d40177cc254eb773351bea1454100a0e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d40177cc254eb773351bea1454100a0e_JaffaCakes118
Size

520KB
MD5

d40177cc254eb773351bea1454100a0e
SHA1

d12307a652ff1b28d86035c7ffbe1ff24e4b8cca
SHA256

724fb22b223d78c91c1103d249b28524f49d4a04c391c911f6e4a2b43a58a486
SHA512

c6c9b870a6058ee8cff4a4cf1cecda07e6f87f3d1a9f43a275d692c65614f4c3faabd46d1071f7f922d5839cc68458c2437dee9a7c56a13bce42553cbfcd5040
SSDEEP

12288:TWNOwIlIcy7AfTKbWkd9JkAumu8Y/4k6IP/Gz:uOwIlIcy7A7KbVdLkAumucBG+z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d40177cc254eb773351bea1454100a0e_JaffaCakes118

Files

d40177cc254eb773351bea1454100a0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

913f0f754c3a7450bbfc7464929d6d3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\QETPHOVYHB.PDB

Imports

comctl32

DrawStatusTextA
DrawStatusText
InitMUILanguage
ImageList_Remove
ImageList_Create
MakeDragList
GetEffectiveClientRect
InitCommonControlsEx
DrawStatusTextW
ImageList_Replace

user32

WinHelpW
LoadAcceleratorsW
IsDialogMessage
GetCursorPos
GetMessageA
LockWindowUpdate
DefWindowProcA
CreateAcceleratorTableA
CreateWindowExW
GetActiveWindow
SetWindowLongW
TileWindows
SetDlgItemTextW
CreateDesktopA
LoadBitmapA
EndDialog
ModifyMenuW
DlgDirSelectComboBoxExW
ReuseDDElParam
GetMenuBarInfo
EnumWindowStationsW
GetWindowTextA
IsCharAlphaNumericW
DrawTextExW
ShowWindow
SetWindowPlacement
RealChildWindowFromPoint
SetWindowTextW
FindWindowExA
LoadBitmapW
IsCharAlphaA
LoadCursorW
LoadIconW
RegisterClassW
CheckRadioButton
IsIconic
GetMessagePos
GetDlgItemTextW
IsDialogMessageW
PtInRect
CreatePopupMenu
ReplyMessage
GetAsyncKeyState
EnumPropsA
GetMenuItemCount
MessageBoxW
GetPropA
ModifyMenuA
DestroyIcon
RegisterClassExA
GetOpenClipboardWindow
DestroyCursor
ValidateRect
AppendMenuA
RegisterClassA
UnregisterHotKey
DestroyWindow
LoadMenuIndirectW
GetCursor

kernel32

GetProcAddress
SetLastError
ReadConsoleW
InitializeCriticalSection
SetFileTime
HeapAlloc
GetVolumeInformationA
GetVersionExA
GetModuleFileNameA
HeapCreate
GetFileType
GetCurrentThread
CopyFileExA
GetExitCodeProcess
CompareStringW
UnlockFile
SetConsoleTitleW
GetModuleHandleA
AddAtomW
InterlockedExchange
SetEnvironmentVariableA
GetVersion
GetCurrentThreadId
DeleteCriticalSection
TlsSetValue
EnterCriticalSection
WriteFile
HeapDestroy
GetStartupInfoA
GetTickCount
GetLocalTime
ExitProcess
GetCommandLineA
LocalFlags
GlobalDeleteAtom
RtlMoveMemory
FillConsoleOutputAttribute
GetLogicalDrives
InterlockedIncrement
RtlUnwind
HeapFree
lstrlenA
GetDiskFreeSpaceExW
SetWaitableTimer
GetModuleFileNameW
GetCurrentProcessId
GetStringTypeA
CompareStringA
LocalShrink
WideCharToMultiByte
IsBadWritePtr
GetCPInfo
VirtualFree
FlushFileBuffers
CreateNamedPipeA
LCMapStringA
GetStringTypeW
TryEnterCriticalSection
FileTimeToDosDateTime
InterlockedDecrement
SetHandleCount
HeapReAlloc
VirtualQuery
QueryPerformanceCounter
LeaveCriticalSection
LCMapStringW
lstrcpy
TlsFree
VirtualAlloc
UnhandledExceptionFilter
GetCommandLineW
GetStdHandle
GetCurrentProcess
GetLastError
TlsGetValue
SetFileAttributesW
TlsAlloc
GetTimeZoneInformation
CreateMutexA
MultiByteToWideChar
SetFilePointer
GetLogicalDriveStringsW
ReadFile
WriteProfileStringW
GetPrivateProfileStringW
ReadConsoleInputA
TerminateProcess
GetEnvironmentStringsW
GlobalHandle
GetStartupInfoW
GetSystemTimeAsFileTime
SetCriticalSectionSpinCount
GetEnvironmentStrings
CreateSemaphoreA
LocalCompact
FreeEnvironmentStringsA
GetModuleHandleW
WaitNamedPipeW
OpenMutexA
SetStdHandle
WaitForMultipleObjectsEx
FreeEnvironmentStringsW
SystemTimeToTzSpecificLocalTime
CloseHandle
GetSystemTime
LoadLibraryA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

913f0f754c3a7450bbfc7464929d6d3d

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 252KB - Virtual size: 248KB

.data Size: 108KB - Virtual size: 132KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 252KB - Virtual size: 248KB

.data
Size: 108KB - Virtual size: 132KB

.rsrc
Size: 16KB - Virtual size: 14KB