d039b97d7f308d26e43fd414fb6fdeba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d039b97d7f308d26e43fd414fb6fdeba_JaffaCakes118
Size

864KB
MD5

d039b97d7f308d26e43fd414fb6fdeba
SHA1

143d246ca7db139065c42a036ef2e14b362ce81e
SHA256

6a6f32f55add2df3e8390de8118e395c95f9527372ce7b629b5a3788058d7e92
SHA512

268fb0186cea83c020d6ae38934660972eb72eaec5fee30d77e4cc0fa650b81a949022af63934266c9304fbc0079b9cf59708418d69a4e5acc221ca783e9b482
SSDEEP

24576:eKu/8xAlmfGK0XvcX/SetuLXGvYw6rMsyyz3j6uzT0eOe:ja4GOSPXGvR6Co3jnz9O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d039b97d7f308d26e43fd414fb6fdeba_JaffaCakes118

Files

d039b97d7f308d26e43fd414fb6fdeba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7d02524d3ce061faea773db0de573e57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\tos\votwk\tkulgadod\axat\mqoqvpa.pdb

Imports

comctl32

ImageList_AddIcon
ImageList_Create
ImageList_DragEnter
ImageList_Read
CreatePropertySheetPageW
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_LoadImage
ImageList_Write
ImageList_GetBkColor
ImageList_Remove
CreateToolbar
ImageList_SetFlags
InitCommonControlsEx
ImageList_DrawEx

user32

GetMenuCheckMarkDimensions
DefMDIChildProcW
MessageBoxA
CharPrevExA
CharUpperA
DefWindowProcA
SetWindowsHookW
CharNextExA
ChangeDisplaySettingsExW
CreateWindowExW
DestroyWindow
ShowWindow
TranslateMDISysAccel
IsDialogMessageW
IsIconic
DdeQueryConvInfo
RegisterClassA
DragObject
FindWindowExW
RegisterClassExA
GetWindowDC
CopyAcceleratorTableA
VkKeyScanExW

kernel32

TlsAlloc
GetStringTypeW
GetPrivateProfileStructA
LCMapStringW
GetModuleHandleA
GetCurrentThreadId
HeapAlloc
GetProcAddress
EnterCriticalSection
CloseHandle
VirtualAlloc
SetFilePointer
GetACP
GetSystemTime
OpenMutexA
SetStdHandle
SetEnvironmentVariableA
InterlockedDecrement
GetVersion
TerminateProcess
GetTickCount
FreeLibraryAndExitThread
TlsGetValue
GetTimeZoneInformation
ReadFile
UnhandledExceptionFilter
GetFileType
LCMapStringA
MultiByteToWideChar
FileTimeToLocalFileTime
FlushFileBuffers
DeleteCriticalSection
CompareStringA
IsValidCodePage
SetHandleCount
SetLastError
GetCurrentProcess
GetStringTypeA
IsBadWritePtr
VirtualQuery
GetEnvironmentStrings
InitializeCriticalSection
GetOEMCP
CompareStringW
TlsSetValue
GetCurrentThread
GetCommandLineA
WideCharToMultiByte
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetCPInfo
HeapFree
VirtualFree
WriteFile
FreeEnvironmentStringsW
SetVolumeLabelW
GetLastError
InterlockedIncrement
InterlockedExchange
LoadLibraryA
HeapReAlloc
QueryPerformanceCounter
HeapDestroy
FreeEnvironmentStringsA
GetCurrentProcessId
CreateMutexA
ExitProcess
RtlUnwind
HeapCreate
LeaveCriticalSection
TlsFree
GetThreadTimes
GetModuleFileNameA
GetLocalTime

wininet

InternetCanonicalizeUrlW
InternetReadFileExW

advapi32

CryptSetHashParam
LookupPrivilegeNameA
RegOpenKeyW
CryptGetDefaultProviderA
GetUserNameW
CryptDestroyKey
RegCreateKeyW
CryptGenKey
ReportEventW
RevertToSelf
RegConnectRegistryA
ReportEventA
DuplicateTokenEx
RegCreateKeyExA

shell32

SHFileOperation

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 245KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 452KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d02524d3ce061faea773db0de573e57

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

wininet

advapi32

shell32

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 245KB - Virtual size: 268KB

.data Size: 452KB - Virtual size: 451KB

.rsrc Size: 64KB - Virtual size: 64KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 245KB - Virtual size: 268KB

.data
Size: 452KB - Virtual size: 451KB

.rsrc
Size: 64KB - Virtual size: 64KB