abe35f78d4acbf180a794128ad071721_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abe35f78d4acbf180a794128ad071721_JaffaCakes118
Size

328KB
MD5

abe35f78d4acbf180a794128ad071721
SHA1

bd46029276433b52a3db9d2f2e0ccd838911e3b2
SHA256

ef86dd4608cbda6765940e18f867d40272ba12e1ae1818901c9828b554e0c080
SHA512

b21b437449402cdb53638f7935e446125ff534f11a0ace71905824e8b255d13ed9102251879fcc7c1dfc3267927278bc6cf37ffff5c86e565f4cf42e50c4d0b0
SSDEEP

6144:cdUvRkV17TiHDbh+zecxO0wryIjqoyIZ+aX4eJOoQv7udcxbqIR:cz1HiHDl+aGGOIjqo+y4vNu6xT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abe35f78d4acbf180a794128ad071721_JaffaCakes118

Files

abe35f78d4acbf180a794128ad071721_JaffaCakes118
.exe windows:4 windows x86 arch:x86

845a6ed5eab52b92d8d8584a90015133

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\ykiuoeyb\hhjoouhse\ofch\erbwvykik.pdb

Imports

kernel32

GetStringTypeW
InitializeCriticalSection
CreateFileA
GetStartupInfoA
FreeEnvironmentStringsA
IsBadCodePtr
GetSystemTimeAsFileTime
LCMapStringW
TlsAlloc
GetStdHandle
TerminateProcess
TlsGetValue
FlushFileBuffers
GetOEMCP
GetProcAddress
HeapReAlloc
InterlockedDecrement
LoadLibraryA
GetTimeFormatA
SetUnhandledExceptionFilter
InterlockedExchange
LCMapStringA
SetLastError
GetFileType
GetCommandLineA
WideCharToMultiByte
EnterCriticalSection
CreateEventA
GetCurrentProcess
VirtualProtect
SetCurrentDirectoryA
HeapFree
HeapAlloc
GetModuleFileNameA
MultiByteToWideChar
SetHandleCount
CloseHandle
CreateMutexA
GetExitCodeProcess
HeapCreate
GetACP
TlsFree
VirtualFree
LeaveCriticalSection
SetFilePointer
GetEnvironmentStrings
WriteFile
ReadFile
GetModuleHandleA
GetEnvironmentStringsW
UnhandledExceptionFilter
HeapValidate
SetStdHandle
RtlUnwind
GetCPInfo
GetSystemInfo
CompareStringW
VirtualAlloc
GetVersionExA
DeleteCriticalSection
TlsSetValue
GetTimeZoneInformation
CompareStringA
GetStringTypeA
GetLastError
VirtualQuery
FreeEnvironmentStringsW
GetTickCount
OutputDebugStringA
HeapDestroy
QueryPerformanceCounter
GetDateFormatA
SetEnvironmentVariableA
GetLocaleInfoA
DebugBreak
RaiseException
GetCurrentProcessId
IsBadWritePtr
IsBadReadPtr
GetCurrentThreadId
InterlockedIncrement
lstrcmpA
ExitProcess

winmm

mixerOpen
mixerGetNumDevs
mixerClose
mixerSetControlDetails

winspool.drv

DocumentPropertiesA
ord204
ClosePrinter

version

GetFileVersionInfoA
VerQueryValueA

ole32

ReadFmtUserTypeStg
CoTreatAsClass
ReadClassStg
SetConvertStg
CLSIDFromString
StringFromCLSID
WriteFmtUserTypeStg
CoTaskMemFree

shell32

DragFinish
SHGetMalloc

user32

PeekMessageA
LoadMenuA
DrawTextA
IsMenu
PostQuitMessage
SetClipboardData
GetForegroundWindow
GetDC
GetClassInfoA
IsIconic
SetWindowRgn
RedrawWindow
MsgWaitForMultipleObjects
DrawFrameControl
LoadImageA
GetMessageA
GetCursorPos
CreateDialogIndirectParamA
ValidateRect
IsWindowEnabled
ReuseDDElParam
GetParent
InflateRect
GetClassInfoExA
LoadIconA
GetDlgItem
GetKeyboardLayout
ReleaseDC
IsRectEmpty
GetWindowTextA
FillRect
SetTimer
GetActiveWindow
IsWindowVisible
GetWindowRect
GetSysColorBrush
BringWindowToTop
MapWindowPoints
DestroyWindow
SetFocus
RegisterClassExA
CopyIcon
UnionRect
IsChild
BeginPaint
SetRectEmpty
MessageBoxA
SetScrollPos
GetWindow
InsertMenuA
LoadCursorA
EndPaint
DefWindowProcA
CreatePopupMenu
UpdateWindow
RegisterClassA
RemoveMenu
DrawMenuBar
CallWindowProcA
SetCursor
CreateWindowExA
GetIconInfo
ScreenToClient
LoadStringA
DestroyAcceleratorTable
ShowWindow
LoadBitmapA
DrawEdge
CopyRect
EnableWindow
UnregisterClassA
CopyImage
GetDlgCtrlID
MapDialogRect

gdi32

SetBkMode
ExtTextOutA
GetDeviceCaps
ResetDCA
PathToRegion
DeleteObject
SetPixelV
GetROP2
CreateDCA
SetBitmapDimensionEx
Rectangle
GetStockObject
GetPolyFillMode
GetObjectA
SetPolyFillMode
RectVisible
Polygon
DeleteDC
GetBitmapDimensionEx
GetStretchBltMode

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

845a6ed5eab52b92d8d8584a90015133

Headers

File Characteristics

PDB Paths

Imports

kernel32

winmm

winspool.drv

version

ole32

shell32

user32

gdi32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 60KB - Virtual size: 83KB

.rsrc Size: 64KB - Virtual size: 62KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 60KB - Virtual size: 83KB

.rsrc
Size: 64KB - Virtual size: 62KB