d4414a0e90ad5501ccbab28b6306e270_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4414a0e90ad5501ccbab28b6306e270_JaffaCakes118
Size

592KB
MD5

d4414a0e90ad5501ccbab28b6306e270
SHA1

8d201d51c63e61c972084c01947bc504eec3e8bc
SHA256

0a93b1ff433f0272965c66ea715e9033e9c3fc32b21ad9861f2b9f4305790650
SHA512

0d1594fbc7b92754fc4256d10d26fca90ae2736145250460b85ccdbb832628351b4f51a59fab57a54895d401ca89283baa8d7dbbab9a049bad0976477bb76320
SSDEEP

12288:utIowgZ+RHJTkekuPMQSPCN9sIX7XwcT9oLram+bJbRFK6CCO/bAguAExOd4:+lZ+dJnkuPMQSPO9sIMcRg5QJbRMCOTe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4414a0e90ad5501ccbab28b6306e270_JaffaCakes118

Files

d4414a0e90ad5501ccbab28b6306e270_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72c3c8440864580efefee9fe278e655a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\

Imports

comctl32

CreatePropertySheetPageA
MakeDragList
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_GetImageRect
DrawInsert
ImageList_Add
CreateToolbar
ImageList_GetFlags
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_DrawIndirect
ImageList_GetImageCount
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_Write
ImageList_Merge

user32

GetThreadDesktop
DefDlgProcW
ToAsciiEx
InternalGetWindowText
DrawIconEx
wsprintfA
GetPriorityClipboardFormat
DialogBoxIndirectParamA
EnumDisplaySettingsA
SetPropA
GetForegroundWindow
SetWindowPlacement
SetCaretBlinkTime
SetMenuItemBitmaps
AdjustWindowRect
DdeQueryStringA
GetKeyState
SetDebugErrorLevel
GetAncestor
UnhookWindowsHook
ScreenToClient
GetNextDlgTabItem
RegisterClassA
ScrollDC
GetWindow
NotifyWinEvent
IsDialogMessage
ReleaseCapture
ShowScrollBar
FindWindowExW
ChangeDisplaySettingsExA
RegisterClassExA
SystemParametersInfoA
SetFocus
SetMenuItemInfoA
GetWindowTextLengthW
ShowCaret
SetWindowsHookW

kernel32

SetStdHandle
TerminateProcess
GetProcAddress
IsValidLocale
GetLastError
lstrcat
FlushFileBuffers
HeapAlloc
GetCurrentProcessId
GetCommandLineA
FreeEnvironmentStringsW
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
GetSystemInfo
EnumSystemCodePagesW
OpenMutexA
OpenSemaphoreA
HeapDestroy
AddAtomA
GetEnvironmentStringsW
InterlockedExchange
CreateMailslotW
EnterCriticalSection
WriteFile
VirtualProtect
GetPriorityClass
GetStringTypeW
GetCommandLineW
GetVersionExA
TlsFree
HeapFree
SetConsoleActiveScreenBuffer
VirtualLock
VirtualAlloc
GetTickCount
LCMapStringW
GetModuleHandleA
UnhandledExceptionFilter
GetEnvironmentStrings
SetTimeZoneInformation
EnumDateFormatsA
GetTimeFormatA
LCMapStringA
GetLocaleInfoA
LeaveCriticalSection
CreateEventW
GetProcessAffinityMask
CreateFileMappingA
GetStartupInfoA
InitializeCriticalSection
HeapCreate
VirtualQuery
GetDateFormatA
IsDebuggerPresent
GetStartupInfoW
GetStdHandle
GetProcAddress
DebugBreak
GetACP
SetHandleCount
ReadFile
GetProfileSectionA
TlsAlloc
GetLongPathNameW
GetUserDefaultLCID
GetLocaleInfoW
GetFileType
LoadLibraryA
TlsGetValue
IsBadWritePtr
CloseHandle
VirtualFree
SetLastError
DeleteCriticalSection
GetCPInfo
GetSystemTimeAsFileTime
IsValidCodePage
GetEnvironmentStringsA
WideCharToMultiByte
SetUnhandledExceptionFilter
HeapSize
CompareStringW
SetEnvironmentVariableA
GetModuleFileNameA
GetCurrentThreadId
GetModuleFileNameW
MultiByteToWideChar
HeapReAlloc
GetTimeZoneInformation
RtlUnwind
CreateMutexA
GetOEMCP
SetFilePointer
CompareStringA
ExitProcess
FreeEnvironmentStringsA
TlsSetValue
GetStringTypeA
EnumSystemLocalesA
GetDateFormatW

advapi32

RegSetKeySecurity
CryptGetProvParam
CryptSetHashParam
CryptDeriveKey

shell32

ShellExecuteExA
SheChangeDirExW
FindExecutableW
DoEnvironmentSubstW

comdlg32

ChooseFontA
ChooseFontW

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72c3c8440864580efefee9fe278e655a

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

advapi32

shell32

comdlg32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 252KB - Virtual size: 250KB

.data Size: 120KB - Virtual size: 123KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 252KB - Virtual size: 250KB

.data
Size: 120KB - Virtual size: 123KB

.rsrc
Size: 24KB - Virtual size: 22KB