ae72f6d3f75bb98ac655723f93261578_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae72f6d3f75bb98ac655723f93261578_JaffaCakes118
Size

888KB
MD5

ae72f6d3f75bb98ac655723f93261578
SHA1

47cebc7a23c381502d4d790d6ed7515437efd2c4
SHA256

b6fab1fbee66c097e7242d0ec98326917295a4026ebc54640ebf31337e0e2930
SHA512

e55cd56ea19a6434f993f3b1ab03c8d7d9b09605e3a22fdb11f4941af93b5de11a0cefbf2b73d8304f68c812437d5a55cb42d412c3175ce66e0dc8a5274025f5
SSDEEP

12288:GlkIHJ8siUWGmUaQI0AtJ8zdd1fo1sXQu9f6NA3AulYF4/uQbyAkCIe1cY06Hng4:GP9tmr0AtIvWgfvQul04/htbJ17HKXU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae72f6d3f75bb98ac655723f93261578_JaffaCakes118

Files

ae72f6d3f75bb98ac655723f93261578_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c7f8ef11934c6ace40698c28c393f63

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\uat\gncde\exponre\ceuetekys.pdb

Imports

shell32

SHGetSpecialFolderPathW
ShellExecuteW
DragFinish
SHGetDesktopFolder

user32

GetWindowDC
PeekMessageW
MoveWindow
OpenClipboard
LoadStringW
GetSystemMetrics
SendDlgItemMessageA
LoadCursorW
GetDlgCtrlID
UpdateWindow
RegisterWindowMessageW
IsWindow
EndPaint
MessageBoxW
SetWindowLongW
UnregisterClassW
GetDesktopWindow
SendMessageW
BeginDeferWindowPos
CallNextHookEx
EnumWindows
SetRectEmpty
GetClassInfoExW
GetParent
GetActiveWindow
FlashWindow
RegisterClassExW
WaitMessage
GetSysColor
DispatchMessageW
SetCursor
SetWindowPos
InflateRect
GetDC
GetSysColorBrush
SetFocus
GetMessagePos
wsprintfW
PostMessageW
UnhookWindowsHookEx
CreateWindowExW
IsIconic
GetClassLongW
EndDeferWindowPos
GetWindowRect
LoadIconW
GetMessageW
IsClipboardFormatAvailable
DestroyIcon
GetDCEx
GetWindowLongW
CopyRect
GetFocus
SetRect
BeginPaint
PtInRect
ShowScrollBar
SetMenuDefaultItem
InsertMenuW
RegisterClassW
SetMenuItemBitmaps
InvalidateRgn
TrackPopupMenu
ScreenToClient
PostQuitMessage
LockWindowUpdate
FrameRect
SetDlgItemTextW
ShowWindow
UnregisterClassA
GetCursorPos
GetDlgItem
GetClipboardData
GetSubMenu
SetCapture
RedrawWindow
WindowFromPoint
SetMenu

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
PropertySheetW
InitCommonControlsEx

kernel32

GetModuleHandleA
QueryPerformanceCounter
InterlockedIncrement
LoadLibraryW
TlsFree
GetConsoleOutputCP
HeapCreate
MultiByteToWideChar
GetSystemTimeAsFileTime
IsValidCodePage
VirtualAlloc
DeleteCriticalSection
CloseHandle
WaitForSingleObject
WriteConsoleA
FreeEnvironmentStringsW
SetHandleCount
GetModuleFileNameW
GetCPInfo
SetLastError
GetTickCount
CompareStringW
WriteFile
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
WriteConsoleW
LCMapStringA
UnhandledExceptionFilter
HeapReAlloc
GetTimeZoneInformation
SetStdHandle
Sleep
TlsSetValue
GetModuleFileNameA
HeapAlloc
GetTimeFormatA
LocalFree
GetStartupInfoW
FlushFileBuffers
VirtualFree
GetProcAddress
LCMapStringW
IsDebuggerPresent
CreateFileA
GetFileType
TlsAlloc
SetUnhandledExceptionFilter
GetOEMCP
ExitProcess
HeapDestroy
GetStringTypeA
VirtualQuery
GetConsoleCP
RtlUnwind
GetCurrentProcess
WideCharToMultiByte
LoadLibraryA
ReadFile
GetCommandLineW
GetModuleHandleW
GetStartupInfoA
LeaveCriticalSection
RaiseException
GetCurrentThreadId
IsBadReadPtr
InterlockedDecrement
OutputDebugStringA
SetConsoleCtrlHandler
SetEnvironmentVariableA
GetACP
HeapValidate
GetStdHandle
HeapSize
GetLocaleInfoA
TerminateProcess
InterlockedExchange
HeapFree
EnterCriticalSection
GetCurrentProcessId
GetDateFormatA
GetLastError
CompareStringA
CreateMutexW
DebugBreak
GetConsoleMode
GetStringTypeW
SetFilePointer
TlsGetValue
GetEnvironmentStringsW

winspool.drv

ord204
ClosePrinter
OpenPrinterA
DocumentPropertiesA

wininet

InternetConnectA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetWriteFile

Sections

.text
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c7f8ef11934c6ace40698c28c393f63

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

comctl32

kernel32

winspool.drv

wininet

Sections

.text Size: 232KB - Virtual size: 229KB

.rdata Size: 504KB - Virtual size: 502KB

.data Size: 112KB - Virtual size: 121KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 232KB - Virtual size: 229KB

.rdata
Size: 504KB - Virtual size: 502KB

.data
Size: 112KB - Virtual size: 121KB

.rsrc
Size: 36KB - Virtual size: 34KB