d1d2e6d0d5880038cafa5c23c466d2cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1d2e6d0d5880038cafa5c23c466d2cc_JaffaCakes118
Size

376KB
MD5

d1d2e6d0d5880038cafa5c23c466d2cc
SHA1

75d2b62993bd2f3528fb72b4454a0a02c143281d
SHA256

88852a4903a4ca03d54497e20801943f949123e92f29882083e939ec96e0802b
SHA512

6c69b27b1b7943c0024c222c591221f6ce739ef46ada678ca83b442ec451e5d02c47fee245ce554009661ac028e58a4f70b995f8621e523ced0747193cc64129
SSDEEP

6144:dSmyoyogIRHS2Tb2XFYtNuPkLH63dfYOtn3xujzEbzy9X:dSboyogIBS2TqqfQkDyZ9tn3CEbzW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1d2e6d0d5880038cafa5c23c466d2cc_JaffaCakes118

Files

d1d2e6d0d5880038cafa5c23c466d2cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fdabdba49ba6e271679d417d6bced04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\

Imports

comdlg32

PageSetupDlgA
ChooseFontW
ChooseColorW

gdi32

SetEnhMetaFileBits
PolyTextOutA
CopyMetaFileA
CreateRoundRectRgn
SetDeviceGammaRamp

advapi32

RegFlushKey
RegEnumValueA
CryptAcquireContextW
StartServiceW
CryptEnumProviderTypesA
LookupPrivilegeNameA
CryptGetProvParam
RegCreateKeyW
RegRestoreKeyW
CryptGenRandom
CryptHashData
InitiateSystemShutdownW
LookupAccountNameW
CryptEncrypt

comctl32

CreateUpDownControl
ImageList_SetOverlayImage
InitCommonControlsEx

shell32

ExtractIconA
SHEmptyRecycleBinA
SHGetFileInfoA

user32

OpenIcon
CopyAcceleratorTableA
CallWindowProcA
DefWindowProcW
FindWindowExW
SystemParametersInfoW
DdeUninitialize
LoadMenuIndirectW
GetClassLongA
GetClassInfoExA
BroadcastSystemMessage
SetRect
GetPropA
LoadImageA
UnregisterClassW
RegisterClassExA
SetDebugErrorLevel
CreateCaret
CreateWindowExA
GetMenuItemRect
wsprintfA
MessageBoxIndirectW
RegisterClassA
LoadCursorFromFileW
CreateIcon
SendNotifyMessageW
DefWindowProcA
CreateIconFromResourceEx
UnloadKeyboardLayout
IsWindowUnicode
EnumDisplaySettingsW
InsertMenuW
WinHelpA
CheckRadioButton
PeekMessageA
RedrawWindow
RegisterWindowMessageW
SetProcessWindowStation
ActivateKeyboardLayout
OpenDesktopA
MessageBoxA
CharToOemBuffA
GetMenuContextHelpId
DialogBoxParamW
SetUserObjectInformationW
SetDlgItemTextW
SetActiveWindow
ValidateRgn
DestroyWindow
ShowWindow
LoadBitmapW
EnumDisplayMonitors
GetClipboardViewer
DrawEdge
GetQueueStatus
MsgWaitForMultipleObjects
EnableScrollBar
GetCursorPos
SetClassLongW
MonitorFromPoint
GetAsyncKeyState
GetMenuItemInfoW

kernel32

InitializeCriticalSection
VirtualAlloc
OpenFile
GetStringTypeExW
GetOEMCP
GetConsoleMode
WriteConsoleA
OpenSemaphoreA
lstrcat
SetConsoleCtrlHandler
lstrcmpiW
GetProcessAffinityMask
GetCurrentProcess
TerminateProcess
GetProcAddress
FileTimeToDosDateTime
GetConsoleOutputCP
GetSystemTime
LCMapStringW
SetUnhandledExceptionFilter
FormatMessageA
GlobalLock
GetTimeZoneInformation
GetLocaleInfoW
Sleep
GetCurrentThread
MultiByteToWideChar
GetUserDefaultLCID
GetLocaleInfoA
VirtualUnlock
GetTickCount
WriteProfileStringA
GetVolumeInformationW
SetHandleCount
GetStdHandle
ContinueDebugEvent
CompareStringA
SetFilePointer
LeaveCriticalSection
HeapFree
GetPrivateProfileStringW
QueryPerformanceCounter
WriteFile
WriteConsoleW
GetConsoleCP
lstrcmpW
GetSystemTimeAsFileTime
HeapDestroy
ReadFile
GetDateFormatA
GetStringTypeW
LoadModule
GetCommandLineA
GetSystemInfo
InterlockedIncrement
CreateMutexA
GetStartupInfoW
ResetEvent
GetVersionExA
GetCurrentThreadId
EnumSystemLocalesA
CloseHandle
GetTempFileNameA
SetConsoleCursorInfo
DeleteCriticalSection
EnumDateFormatsExA
LoadLibraryA
EnumDateFormatsW
SetStdHandle
GetModuleHandleA
FindNextFileA
GetStringTypeA
OpenMutexA
GlobalFindAtomW
GetCommandLineW
FreeEnvironmentStringsA
CompareStringW
ExitProcess
WideCharToMultiByte
GetLastError
FlushFileBuffers
SetCurrentDirectoryW
HeapSize
RtlUnwind
GetProcessHeap
ResumeThread
DeleteFileW
TlsFree
CreateFileA
GetMailslotInfo
CreateFileW
FreeEnvironmentStringsW
GlobalFlags
OpenEventW
HeapReAlloc
GetTimeFormatA
GetFileType
TlsSetValue
GetModuleFileNameA
WriteConsoleOutputAttribute
UnhandledExceptionFilter
IsValidCodePage
InterlockedDecrement
GetCompressedFileSizeW
GetEnvironmentStrings
GetComputerNameW
GetStartupInfoA
CreateSemaphoreA
LCMapStringA
GetACP
TlsGetValue
HeapAlloc
GetCPInfo
IsDebuggerPresent
HeapCreate
SetEnvironmentVariableA
GetDateFormatW
FreeLibrary
TlsAlloc
InterlockedExchange
GetEnvironmentStringsW
VirtualFree
GetModuleFileNameW
SetFileAttributesW
EnterCriticalSection
ReadFileEx
VirtualQuery
FindNextChangeNotification
InterlockedCompareExchange
IsValidLocale
GetCurrentProcessId
SetLastError
LocalFileTimeToFileTime
SetFileAttributesA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fdabdba49ba6e271679d417d6bced04

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

advapi32

comctl32

shell32

user32

kernel32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 80KB - Virtual size: 76KB

.data Size: 96KB - Virtual size: 104KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 80KB - Virtual size: 76KB

.data
Size: 96KB - Virtual size: 104KB

.rsrc
Size: 32KB - Virtual size: 30KB