b88f374c24524929cd7990dc37950f33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b88f374c24524929cd7990dc37950f33_JaffaCakes118
Size

540KB
MD5

b88f374c24524929cd7990dc37950f33
SHA1

240f723183144096d0364fd898bd4e61c01be232
SHA256

6877e49b835f4ba624206d862ae49f04b93bdc0257e20de6d6ea2582682a7887
SHA512

980f46ca4a9edcfd5b532f38e337d1783060e2410b82ec26a6e658f220f39519e55026979cbc70d3ab7c2c5983408d356903b610ed0e63783e43c247c51deab5
SSDEEP

12288:5izkVERCU5rXLZu735KssHIeEKHximb9:czME8iDVuL8sWRimb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b88f374c24524929cd7990dc37950f33_JaffaCakes118

Files

b88f374c24524929cd7990dc37950f33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b12013c1f22054e1466bb1a194d02372

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SQKESAMSJT\AENQOQEJOB.PDB

Imports

user32

DefFrameProcA
DdeCmpStringHandles
DdeDisconnect
EnumWindows
CreateDesktopA
DragObject
DragDetect
GetKeyNameTextW
OpenDesktopW
ShowCursor
EnumDisplayMonitors
SendDlgItemMessageA
GetMessagePos
MessageBoxA
CreateWindowExA
MessageBoxIndirectW
DialogBoxParamW
DdeUninitialize
DdeInitializeA
GetKeyboardLayoutNameA
RegisterClassA
DestroyWindow
GetMenu
NotifyWinEvent
GetWindowContextHelpId
ShowWindowAsync
SetFocus
CreateAcceleratorTableA
GetMenuItemRect
EnumPropsExA
TabbedTextOutA
GetKeyboardLayoutList
CreateDialogParamW
OffsetRect
DefWindowProcW
GetMenuStringA
DispatchMessageW
DestroyAcceleratorTable
DialogBoxIndirectParamW
GetWindowLongA
UpdateWindow
LoadIconW
CharNextExA
ShowWindow
CharLowerBuffW
GetClassInfoExW
EnumWindowStationsA
EnumDesktopsW
GetSysColorBrush
RegisterClassExA
GetProcessDefaultLayout
CloseDesktop
DdeCreateStringHandleA
SetWindowRgn
MonitorFromWindow
GetAsyncKeyState

comctl32

InitCommonControlsEx
ImageList_EndDrag
ImageList_GetImageCount
ImageList_DragShowNolock
ImageList_SetFlags
ImageList_BeginDrag
ImageList_LoadImage
ImageList_SetDragCursorImage
ImageList_Read
ImageList_SetIconSize
ImageList_DragLeave

kernel32

GetVersionExA
GetProcessAffinityMask
FlushFileBuffers
MoveFileExW
VirtualQuery
GetFileType
GetNamedPipeHandleStateA
SleepEx
GetCurrentProcess
IsBadWritePtr
ReadFile
WritePrivateProfileStringA
QueryPerformanceCounter
ReadFileEx
GetEnvironmentStringsW
WriteFileEx
CompareStringA
LCMapStringW
GetModuleHandleA
GetCurrentDirectoryA
HeapReAlloc
ExitProcess
GetEnvironmentStrings
GetTimeFormatA
GetTimeZoneInformation
TlsGetValue
SetFilePointer
GetStartupInfoA
OpenFileMappingA
GetDateFormatA
GetStringTypeA
LeaveCriticalSection
FreeEnvironmentStringsA
GetOEMCP
IsValidCodePage
VirtualAlloc
GetProcAddress
GetCurrentThreadId
HeapDestroy
GetSystemTimeAdjustment
HeapCreate
LoadLibraryA
EnumSystemLocalesA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetNamedPipeInfo
GetProcessHeap
SetCurrentDirectoryW
SetEnvironmentVariableA
HeapFree
GetFileSize
SetStdHandle
TlsAlloc
GetACP
GetLocaleInfoA
TlsSetValue
CreateMutexA
CompareStringW
VirtualProtect
GetLastError
GetConsoleOutputCP
SetLastError
GetStdHandle
GetCurrentThread
LocalFileTimeToFileTime
FindNextChangeNotification
GetCurrentProcessId
InterlockedExchange
LCMapStringA
LockResource
UnlockFile
SetHandleCount
VirtualFree
WideCharToMultiByte
CreateDirectoryA
IsValidLocale
RtlUnwind
DeleteCriticalSection
lstrcpynA
GetCommandLineA
GetModuleFileNameA
TerminateProcess
WriteFile
SetTimeZoneInformation
GetStringTypeW
FindFirstFileExA
IsBadReadPtr
GetTickCount
CloseHandle
GetCPInfo
TlsFree
HeapAlloc
GetLocaleInfoW
GetSystemInfo
OpenSemaphoreW
CreateDirectoryW
EnterCriticalSection
OpenMutexA
MultiByteToWideChar
HeapSize
FreeEnvironmentStringsW
GetProcessHeaps
WaitForMultipleObjects
InitializeCriticalSection
SetVolumeLabelA
UnhandledExceptionFilter

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b12013c1f22054e1466bb1a194d02372

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 244KB - Virtual size: 241KB

.data Size: 120KB - Virtual size: 143KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 244KB - Virtual size: 241KB

.data
Size: 120KB - Virtual size: 143KB

.rsrc
Size: 16KB - Virtual size: 12KB