b8f591cf923d3525da48470efbf8a019_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b8f591cf923d3525da48470efbf8a019_JaffaCakes118
Size

412KB
MD5

b8f591cf923d3525da48470efbf8a019
SHA1

63139c06380b24d3547620dc6d21a6907b08f09c
SHA256

862414cd3b5b585e89e2fa767efef1efaec227672a2a627811768e1452a14386
SHA512

fac570a41d500a1c43884dc2c14c602fe26d05b4c4359cf5d3fe91f133ac8f39043554ab03bc80643fc1bd99c62538d8d41d380abd20b776179c6272c0be1551
SSDEEP

6144:iZooAwmYja5DvwSpJrkvbyAYUYyXBoJHlHLmMltZJ:2obnYmd1rubyAVYYBoJFHLm0tZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8f591cf923d3525da48470efbf8a019_JaffaCakes118

Files

b8f591cf923d3525da48470efbf8a019_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e4140b796be670b137b5f7df07c0df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\etxyutoz\nexde\uiotg\kcoi

Imports

user32

DefWindowProcA
LoadBitmapW
SetMenuContextHelpId
AttachThreadInput
CreateCaret
EnumPropsExW
DefDlgProcA
LoadMenuIndirectW
SetScrollInfo
TranslateAccelerator
CallMsgFilter
OemToCharA
GetDlgItemInt
ChildWindowFromPointEx
LoadMenuIndirectA
IsDialogMessageA
SetWindowPos
RegisterClassExA
IsCharAlphaA
ChangeDisplaySettingsA
GetGuiResources
GetInputState
ReuseDDElParam
TabbedTextOutW
IsCharLowerW
FindWindowExA
CheckMenuItem
DrawAnimatedRects
SetWindowsHookExW
GetWindowModuleFileNameA
DdeNameService
MessageBoxIndirectA
SendNotifyMessageA
DestroyWindow
IsChild
EndMenu
CreateIconFromResourceEx
SetWinEventHook
GetMessagePos
RegisterClassExW
ChangeMenuA
ChangeClipboardChain
KillTimer
SetDlgItemInt
DlgDirSelectComboBoxExW
DrawTextExA
GetNextDlgTabItem
GetKeyboardLayoutNameA
GetInputDesktop
DdeFreeDataHandle
IsIconic
PaintDesktop
OpenClipboard
SetClassWord
GetWindowTextLengthW
LoadMenuA
IsWindowEnabled
DdeCmpStringHandles
ShowWindow
SetPropA
SetCapture
TabbedTextOutA
TileChildWindows
GetWindow
DdeGetLastError
RegisterClassA
GetMonitorInfoW
ChangeMenuW
GetDoubleClickTime
GetMenuState
DdeInitializeW
LookupIconIdFromDirectoryEx
MessageBoxA
GetClipboardViewer
wsprintfW
ExcludeUpdateRgn
CreateWindowExW
TrackMouseEvent
GetSubMenu
ToUnicodeEx
LoadIconA
MenuItemFromPoint
FindWindowA
MessageBoxW
GetGUIThreadInfo
GetMenuCheckMarkDimensions
GetKeyboardLayout
WinHelpW
LookupIconIdFromDirectory
DrawFrameControl
EnumDesktopsW
CascadeChildWindows
TileWindows
ClipCursor
TranslateMessage
GetScrollBarInfo
OemToCharW
CreateAcceleratorTableA
DialogBoxParamA
AnimateWindow

advapi32

LookupAccountNameW
RegSaveKeyA
RegSetKeySecurity
CryptSetProviderW
CryptDuplicateHash
CryptSetProviderExW
CryptGetDefaultProviderA

shell32

FreeIconList
SHGetPathFromIDListW
ExtractAssociatedIconExW

wininet

InternetReadFile
FindFirstUrlCacheContainerW
InternetTimeToSystemTime
InternetSecurityProtocolToStringW
RunOnceUrlCache
FindNextUrlCacheGroup
InternetGoOnlineA
InternetConfirmZoneCrossing
InternetConfirmZoneCrossingA

comctl32

ImageList_GetIcon
CreateUpDownControl
InitCommonControlsEx
ImageList_GetDragImage
ImageList_LoadImage
ImageList_Copy
ImageList_GetBkColor
ImageList_Merge

kernel32

HeapAlloc
ConvertDefaultLocale
IsDebuggerPresent
ConnectNamedPipe
InterlockedDecrement
GetEnvironmentStringsW
FreeEnvironmentStringsA
lstrcat
SetFilePointer
CreateDirectoryExW
GetConsoleTitleA
GetProcAddress
EnumResourceNamesA
VirtualAlloc
GetFileAttributesW
HeapReAlloc
GetFullPathNameA
GlobalFlags
LockFile
GetACP
CloseHandle
GetConsoleMode
EnterCriticalSection
GetStartupInfoA
EnumCalendarInfoW
SetEvent
QueryPerformanceCounter
FlushFileBuffers
GetPrivateProfileIntW
EnumSystemCodePagesW
GetCurrentProcessId
InterlockedCompareExchange
GetTickCount
InterlockedExchange
GetCommandLineA
OpenMutexA
CommConfigDialogA
GetEnvironmentVariableW
GetModuleFileNameA
MultiByteToWideChar
TlsAlloc
ExitProcess
LockFileEx
GetTimeZoneInformation
WritePrivateProfileStructA
EnumDateFormatsA
SetLastError
RtlUnwind
WritePrivateProfileSectionW
GetTempFileNameW
DeleteCriticalSection
GetStringTypeA
GetTempPathA
GetFileType
GetCurrentThreadId
WriteConsoleOutputA
WriteFile
EnumResourceTypesW
GetShortPathNameA
VirtualQuery
InitializeCriticalSection
GetCPInfo
GetStdHandle
GetLastError
LCMapStringW
GetPrivateProfileSectionW
CompareStringW
WaitForMultipleObjectsEx
GetCurrentThread
DebugBreak
GetVolumeInformationW
SleepEx
FreeEnvironmentStringsW
DeleteFileA
InterlockedIncrement
TlsSetValue
LCMapStringA
GetVersion
GlobalAddAtomW
EnumSystemLocalesA
lstrcpyn
GetSystemTime
FileTimeToLocalFileTime
HeapFree
UnhandledExceptionFilter
SetCriticalSectionSpinCount
TlsGetValue
VirtualFree
GetLocalTime
HeapCreate
TerminateProcess
GetOEMCP
ExpandEnvironmentStringsA
GetEnvironmentStrings
GlobalGetAtomNameA
SetFileAttributesA
CreateMutexA
UnmapViewOfFile
GetStringTypeW
GetPrivateProfileSectionNamesW
WideCharToMultiByte
IsBadWritePtr
HeapLock
GetCurrentProcess
SetHandleCount
GetNamedPipeHandleStateW
SetThreadContext
LoadLibraryA
TlsFree
MoveFileW
LeaveCriticalSection
EnumCalendarInfoExW
GetSystemTimeAsFileTime
TryEnterCriticalSection
GetTimeFormatA
WriteProfileSectionW
GlobalFindAtomW
LocalFree
HeapDestroy
ReadFile
CompareStringA
GetModuleHandleA
LoadLibraryExA
SetStdHandle
DebugActiveProcess
SetEnvironmentVariableA
SetPriorityClass
FindResourceW

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e4140b796be670b137b5f7df07c0df6

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

shell32

wininet

comctl32

kernel32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 96KB - Virtual size: 108KB

.rsrc Size: 104KB - Virtual size: 100KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 96KB - Virtual size: 108KB

.rsrc
Size: 104KB - Virtual size: 100KB