d283b755944fef11d421f898b7741105_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d283b755944fef11d421f898b7741105_JaffaCakes118
Size

357KB
MD5

d283b755944fef11d421f898b7741105
SHA1

03c2cbf1930e77583113910bac8684b51263e28b
SHA256

1ca659b49d0d9a71f07208149ac9527704a3c635bd3821ba926b3a44c19ee9cf
SHA512

7dcac3717d808aa549e7172497d4c174f6aca8dd01b60bbd281e590168457cbc17337d63e1c4689faf5078d7eaa0e04053ee24a56202444049909c1e27b9dc6b
SSDEEP

6144:SQifO+Xvn4rmD4sgT3SCWcjYH+cAMLpCpH6mSlDUTFMoEfsVElt9c:SQSO+XwYgTiCWc++73pafcMpfplt9c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d283b755944fef11d421f898b7741105_JaffaCakes118

Files

d283b755944fef11d421f898b7741105_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98754bab6c77c77b252c62c02b74b18d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\vzmk.pdb

Imports

shell32

FindExecutableA
SHFormatDrive
CommandLineToArgvW

comctl32

CreateToolbarEx
ImageList_Duplicate
ImageList_DragLeave
ImageList_Remove
ImageList_AddMasked
ImageList_EndDrag
ImageList_Create
ImageList_DrawEx
InitCommonControlsEx
ImageList_SetBkColor
ImageList_DragEnter
ImageList_DragMove
ImageList_SetImageCount
ImageList_DragShowNolock
ImageList_Draw
ImageList_Add
DrawStatusText
ImageList_GetIconSize
ImageList_SetIconSize

user32

GetWindowWord
LoadIconA
CreateWindowExA
AnimateWindow
IsCharUpperW
DefWindowProcA
GetDesktopWindow
FlashWindowEx
GetWindowModuleFileNameA
MessageBoxA
GetAncestor
DestroyWindow
VkKeyScanW
RegisterClassA
ShowWindow
RegisterClassExA
CopyRect
WinHelpA
EndDeferWindowPos

kernel32

GetProcAddress
GetModuleHandleA
FreeEnvironmentStringsW
ExitProcess
GetCommandLineA
EnumResourceTypesW
FlushConsoleInputBuffer
WriteFile
ReadFile
VirtualAlloc
GlobalLock
GetTickCount
HeapFree
TerminateProcess
SetUnhandledExceptionFilter
IsValidCodePage
GetCurrentProcess
SetStdHandle
LoadLibraryA
GetOEMCP
FlushFileBuffers
GetCPInfo
SetEnvironmentVariableA
CreateMutexA
InterlockedDecrement
HeapCreate
GetStringTypeA
GetStartupInfoA
SetFilePointer
TlsAlloc
GetTempFileNameW
OpenEventA
UnhandledExceptionFilter
GetEnvironmentStringsW
GetConsoleMode
GetLocaleInfoA
IsValidLocale
SetLastError
CreateRemoteThread
InterlockedExchange
SetThreadPriority
HeapAlloc
MultiByteToWideChar
GetStdHandle
RtlUnwind
GetACP
GetDateFormatA
LCMapStringA
WideCharToMultiByte
EnterCriticalSection
FreeLibrary
WritePrivateProfileSectionW
GetTimeZoneInformation
QueryPerformanceCounter
FindNextFileA
GetProcessHeap
CloseHandle
HeapSize
GetConsoleCP
VirtualFree
ReadConsoleA
CreateFileA
FreeEnvironmentStringsA
GetCurrentThreadId
OpenMutexA
WriteConsoleW
SetHandleCount
GetLocaleInfoW
GetFileType
GetStringTypeW
CommConfigDialogW
VirtualQuery
DeleteCriticalSection
GetVersionExA
Sleep
HeapDestroy
CompareStringW
GetCurrentThread
CompareStringA
HeapReAlloc
GetEnvironmentStrings
TlsSetValue
WriteConsoleA
GetConsoleOutputCP
EnumSystemLocalesA
SetThreadAffinityMask
GetLastError
GetCurrentProcessId
GetTimeFormatA
WriteFileEx
SetConsoleCtrlHandler
TlsGetValue
EnumSystemCodePagesA
GetPrivateProfileSectionA
GetUserDefaultLCID
LeaveCriticalSection
GlobalFindAtomW
InterlockedIncrement
LockFileEx
GetModuleFileNameA
TlsFree
GetSystemTimeAsFileTime
IsDebuggerPresent
LCMapStringW
InitializeCriticalSection

advapi32

RegQueryInfoKeyW
CryptDestroyKey
CryptEnumProviderTypesW
GetUserNameA
ReportEventA
CreateServiceW
RegDeleteKeyW
CryptHashSessionKey
InitializeSecurityDescriptor
CryptSetProviderA
CryptSetProvParam

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98754bab6c77c77b252c62c02b74b18d

Headers

File Characteristics

PDB Paths

Imports

shell32

comctl32

user32

kernel32

advapi32

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 84KB - Virtual size: 92KB

.data Size: 93KB - Virtual size: 93KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 84KB - Virtual size: 92KB

.data
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 22KB - Virtual size: 22KB