ba3e7e2a7e798bc544c4c233164600da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba3e7e2a7e798bc544c4c233164600da_JaffaCakes118
Size

344KB
MD5

ba3e7e2a7e798bc544c4c233164600da
SHA1

1a4bc1cc5f3adf9e1b8f498e54225c3bcd60c9db
SHA256

e7fa9bd201b8c9ea73b44a2b963cf7d662cba96213d2145b822f12a1db8993a5
SHA512

65df55c2786d4696b3a5a9f00e187ae25a8c6406b8026365db7d39bccbb008e3004883e8379935186b7d5ee5ef9d88306fd318e9b2d06fc46c425091808ff67b
SSDEEP

6144:PfWq1Fd0qc+mG+07l+uAC7jT9klkSj6el4Q8uN3NJnsWUH3bsHwNhyvb:3W60qHTC4jT98P60B6bsHmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba3e7e2a7e798bc544c4c233164600da_JaffaCakes118

Files

ba3e7e2a7e798bc544c4c233164600da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8d3b1a739249caaeeee72400cd37b975

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\eeoywvopef\mtvieuqp

Imports

user32

CreateWindowExW
AttachThreadInput
GetMessageExtraInfo
RegisterClassA
DragDetect
CharPrevA
DialogBoxIndirectParamA
SystemParametersInfoW
WINNLSGetIMEHotkey
DialogBoxParamW
CreateDesktopA
MoveWindow
LoadAcceleratorsW
SetPropW
GetClipboardFormatNameW
SetRectEmpty
SetWinEventHook
TrackPopupMenuEx
GetKeyboardLayoutNameA
EmptyClipboard
DdeKeepStringHandle
BeginPaint
FreeDDElParam
DestroyWindow
DdeDisconnect
SetWindowsHookA
wsprintfA
CreateDialogParamA
GetListBoxInfo
DdeQueryConvInfo
ShowScrollBar
SendNotifyMessageA
CreateIconIndirect
GetIconInfo
GetKeyNameTextW
GetUpdateRgn
PtInRect
CreateAcceleratorTableA
GetWindowThreadProcessId
MapWindowPoints
FlashWindow
CopyIcon
IsDialogMessageA
CallWindowProcA
GetWindowDC
WINNLSGetEnableStatus
GetScrollInfo
UnloadKeyboardLayout
RegisterClassExA
CharToOemA
CheckRadioButton
MonitorFromPoint
WindowFromDC
RegisterDeviceNotificationW
DdeCreateStringHandleW
LoadBitmapW
FindWindowW
SetDoubleClickTime
GetMenuItemInfoW
SetPropA
ShowWindow
DrawStateW
IsWindow
MsgWaitForMultipleObjectsEx
GetMessageTime
GetMenuInfo
MessageBoxW
MessageBoxExW
SubtractRect
UnhookWindowsHookEx
DefWindowProcW
RegisterClassExW
GetClassNameA
BringWindowToTop
GetMessageA
UpdateWindow

advapi32

CryptEnumProvidersW
RegSetKeySecurity
CreateServiceW
RegEnumKeyW
CryptGenRandom
CryptGetDefaultProviderA
RegQueryValueExW
RegSaveKeyA
RegConnectRegistryA
InitializeSecurityDescriptor
CryptGenKey
AbortSystemShutdownA
RegSetValueExW

kernel32

GetModuleHandleW
TlsAlloc
OpenMutexA
GetTimeZoneInformation
FreeEnvironmentStringsW
GlobalCompact
CompareStringA
WaitForSingleObject
RtlUnwind
GetFileTime
TlsSetValue
InitializeCriticalSection
SetFilePointer
lstrcat
GetThreadLocale
GetEnvironmentStrings
IsBadWritePtr
HeapDestroy
LCMapStringA
GetCurrentThreadId
WriteConsoleInputW
TlsFree
OutputDebugStringA
DeleteCriticalSection
MoveFileA
GetPrivateProfileSectionA
GetModuleHandleA
GetCompressedFileSizeA
SetThreadPriority
SetLastError
GetTempFileNameA
HeapCreate
CreateDirectoryA
SetEnvironmentVariableA
lstrcmpiW
GetStartupInfoA
CreateMutexA
GetWindowsDirectoryW
WriteFile
MultiByteToWideChar
DeleteFiber
GetTickCount
InterlockedDecrement
GetCommandLineW
GlobalFlags
GetStdHandle
GetStartupInfoW
GetSystemTime
DeleteFileA
GetDiskFreeSpaceExW
GetCommandLineA
SetConsoleActiveScreenBuffer
GetCurrentProcessId
GetPriorityClass
TransmitCommChar
GetDateFormatA
HeapFree
LoadLibraryA
ReadFile
GetProcAddress
CreateFileW
GetCurrentProcess
GetSystemDefaultLCID
GetSystemTimeAsFileTime
InterlockedExchange
QueryPerformanceCounter
GetVersion
EnumResourceNamesA
GetProfileIntA
CompareStringW
InterlockedIncrement
GlobalFree
TlsGetValue
VirtualAlloc
GetPrivateProfileStringW
TerminateProcess
GlobalUnfix
FindAtomW
OpenMutexW
FreeEnvironmentStringsA
GetModuleFileNameW
OpenSemaphoreW
GetAtomNameW
FindFirstFileA
CloseHandle
HeapReAlloc
GetStringTypeA
GetComputerNameW
lstrlenA
GlobalHandle
GetLogicalDrives
GetLocalTime
GetTempPathW
VirtualFree
SetHandleCount
WritePrivateProfileStructW
GetStringTypeExW
EnterCriticalSection
CreateWaitableTimerW
WideCharToMultiByte
GetConsoleScreenBufferInfo
GetPrivateProfileSectionW
FlushFileBuffers
lstrlen
SystemTimeToFileTime
FindNextFileA
LeaveCriticalSection
CreateSemaphoreW
GetEnvironmentStringsW
GetLastError
ResumeThread
HeapAlloc
GetFileAttributesExA
OpenProcess
VirtualQuery
GetCurrentThread
GetProfileStringW
EnumResourceLanguagesA
GetStringTypeW
DebugBreak
GetThreadContext
GlobalFindAtomW
SetCurrentDirectoryA
ReadFileEx
LCMapStringW
GetFileAttributesW
ContinueDebugEvent
ExitProcess
UnhandledExceptionFilter
GetFileType
lstrcmp
GetCPInfo
GetDriveTypeW
ReleaseSemaphore
OutputDebugStringW
FreeResource
SetStdHandle
GetModuleFileNameA
WaitForSingleObjectEx

comctl32

ImageList_SetOverlayImage
ImageList_LoadImageA
ImageList_AddMasked
InitCommonControlsEx
ImageList_Create
ImageList_Copy
ImageList_Replace
ImageList_GetIconSize
ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_EndDrag
ImageList_LoadImage
DrawStatusTextA
ImageList_DrawIndirect
ImageList_GetDragImage
ImageList_ReplaceIcon
DestroyPropertySheetPage
CreateUpDownControl
ImageList_SetFilter
CreatePropertySheetPage

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d3b1a739249caaeeee72400cd37b975

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

kernel32

comctl32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 96KB - Virtual size: 121KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 96KB - Virtual size: 121KB

.rsrc
Size: 16KB - Virtual size: 13KB