c759f20c608b0eca1bd50aaefdf5c7a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c759f20c608b0eca1bd50aaefdf5c7a9_JaffaCakes118
Size

448KB
MD5

c759f20c608b0eca1bd50aaefdf5c7a9
SHA1

06c123b1478d3eeb291b1926a6a0150a01e943fe
SHA256

56652e053b6968bf10265b33aee776738723b06a332aaa78259a2c8b6e8c80fb
SHA512

58e3a6620062aec1a637b937dbd878e4a9d4320346578b39d290b7515e4e2a8e171854263e765f97f4e9261d0996ca512f831a329eed6d3835bc5ede72e19259
SSDEEP

12288:M5dySqbu1yCZQvutspU90s96G90Burl22qFfhc:EdySqbWfQ22UrL90Burlqphc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c759f20c608b0eca1bd50aaefdf5c7a9_JaffaCakes118

Files

c759f20c608b0eca1bd50aaefdf5c7a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d20a249e63b8061365d124e50b5e1439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\

Imports

user32

IsDlgButtonChecked
GetAncestor
CharPrevExA
RegisterClassExA
InvertRect
FillRect
CreateMDIWindowW
ModifyMenuA
AnyPopup
MessageBoxA
RegisterDeviceNotificationA
GetGuiResources
DefWindowProcW
GetMenuInfo
EnumWindows
GetGUIThreadInfo
ShowWindow
EnumPropsA
DestroyWindow
CreateWindowExA
MenuItemFromPoint
GetScrollInfo
CharLowerBuffW
FindWindowExA
GetWindowRgn
MessageBoxW
IsDialogMessage
RegisterClassA
DrawIconEx
CreateDesktopA
MapVirtualKeyW

comctl32

MakeDragList
InitCommonControlsEx
CreateStatusWindowW
ImageList_Merge
ImageList_DragMove
ImageList_Add
CreatePropertySheetPage
CreatePropertySheetPageA
ImageList_SetFlags
ImageList_Destroy

gdi32

CancelDC
SelectObject
PathToRegion
DeleteDC
GetDeviceCaps
OffsetWindowOrgEx
PlgBlt
CreateDCA
GetObjectA
SetEnhMetaFileBits

comdlg32

ChooseColorW
FindTextW
GetSaveFileNameW

kernel32

CloseHandle
LCMapStringA
WriteFile
WriteConsoleOutputCharacterA
HeapSize
GetCurrentProcessId
GetPrivateProfileSectionNamesA
GetTickCount
GetCurrentThreadId
LCMapStringW
FindResourceExW
GetLocaleInfoW
TlsSetValue
GetEnvironmentStrings
GetLastError
GetProcAddress
LeaveCriticalSection
InitializeCriticalSection
VirtualProtect
RtlUnwind
EnterCriticalSection
GetCurrentProcess
EnumCalendarInfoA
GetTimeFormatA
GetCPInfo
GetSystemTimeAsFileTime
GetEnvironmentStringsW
EnumDateFormatsW
HeapDestroy
ExitProcess
HeapReAlloc
FreeEnvironmentStringsW
GetSystemInfo
GetThreadLocale
SetStdHandle
VirtualQuery
SetFilePointer
GetOEMCP
LocalReAlloc
GetStringTypeA
SetEnvironmentVariableA
GetStdHandle
WideCharToMultiByte
DeleteCriticalSection
GetCommandLineA
IsBadWritePtr
CompareStringW
VirtualAlloc
InterlockedExchange
GetVersionExA
SetLastError
TlsGetValue
WaitNamedPipeA
GetUserDefaultLCID
UnhandledExceptionFilter
GetACP
TlsAlloc
ReadFile
MultiByteToWideChar
CreateMutexA
FreeEnvironmentStringsA
IsValidCodePage
SetCurrentDirectoryA
VirtualFree
FlushFileBuffers
HeapCreate
LoadLibraryA
GetTimeZoneInformation
GetModuleHandleA
SetHandleCount
GetStringTypeW
TerminateProcess
GetModuleFileNameA
OpenMutexA
IsValidLocale
GetStartupInfoA
GetLocaleInfoA
EnumSystemLocalesA
QueryPerformanceCounter
HeapFree
GetDateFormatA
HeapAlloc
TlsFree
GetCurrentThread
GetFileType
CompareStringA
SetThreadPriority

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d20a249e63b8061365d124e50b5e1439

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

comdlg32

kernel32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 96KB - Virtual size: 105KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 96KB - Virtual size: 105KB

.rsrc
Size: 52KB - Virtual size: 49KB