c1167bc3cce3214438852d87363825f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c1167bc3cce3214438852d87363825f7_JaffaCakes118
Size

502KB
MD5

c1167bc3cce3214438852d87363825f7
SHA1

238d90f9548a6c24f73a4dc904daabc2146ebd9f
SHA256

b1356ec44cf172f42f51f50167d1c57a5dfa47eef749ec26b861d1ef6702709b
SHA512

07489360e4c24790ed56b25f545700c7eadd508d7abc7e7f19e06480e1b7afb71aa5d954e93c5dbcb7167d5497d36a0a878648729da93df91b510938448badb5
SSDEEP

12288:FZwg5NRYaY2KSu4p2kOzz0ecLq/i2ewokq0mHBL4WXUpD0:XNYapu41nJLqPewnmHBLYp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1167bc3cce3214438852d87363825f7_JaffaCakes118

Files

c1167bc3cce3214438852d87363825f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e942c69a4b444034056260f10c67987

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\erruoei\bbjbgiajre.PDB

Imports

user32

OemToCharBuffW
GetForegroundWindow
TileWindows
CopyIcon
GetClipCursor
RegisterClassA
ShowWindow
TranslateMDISysAccel
CreateWindowStationA
DestroyWindow
GetOpenClipboardWindow
GetTopWindow
DlgDirListComboBoxA
DrawFrameControl
SetCursor
WINNLSGetEnableStatus
ValidateRect
CopyImage
GetWindowLongA
OpenWindowStationW
LoadCursorFromFileW
SendNotifyMessageW
GetKeyNameTextW
GetAltTabInfo
OpenIcon
SetWindowContextHelpId
ToAscii
GetUserObjectSecurity
CheckRadioButton
InsertMenuItemW
WinHelpA
CharPrevA
ShowCaret
EndPaint
GetPriorityClipboardFormat
GetClassInfoExA
GetKeyboardState
DrawIcon
DrawAnimatedRects
DdeUninitialize
ScrollWindowEx
CharLowerBuffA
ImpersonateDdeClientWindow
ChangeMenuA
IsWindow
DestroyCaret
SendDlgItemMessageW
OemKeyScan
SetCaretBlinkTime
LockWindowUpdate
SetWindowsHookExA
RegisterClassExA
UnhookWindowsHookEx
ChangeDisplaySettingsExA
LoadCursorW
CreateWindowExA
MessageBoxW
DefWindowProcA
DdeSetQualityOfService
SetActiveWindow
SetProcessWindowStation
GetMenuContextHelpId
MessageBoxA
CreateCursor
GetDesktopWindow
ArrangeIconicWindows

comctl32

CreateStatusWindowW
ImageList_DrawIndirect
ImageList_SetOverlayImage
DestroyPropertySheetPage
ImageList_Duplicate
ImageList_Merge
DrawStatusText
ImageList_Write
ImageList_GetIconSize
ImageList_DragMove
ImageList_DrawEx
ImageList_DragShowNolock
DrawStatusTextA
InitCommonControlsEx
ImageList_GetIcon
ImageList_Remove
ImageList_Read
CreatePropertySheetPageA
ImageList_LoadImageW
ImageList_DragEnter
ImageList_Copy

kernel32

SetStdHandle
OutputDebugStringA
GetCommandLineA
LCMapStringA
GetEnvironmentStrings
LCMapStringW
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
OpenMutexA
InterlockedExchange
SetEnvironmentVariableA
WriteConsoleOutputAttribute
SetHandleCount
GetEnvironmentStringsW
WriteConsoleA
GetOEMCP
TlsSetValue
SetConsoleCtrlHandler
SetLastError
GetTimeFormatA
GetStdHandle
ExitProcess
HeapValidate
GetFileType
VirtualAlloc
TlsFree
GetCurrentProcessId
TerminateProcess
FreeLibrary
LeaveCriticalSection
MultiByteToWideChar
GetCurrentDirectoryW
CompareStringW
Sleep
GetSystemTime
QueryPerformanceCounter
TlsGetValue
HeapReAlloc
FreeEnvironmentStringsA
GetDateFormatA
WriteFile
HeapFree
IsValidLocale
UnhandledExceptionFilter
GetStartupInfoA
CreateFileA
VirtualQuery
GetCPInfo
VirtualFree
IsValidCodePage
GetConsoleCP
GetCurrentProcess
CompareStringA
GetProcessHeap
GetProcAddress
InterlockedDecrement
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetACP
HeapAlloc
GetModuleHandleA
GetConsoleMode
GetTickCount
OutputDebugStringW
LoadLibraryA
IsDebuggerPresent
EnterCriticalSection
HeapDestroy
GetTimeZoneInformation
ReadFile
RtlUnwind
HeapCreate
WideCharToMultiByte
CreateMutexA
IsBadReadPtr
FreeEnvironmentStringsW
GetLocaleInfoW
GetConsoleOutputCP
lstrlenA
LoadLibraryW
GetModuleFileNameW
GetCurrentThreadId
GetStringTypeW
GetModuleFileNameA
SetFilePointer
SetUnhandledExceptionFilter
WriteConsoleW
GetLastError
GetStringTypeA
GetLocaleInfoA
HeapSize
GetCurrentThread
CloseHandle
DeleteCriticalSection
FlushFileBuffers
RaiseException
DebugBreak
GetModuleHandleW
EnumSystemLocalesA
TlsAlloc

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e942c69a4b444034056260f10c67987

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 106KB - Virtual size: 105KB

.data Size: 95KB - Virtual size: 116KB

.rsrc Size: 32KB - Virtual size: 32KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 106KB - Virtual size: 105KB

.data
Size: 95KB - Virtual size: 116KB

.rsrc
Size: 32KB - Virtual size: 32KB