b587c767a64b2d731197c4ea3580d0e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b587c767a64b2d731197c4ea3580d0e4_JaffaCakes118
Size

745KB
MD5

b587c767a64b2d731197c4ea3580d0e4
SHA1

6ba64f11de61a30b0bf6df004047205fa531906f
SHA256

f397f3603c5c811aa45cfcbb4e8768787ec1f2de0e4b36c6f8da0562f2a0bd36
SHA512

b1ef9a1cc1e4f646e7c506dabf8dc936015d2da64792862a44ee6061fc654c9510d2d20fdaaf323814b66a5641b42a9a974923a784a0e4743e4ae9673b3bc19c
SSDEEP

12288:EdseEXGS3sPMI46a+SwqQV62VFAx/Sy1+bP73lZ/G0cw:mgFcPJza/c02cxYnbO0z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b587c767a64b2d731197c4ea3580d0e4_JaffaCakes118

Files

b587c767a64b2d731197c4ea3580d0e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d77e2de2c03b0e4cb8f87c625d623dbb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\zwaae\aeizuf\usyx\emrdile\eeeepl\czjm.PDB

Imports

shell32

ord155
SHGetDesktopFolder
DragQueryFileA

user32

SetPropW
SetWindowPos
DrawStateW
EndDialog
UnhookWindowsHookEx
UnpackDDElParam
DestroyMenu
LoadImageW
SetCapture
DestroyWindow
MoveWindow
SetActiveWindow
CopyRect
GetSubMenu
CreateDialogIndirectParamW
GetPropW
MessageBoxW
IsIconic
CheckMenuItem
GetWindowTextA
GetSystemMenu
GetMessageW
GetDlgItem
SendDlgItemMessageW
CloseClipboard
TrackPopupMenu
GetWindow
PostThreadMessageW
SetWindowsHookExW
GetClientRect
GetUpdateRect
GetTopWindow
LoadMenuW
wsprintfW
AdjustWindowRectEx
RegisterClipboardFormatW
SystemParametersInfoA
AppendMenuW
CreateWindowExW
GetForegroundWindow
PtInRect
LoadBitmapW
CallNextHookEx
GetClipboardData
GetWindowThreadProcessId
SetMenu
TranslateMessage
IsWindow
IntersectRect
GetActiveWindow
RegisterClassExW
SetRect
CreatePopupMenu
GetDoubleClickTime
IsRectEmpty
DispatchMessageW
SetTimer
EmptyClipboard
GetSystemMetrics
GetCapture
PeekMessageW
InvalidateRect
SetWindowRgn
GetMessagePos
GetKeyState
SetWindowPlacement
ReleaseCapture
GetMenu
BeginPaint
FindWindowW
ReleaseDC
SendMessageW
GetParent
GetMenuItemID
ShowWindow
ScreenToClient
GetCursorPos
InsertMenuItemW
GetWindowLongW
RemovePropW
DrawIcon
GetWindowTextW
RegisterClassW
EndPaint
MessageBeep
SetCursor
DestroyIcon
IsZoomed
SetClipboardData
DefWindowProcW
MapWindowPoints
GetFocus
IsChild
SetForegroundWindow
GetMenuItemCount
InflateRect

kernel32

FatalAppExitA
GetTickCount
lstrcmpW
LeaveCriticalSection
HeapReAlloc
SetStdHandle
GlobalHandle
DeleteCriticalSection
GlobalUnlock
QueryPerformanceCounter
TlsGetValue
UnmapViewOfFile
GetModuleFileNameA
GetCurrentProcessId
SetLastError
VirtualAlloc
GetCommandLineW
SetFilePointer
InterlockedCompareExchange
GetModuleFileNameW
WideCharToMultiByte
GetDateFormatA
HeapSize
HeapAlloc
CompareStringW
GetCurrentProcess
GetLocaleInfoA
TerminateProcess
GetStartupInfoA
FreeEnvironmentStringsW
lstrcmpiW
GetLocaleInfoW
IsBadWritePtr
GetSystemTimeAsFileTime
GetVersion
ExitProcess
HeapCreate
HeapDestroy
LCMapStringW
GetCurrentThread
UnhandledExceptionFilter
IsValidLocale
GetCurrentThreadId
GetEnvironmentStringsW
GetStartupInfoW
LocalFileTimeToFileTime
GetFileType
MultiByteToWideChar
GetModuleHandleW
VirtualFree
CreateMutexW
GetTimeZoneInformation
GetLastError
InterlockedExchange
RtlUnwind
GetCPInfo
GetLocalTime
GetTimeFormatA
IsValidCodePage
LCMapStringA
GetStringTypeW
GetStdHandle
GetCommandLineA
CreateFileA
WriteConsoleA
VirtualQuery
HeapFree
GetModuleHandleA
RaiseException
TlsAlloc
GetFullPathNameA
GetACP
GetVersionExA
GetStringTypeA
SetEnvironmentVariableA
GetOEMCP
FindClose
SetHandleCount
GetSystemInfo
CompareStringA
InitializeCriticalSection
GetEnvironmentStrings
EnterCriticalSection
GetUserDefaultLCID
FreeEnvironmentStringsA
VirtualProtect
TlsSetValue
WriteFile
lstrlenA
FlushFileBuffers
LoadLibraryA
GetProcAddress
GetTempPathA
CloseHandle
ReadFile
TlsFree
Sleep

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameA
ChooseColorA

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 96KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d77e2de2c03b0e4cb8f87c625d623dbb

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

kernel32

comdlg32

Sections

.text Size: 82KB - Virtual size: 81KB

.rdata Size: 457KB - Virtual size: 457KB

.data Size: 96KB - Virtual size: 117KB

.rsrc Size: 33KB - Virtual size: 32KB

.drdata Size: 76KB - Virtual size: 76KB

.text
Size: 82KB - Virtual size: 81KB

.rdata
Size: 457KB - Virtual size: 457KB

.data
Size: 96KB - Virtual size: 117KB

.rsrc
Size: 33KB - Virtual size: 32KB

.drdata
Size: 76KB - Virtual size: 76KB