ae28cd802dc5f1201538213a3522a69e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae28cd802dc5f1201538213a3522a69e_JaffaCakes118
Size

732KB
MD5

ae28cd802dc5f1201538213a3522a69e
SHA1

22a8608ac6f02534c937130e0cfe664e21ea795e
SHA256

91a2ee8ef35ea82794827d3347003ef7b99c80f522d773d9b867ed4083020c5c
SHA512

f58550df4db75ce792c59ced37c7e117c6edecf1c2c2781f35c31705f35b52aa2889f654a86af7382d81803d646794e6f53f7a75a138fe93fb3b4667c87ef6ba
SSDEEP

12288:kvbVaKm24ZpbdTriLQ78vPpqLRD3JneIA/YMJDkBrzTvLpm8KHJj1dIXj:cbVaKm2MDTrN78vPaRDZnRA/Hqp/Dpme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae28cd802dc5f1201538213a3522a69e_JaffaCakes118

Files

ae28cd802dc5f1201538213a3522a69e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ecc806229805492250d6fa729705b7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\QUOPQL\WTOOQA\EAASPVTETP\BIPSPSQE\ENFASAB\USVQEMEEO.PDB

Imports

user32

BroadcastSystemMessageW
CharPrevW
EnumDisplaySettingsW
DdeKeepStringHandle
MessageBoxIndirectW
GetDialogBaseUnits
GetDCEx
CharUpperBuffW
SetParent
LookupIconIdFromDirectory
CharPrevA
SetWindowsHookA
GetSysColor
ChangeDisplaySettingsA
CopyAcceleratorTableA
GetClipboardOwner
DdeConnect
GetMenuItemRect
GetClassInfoA
CharUpperBuffA
MoveWindow
RegisterClassA
DdeClientTransaction
CallMsgFilter
MapDialogRect
MapWindowPoints
UnregisterClassA
RegisterClassExA
SetClipboardData
TranslateMDISysAccel
SetLastErrorEx

kernel32

TlsFree
GetCompressedFileSizeA
SetConsoleTitleA
HeapAlloc
EnumDateFormatsA
MapViewOfFile
SetFilePointer
UnlockFile
GlobalFix
SetEndOfFile
QueryPerformanceCounter
ReadConsoleOutputW
WriteConsoleW
CompareStringW
SystemTimeToFileTime
GetSystemTimeAsFileTime
WriteProfileStringA
FreeLibrary
TlsSetValue
GetTimeZoneInformation
GetEnvironmentStrings
GetModuleFileNameA
WideCharToMultiByte
GetDiskFreeSpaceExW
GetEnvironmentStringsW
GetProcAddress
DeleteAtom
GetPrivateProfileStringW
DeleteCriticalSection
GetLocaleInfoW
FindNextFileW
SetHandleCount
GetModuleHandleA
HeapCreate
GetVersionExA
RaiseException
GetTempPathW
GlobalReAlloc
SetSystemTime
TerminateProcess
GetEnvironmentVariableW
WaitForSingleObject
GetTickCount
VirtualFree
HeapReAlloc
SetStdHandle
DeleteFileA
RtlUnwind
IsDebuggerPresent
EnumSystemLocalesA
FreeEnvironmentStringsA
CreateMutexA
GetCurrentThreadId
OpenMutexA
TerminateThread
WriteConsoleA
LCMapStringA
FreeEnvironmentStringsW
CreateFileA
GetLastError
SetLastError
MoveFileA
GetOEMCP
GetDriveTypeW
GetProcessHeap
GetProfileStringA
VirtualAllocEx
TlsAlloc
SetUnhandledExceptionFilter
GetConsoleOutputCP
LCMapStringW
GetStringTypeW
GetAtomNameW
MultiByteToWideChar
VirtualUnlock
GetStringTypeA
lstrcmpiW
SetConsoleCtrlHandler
GlobalAddAtomW
GetLocaleInfoA
GetCPInfo
ExitProcess
CompareStringA
GetDateFormatA
GetFileAttributesW
InterlockedExchange
FindResourceExA
SetPriorityClass
CreateDirectoryExA
GetStartupInfoA
VirtualAlloc
InitializeCriticalSectionAndSpinCount
GetLogicalDriveStringsW
InterlockedIncrement
Sleep
InterlockedDecrement
GetConsoleCP
IsValidCodePage
GetUserDefaultLCID
GetNumberFormatW
FindNextChangeNotification
GetStdHandle
GetCurrentProcess
WriteFile
HeapFree
HeapDestroy
FlushFileBuffers
DosDateTimeToFileTime
GetFileType
VirtualQuery
lstrlenW
UnhandledExceptionFilter
GetCommandLineA
OutputDebugStringA
WaitNamedPipeA
LeaveCriticalSection
SetEnvironmentVariableA
TlsGetValue
LoadLibraryA
CloseHandle
SetEnvironmentVariableW
IsValidLocale
GetCurrentProcessId
OpenProcess
EnterCriticalSection
GetCurrentThread
ReadFile
GetConsoleMode
GlobalGetAtomNameA
LocalShrink
IsBadReadPtr
HeapSize
GetTimeFormatA
GetACP
InitializeCriticalSection
GlobalLock

gdi32

SetMetaRgn
GetNearestPaletteIndex
GetDeviceCaps
EnumEnhMetaFile
DeleteDC
GetTextMetricsA
GetObjectA
PlayMetaFileRecord
GetObjectW
CreateDCA
CreateColorSpaceA
GetGlyphOutline
GetTextCharacterExtra
CreateCompatibleBitmap
DeleteObject
GetClipBox
PatBlt
GetMetaRgn
SelectObject
SetMapperFlags
SetAbortProc

comctl32

ImageList_GetBkColor
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_SetOverlayImage
ImageList_Merge
ImageList_GetIcon
InitCommonControlsEx
ImageList_Replace
ImageList_GetIconSize
DestroyPropertySheetPage

shell32

SHGetNewLinkInfo
ShellHookProc
ShellExecuteExW

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ecc806229805492250d6fa729705b7b

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

gdi32

comctl32

shell32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 404KB - Virtual size: 400KB

.data Size: 140KB - Virtual size: 139KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 404KB - Virtual size: 400KB

.data
Size: 140KB - Virtual size: 139KB

.rsrc
Size: 24KB - Virtual size: 23KB