a045e8a974b4588422a081850da37d1113df1b2e7cae804d243216bfa092f9d78ea5c1ee2cd153c8094178e4473e2e1179e7872db69874
SSDEEP

12288:dnsxQBvuhsa4nDdjq/p9oZgKp8jZXBCvuyopyp67PR0ySETGG52LNfnote0:dsxOnDdjqhWgGQ7yopys3ULNme0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9279626f8f98283231f02adb4ee9455_JaffaCakes118

Files

a9279626f8f98283231f02adb4ee9455_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bb44def93d73efc441a28ca2ccc2af76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ejovt\kuhea\psg\eugeawq.pdb

Imports

shell32

ShellAboutA

wininet

HttpSendRequestExA
DeleteUrlCacheEntryA
FtpRenameFileW
GopherOpenFileW
InternetReadFile
InternetQueryOptionW

user32

GetMenuDefaultItem
SetMenuContextHelpId
CreateDialogIndirectParamW
CharUpperA
DefWindowProcA
DdeQueryConvInfo
SetSystemCursor
SwapMouseButton
CreateMDIWindowW
SetScrollRange
GetDlgItemInt
IsDialogMessage
DdeUnaccessData
SetPropA
ImpersonateDdeClientWindow
GetProcessWindowStation
CopyAcceleratorTableA
GetCapture
GetScrollPos
GetWindowTextLengthA
EnumPropsExA
CreateDialogIndirectParamA
EndTask
CreateWindowExW
EnumDisplayDevicesA
MapWindowPoints
InsertMenuA
GetMonitorInfoA
RealGetWindowClass
ShowWindow
TranslateAccelerator
RegisterWindowMessageA
GetMenuItemInfoW
EnumDisplayMonitors
ModifyMenuA
DispatchMessageW
DestroyWindow
DrawStateW
CallWindowProcA
DdeQueryNextServer
GetUpdateRect
LoadMenuIndirectA
GetTabbedTextExtentA
GetWindowModuleFileNameW
DefDlgProcW
GetCursorInfo
RegisterClassA
DragDetect
RegisterClassExA
CharNextW
BroadcastSystemMessage
CharToOemBuffA
UnionRect
EmptyClipboard
GetMenuCheckMarkDimensions
SetForegroundWindow
LockWindowUpdate
EnumDisplaySettingsExA
CloseWindow
CreateWindowStationW
InsertMenuW
DrawFocusRect
WinHelpW
DestroyIcon
CopyImage
TrackPopupMenu
SendIMEMessageExA
CloseClipboard
InvalidateRgn
GetWindowPlacement
LookupIconIdFromDirectory
GetQueueStatus
MessageBoxW

kernel32

SetThreadPriority
GetModuleFileNameA
GetLongPathNameW
UnhandledExceptionFilter
LeaveCriticalSection
GetProfileStringA
GetDiskFreeSpaceExW
OutputDebugStringW
WriteConsoleA
CreateFileMappingW
GetStringTypeW
GetOEMCP
RaiseException
GetModuleFileNameW
WriteFile
PulseEvent
FlushConsoleInputBuffer
WideCharToMultiByte
GetACP
GetDateFormatA
TlsFree
FindAtomW
QueryPerformanceCounter
GetLongPathNameA
IsBadWritePtr
InterlockedDecrement
CreateMutexA
GetConsoleMode
GetVersionExA
GetConsoleCP
GetUserDefaultLCID
GetThreadTimes
GetProcessHeap
SetThreadLocale
OpenFileMappingW
WriteConsoleW
RtlUnwind
ResumeThread
GetAtomNameW
TlsAlloc
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
HeapFree
LCMapStringW
LocalHandle
DeleteFileW
GetCurrentProcessId
SetConsoleOutputCP
GetMailslotInfo
VirtualAlloc
SetEndOfFile
DebugBreak
GetSystemTimeAsFileTime
GetLastError
SetFilePointer
SetConsoleCursorPosition
GetCPInfo
HeapReAlloc
LocalAlloc
InterlockedIncrement
HeapCreate
ExitProcess
VirtualQuery
TransmitCommChar
GetStdHandle
SetLastError
GetLocaleInfoA
GetFileType
SetVolumeLabelW
CreateFileMappingA
LoadLibraryW
HeapAlloc
CompareStringW
TlsSetValue
GetTimeZoneInformation
LCMapStringA
WaitForMultipleObjects
GetSystemTime
FlushFileBuffers
FreeEnvironmentStringsW
LoadLibraryA
WritePrivateProfileStringW
SetUnhandledExceptionFilter
WriteConsoleInputA
GetProcAddress
lstrlenA
SetStdHandle
WaitForMultipleObjectsEx
InterlockedExchange
FreeLibrary
GetCurrentProcess
OutputDebugStringA
SetConsoleScreenBufferSize
DeleteFiber
CreateFileA
TerminateProcess
GetLocaleInfoW
EnumSystemLocalesA
InitializeCriticalSection
UnlockFileEx
HeapDestroy
GetPrivateProfileStringW
SetHandleCount
SetFileAttributesW
OpenMutexW
IsBadReadPtr
ReadFile
SetTimeZoneInformation
IsValidCodePage
VirtualFree
GetModuleHandleW
WriteConsoleOutputCharacterW
GetTickCount
GetStringTypeA
FreeEnvironmentStringsA
GetNamedPipeHandleStateA
GetCurrentThread
GetThreadPriorityBoost
GetTimeFormatA
CompareStringA
GetEnvironmentStrings
IsValidLocale
GetStartupInfoW
EnterCriticalSection
lstrcpyn
DeleteCriticalSection
SetConsoleCtrlHandler
SetSystemTime
GetEnvironmentStringsW
FindNextFileA
GetModuleHandleA
CommConfigDialogA
HeapValidate
IsDebuggerPresent
SetConsoleTitleA
OpenProcess
OpenMutexA
TlsGetValue
FormatMessageW
CloseHandle
GetConsoleOutputCP
SetEnvironmentVariableA
GetTimeFormatW
MultiByteToWideChar

comdlg32

GetOpenFileNameA

comctl32

ImageList_DrawEx
ImageList_Read
ImageList_AddIcon
CreateStatusWindowA
CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_EndDrag
CreatePropertySheetPage
ImageList_Duplicate
ImageList_DrawIndirect
InitCommonControlsEx
ImageList_Write
ImageList_SetFlags
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_DragLeave
ImageList_Draw

Sections

.text
Size: 296KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb44def93d73efc441a28ca2ccc2af76

Headers

File Characteristics

PDB Paths

Imports

shell32

wininet

user32

kernel32

comdlg32

comctl32

Sections

.text Size: 296KB - Virtual size: 293KB

.rdata Size: 296KB - Virtual size: 292KB

.data Size: 112KB - Virtual size: 114KB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: 296KB - Virtual size: 293KB

.rdata
Size: 296KB - Virtual size: 292KB

.data
Size: 112KB - Virtual size: 114KB

.rsrc
Size: 40KB - Virtual size: 36KB