d16ba8f455db0cb452246a92a67e901a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d16ba8f455db0cb452246a92a67e901a_JaffaCakes118
Size

540KB
MD5

d16ba8f455db0cb452246a92a67e901a
SHA1

fda687883c9741eeab3c92e68e11ca3c34302ef5
SHA256

459094b1a8ae8e4b17817bd3a444180bcadf62784c01a8ac6c38641455ee3e41
SHA512

76a5ded48e9f33e565706a5d476ffb3d4b268363a6d7b9317bce1894cdb0bd37f75f132e094bb5d7da4f202a7e85f409608ec3f3f2b6762ddffd2d6172fcba2c
SSDEEP

12288:xM4pL7Z06xHyUthR3WU/Rc0JbqeFDOyKFBb907AAM3k:xM4pLN0u7h/Rc0Jbq/yybJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d16ba8f455db0cb452246a92a67e901a_JaffaCakes118

Files

d16ba8f455db0cb452246a92a67e901a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45f023a662430bb93f78e987910421ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\zws\cmpe\ssteq

Imports

shell32

SHGetDataFromIDListW

user32

MoveWindow
GetClipboardFormatNameA
RealGetWindowClass
DlgDirListA
UnhookWindowsHook
VkKeyScanExW
SetScrollRange
WindowFromPoint
IsCharAlphaNumericW
DispatchMessageW
OpenWindowStationW
MonitorFromWindow
SetSysColors
CallNextHookEx
RegisterClassExA
ClientToScreen
DrawIconEx
CreateDialogIndirectParamW
CharPrevW
VkKeyScanExA
WinHelpW
SetWindowTextW
DlgDirListComboBoxA
GetWindowTextLengthW
CreateWindowExA
SetClassLongW
CopyAcceleratorTableW
InvalidateRect
PostMessageA
GetKeyboardLayout
LoadMenuA
GetMenuState
CharToOemW
SetUserObjectInformationA
ScrollWindow
InvalidateRgn
DlgDirSelectComboBoxExA
ShowScrollBar
DestroyWindow
SetDeskWallpaper
ChangeDisplaySettingsExW
GetMonitorInfoW
IsCharLowerW
MessageBoxA
DrawTextExW
GetScrollBarInfo
EnumDisplayMonitors
DragDetect
SetMenuInfo
SetCaretBlinkTime
SetUserObjectInformationW
IntersectRect
CallWindowProcW
IsRectEmpty
SendNotifyMessageA
CharToOemA
CreateIconFromResource
CopyIcon
MonitorFromPoint
IsCharUpperA
LoadImageA
GetCaretBlinkTime
wvsprintfA
DdeAbandonTransaction
wsprintfA
PostMessageW
UnregisterClassA
InvertRect
DefMDIChildProcA
CharLowerBuffW
ShowWindow
CloseWindowStation
DefWindowProcW
GetPropA
NotifyWinEvent
IsDlgButtonChecked
DefDlgProcW
RealChildWindowFromPoint
RegisterClassExW
GetKBCodePage
RegisterClassA
GetForegroundWindow
SetPropW
SetProcessWindowStation
FindWindowA
InternalGetWindowText
GetWindowRgn
GetNextDlgGroupItem
EnumPropsW
DdeSetQualityOfService
EnumDisplayDevicesA
TranslateAcceleratorA
RegisterDeviceNotificationW
IsDialogMessageW
TranslateAccelerator
CreatePopupMenu
DdeFreeStringHandle

wininet

InternetSetCookieA
InternetGetCertByURLA
UrlZonesDetach
FtpFindFirstFileA

comdlg32

ReplaceTextA
PrintDlgW
ChooseFontA
ReplaceTextW

kernel32

WaitForSingleObjectEx
GetSystemDefaultLCID
CompareStringW
EnumResourceNamesW
ReadFile
GetStartupInfoA
GetModuleHandleA
HeapValidate
lstrcmpW
CopyFileA
GetProcAddress
VirtualFree
SetCriticalSectionSpinCount
TerminateProcess
MultiByteToWideChar
MoveFileExW
GetCPInfo
GetPrivateProfileIntW
VirtualProtectEx
SetConsoleOutputCP
FlushFileBuffers
GetVersion
WriteFile
EnterCriticalSection
GetStringTypeW
SetFileAttributesW
DeleteFiber
HeapCreate
GetProfileSectionA
EnumDateFormatsW
GetPrivateProfileStructW
TlsAlloc
LocalFlags
GetCurrentProcessId
SetHandleCount
HeapReAlloc
GetFileType
GetProcessHeaps
GetStringTypeA
GlobalFindAtomA
SetConsoleTitleW
GetEnvironmentStringsW
VirtualQuery
CreateProcessA
VirtualAlloc
CreateWaitableTimerA
WriteFileEx
CreateFileMappingA
CreateFileW
GetCurrentThreadId
RaiseException
CompareStringA
SetLastError
LocalCompact
InitializeCriticalSection
UnhandledExceptionFilter
CreateToolhelp32Snapshot
ResetEvent
GetThreadTimes
FindNextFileA
CreateDirectoryExA
SetConsoleWindowInfo
FreeLibraryAndExitThread
GetCommandLineW
GetPrivateProfileStructA
GetFileAttributesExA
HeapDestroy
GetProfileIntW
GetLocalTime
LeaveCriticalSection
GetComputerNameW
WriteProfileSectionA
ReadConsoleOutputCharacterW
GetModuleFileNameA
VirtualUnlock
IsBadWritePtr
HeapFree
LocalSize
GetModuleFileNameW
CreateSemaphoreA
GetCommandLineA
QueryPerformanceCounter
GetEnvironmentStrings
RtlUnwind
GetFileAttributesExW
TlsSetValue
GetSystemTime
GetStartupInfoW
GetUserDefaultLCID
OpenMutexA
GetSystemInfo
RtlFillMemory
SetEnvironmentVariableA
GetTimeZoneInformation
InterlockedIncrement
GetFileSize
TlsGetValue
SetStdHandle
CreateDirectoryExW
GetOEMCP
LCMapStringA
SystemTimeToFileTime
TlsFree
GetExitCodeThread
GetTickCount
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetCurrentProcess
InterlockedExchange
EnumTimeFormatsW
LoadLibraryA
CloseHandle
GetConsoleMode
OpenSemaphoreW
WideCharToMultiByte
OutputDebugStringW
FreeEnvironmentStringsW
GlobalGetAtomNameW
ExitProcess
FlushViewOfFile
GetCurrentThread
GetDiskFreeSpaceW
MoveFileExA
GetStdHandle
GetLastError
HeapAlloc
CreateMutexA
GetCompressedFileSizeA
InterlockedDecrement
LCMapStringW
DeleteCriticalSection
SetFilePointer
GlobalDeleteAtom
GlobalAddAtomW
WaitNamedPipeA

comctl32

GetEffectiveClientRect
ImageList_GetImageRect
ImageList_DragMove
ImageList_Duplicate
ImageList_GetBkColor
InitCommonControlsEx

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45f023a662430bb93f78e987910421ba

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

wininet

comdlg32

kernel32

comctl32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 256KB - Virtual size: 255KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 256KB - Virtual size: 255KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 28KB - Virtual size: 26KB