d30eba54c916489537169517594c8f8e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d30eba54c916489537169517594c8f8e_JaffaCakes118
Size

552KB
MD5

d30eba54c916489537169517594c8f8e
SHA1

594e523efc4fdc5f97c34aa3bbbdec207e6f443d
SHA256

7a64a1303a15795c53acd1f679b6070dbd02939a71ecd36698e496022de8525b
SHA512

f99b1e80a620bb75abde0d03303307e648a2e3f8f0e5decd62e70eaef722ed9393022505d160a20c370b7e03fb93a143a02e5bc4e813190e431fc00e4b8e1624
SSDEEP

12288:bsSoVSZ+lcF5ob4tLzSpCmJk8OJyYryyjg+:AZVSZ+yF55tmCZ8Oxryyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d30eba54c916489537169517594c8f8e_JaffaCakes118

Files

d30eba54c916489537169517594c8f8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

103c64b3b256a62df913514f7d72bbb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\FUSTPTAAGE\UITW\EEJ\OGG

Imports

user32

CreateWindowExW
DrawFrameControl
PostMessageA
GetSysColorBrush
UnhookWindowsHook
EnumDesktopsW
WINNLSEnableIME
RegisterClassExA
DefWindowProcA
RegisterClassA
GetWindowTextA
GetAsyncKeyState
SetActiveWindow
DlgDirSelectComboBoxExW
PeekMessageW
IsCharUpperA
MessageBoxW
SetPropA
TranslateAcceleratorA
CharUpperBuffA
IsWindowVisible
GetCaretBlinkTime
RedrawWindow
GetClipboardFormatNameW
ShowWindow
LoadIconW
UnregisterClassW
InflateRect
RegisterClassW
GetKeyboardState
CharNextExA
LockWindowUpdate
SetWindowsHookExW
GetClipboardSequenceNumber
SetClassWord
DrawMenuBar
GetClassNameW
GetSubMenu
DrawAnimatedRects
CreateAcceleratorTableA
DestroyWindow
VkKeyScanA

comctl32

DrawStatusText
CreateMappedBitmap
ImageList_GetIcon
ImageList_LoadImage
CreateToolbar
InitCommonControlsEx
CreatePropertySheetPageW
DrawStatusTextW
ImageList_GetFlags
CreateStatusWindowA
ImageList_EndDrag

kernel32

LCMapStringW
FreeEnvironmentStringsA
EnterCriticalSection
CreateDirectoryW
GetDateFormatA
GetSystemTimeAsFileTime
CompareStringA
GetCurrentProcess
ExpandEnvironmentStringsW
HeapFree
RtlUnwind
FreeResource
WritePrivateProfileSectionA
GetConsoleOutputCP
InterlockedExchange
SetCurrentDirectoryW
WaitForMultipleObjectsEx
CompareStringW
GetFileType
GetProfileSectionW
SetConsoleCtrlHandler
HeapSize
CreateProcessW
WaitForDebugEvent
GetStdHandle
GetCurrentThread
GetUserDefaultLCID
GetEnvironmentStrings
TlsAlloc
GetProcAddress
OpenFileMappingA
GetModuleFileNameA
GetACP
SetFilePointer
SetWaitableTimer
SetLastError
TerminateProcess
CreateFileA
FreeLibrary
GetCommandLineA
GetNamedPipeHandleStateW
GetTimeZoneInformation
CloseHandle
IsDebuggerPresent
FlushFileBuffers
InterlockedDecrement
GetConsoleCP
IsValidCodePage
OpenMutexA
LockFileEx
EnumTimeFormatsA
LoadLibraryA
GetStringTypeW
SetConsoleOutputCP
SetConsoleTextAttribute
GetVersionExA
GetStartupInfoA
SetEnvironmentVariableA
QueryPerformanceCounter
OpenSemaphoreA
VirtualAlloc
ResetEvent
TlsGetValue
HeapReAlloc
GetConsoleTitleW
GetEnvironmentStringsW
LoadLibraryExA
GetLogicalDriveStringsW
WaitForSingleObjectEx
SetCurrentDirectoryA
FreeEnvironmentStringsW
GetProfileIntA
WriteFile
GetLastError
VirtualFree
SetUnhandledExceptionFilter
HeapCreate
EnumSystemLocalesA
WideCharToMultiByte
SetComputerNameA
GetTickCount
TlsFree
LeaveCriticalSection
GetConsoleMode
GetCurrentThreadId
FormatMessageW
IsValidLocale
UnhandledExceptionFilter
GetStringTypeA
ReadConsoleOutputCharacterW
WriteConsoleOutputCharacterW
GetLocaleInfoW
ExitProcess
GetCPInfo
HeapAlloc
GetTimeFormatA
VirtualQuery
SetFileTime
ReadFile
GetProcessHeap
OpenProcess
InitializeCriticalSection
GetNumberFormatA
InterlockedIncrement
GetCurrentProcessId
GetModuleHandleA
GetLocaleInfoA
SetHandleCount
LCMapStringA
Sleep
MultiByteToWideChar
OpenWaitableTimerW
CompareFileTime
CreateMutexA
SetStdHandle
WriteConsoleW
GetOEMCP
HeapDestroy
FoldStringA
TlsSetValue
WriteConsoleA
DeleteCriticalSection

wininet

IsHostInProxyBypassList
CreateUrlCacheGroup
InternetDialA
FtpSetCurrentDirectoryA
SetUrlCacheGroupAttributeW
CommitUrlCacheEntryA
InternetCreateUrlW

gdi32

SetBitmapDimensionEx
CreateDCW
StretchBlt
GetObjectA
CreateHatchBrush
GetDeviceCaps
AddFontResourceW
CreateBitmapIndirect
SetStretchBltMode
PolyTextOutW
CreateICA
RectInRegion
DeleteDC
GetBkMode
GetObjectW
ResetDCA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

103c64b3b256a62df913514f7d72bbb6

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

wininet

gdi32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 116KB - Virtual size: 127KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 116KB - Virtual size: 127KB

.rsrc
Size: 16KB - Virtual size: 13KB