d49f4cc0ae495f9da4af26598891d005_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d49f4cc0ae495f9da4af26598891d005_JaffaCakes118
Size

756KB
MD5

d49f4cc0ae495f9da4af26598891d005
SHA1

4118838b80178449da457610d994e55685d6f3dd
SHA256

062867c4e1eb0a937462a2c72128bc7ac4273c01c1b7d0273b50e23ba3a6e3ab
SHA512

f5b17b10f50d758a4cda078d8da059b16172295825d715b869ff134364016fe93eff5cc86d04525e890d10977b8697d4e6279b749a47859387f94ac390e02c7a
SSDEEP

12288:w2fcs6as22D6HE6iAGZ72nK/nStFuc7FtvXRfhgjYwjNB05OXIsODi:w20s6H5D6k6ZGZKK/neuc/BfhgdNhXta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d49f4cc0ae495f9da4af26598891d005_JaffaCakes118

Files

d49f4cc0ae495f9da4af26598891d005_JaffaCakes118
.exe windows:4 windows x86 arch:x86

502321a7b392f95271f52132659dbfc0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\bqsqyinx

Imports

user32

DdeQueryStringA
WindowFromDC
CreateWindowExA
OpenClipboard
DdeImpersonateClient
SetScrollRange
SetPropA
GetPropA
DrawEdge
GetDlgItemTextW
MapDialogRect
GetMenuContextHelpId
AnimateWindow
IsCharAlphaNumericA
TrackMouseEvent
FindWindowExW
DialogBoxIndirectParamA
RegisterClassExA
LoadBitmapA
DrawTextA
SetUserObjectSecurity
SendIMEMessageExW
DefFrameProcW
CreateIcon
PostMessageW
PaintDesktop
SetCaretPos
GetMessageA
DefWindowProcA
MonitorFromRect
DrawCaption
SetProcessWindowStation
CreatePopupMenu
IsWindowVisible
ValidateRect
SetPropW
ShowWindow
CloseClipboard
CopyAcceleratorTableW
CountClipboardFormats
EnumPropsW
RegisterClassA
DestroyWindow
InvertRect
InsertMenuItemA
SendMessageTimeoutW
VkKeyScanW
RegisterClipboardFormatW
CharLowerA
PtInRect
GetSysColor
IsCharLowerW
IsClipboardFormatAvailable
CharUpperBuffW
SetCapture
GetTopWindow
RegisterWindowMessageW
GetDCEx
DdeUnaccessData
DlgDirListW
CreateAcceleratorTableW
CharNextExA
SetFocus
CharPrevExA
ScreenToClient
SetWindowPlacement
SetLastErrorEx
RegisterClassW
wvsprintfA
DragDetect
WINNLSGetIMEHotkey
GetMessageExtraInfo
TranslateAccelerator
LoadImageW
EnumDisplayMonitors
FindWindowW
EnumPropsA
CopyAcceleratorTableA
LoadAcceleratorsA
CheckRadioButton
GetMenuItemInfoW
ToUnicode
IsCharAlphaW
ChildWindowFromPointEx
PostQuitMessage
GetMonitorInfoA
MoveWindow
NotifyWinEvent
DlgDirListComboBoxA
GetWindowPlacement
CharNextW
DlgDirListComboBoxW
MapVirtualKeyA
WaitMessage
GrayStringA
PeekMessageW
GetClipboardFormatNameW
CreateDialogIndirectParamA
GetMenuStringW
RegisterHotKey
SubtractRect
MessageBoxA

comctl32

DestroyPropertySheetPage
ImageList_Destroy
ImageList_Draw
ImageList_SetFilter
ImageList_GetFlags
_TrackMouseEvent
ImageList_Copy
CreateMappedBitmap
ImageList_DragMove
ImageList_SetOverlayImage
ImageList_GetImageCount
CreateStatusWindow
CreatePropertySheetPage
ImageList_Write
CreateStatusWindowW
InitCommonControlsEx
ImageList_SetFlags
CreateToolbarEx
ImageList_LoadImage
ImageList_Merge
ImageList_SetDragCursorImage
DrawStatusTextW
ImageList_GetImageRect
CreateUpDownControl

gdi32

SetMapMode
BeginPath
StartDocA
DrawEscape
EnumFontFamiliesA
GetTextExtentExPointW

kernel32

TerminateProcess
EnumResourceLanguagesW
CommConfigDialogW
GetACP
GetEnvironmentStringsW
WideCharToMultiByte
SetLocalTime
FreeEnvironmentStringsW
TlsSetValue
GetSystemDefaultLCID
CreateToolhelp32Snapshot
GetModuleFileNameA
OpenProcess
GetPrivateProfileIntW
GlobalFindAtomW
CreateFileW
MultiByteToWideChar
DeleteCriticalSection
FindResourceExW
CopyFileExA
GetCurrentProcess
CreateMutexA
EnumCalendarInfoW
CreateDirectoryExW
FindResourceExA
GetModuleFileNameW
GetLocalTime
GetCommandLineA
GetSystemTime
GetStringTypeA
GetDiskFreeSpaceW
FindAtomW
TlsAlloc
GlobalAddAtomA
CompareStringW
SetEnvironmentVariableA
HeapDestroy
LCMapStringW
SetFilePointer
GetLogicalDriveStringsA
SetLastError
RtlUnwind
RtlZeroMemory
GetProcAddress
OpenMutexA
InterlockedExchange
lstrcmpiA
GetPrivateProfileSectionNamesW
GetStdHandle
HeapFree
LockFileEx
SetHandleCount
SetConsoleActiveScreenBuffer
GetCurrentProcessId
SetUnhandledExceptionFilter
CompareStringA
LeaveCriticalSection
ReadFile
QueryPerformanceCounter
GetTimeZoneInformation
VirtualFree
GetStartupInfoA
ExitProcess
HeapLock
GetProfileSectionW
GetLastError
GetVersion
GetModuleHandleA
GetCurrentThread
RtlFillMemory
VirtualAlloc
OpenFileMappingA
GetExitCodeProcess
FreeEnvironmentStringsA
GetStringTypeW
InterlockedIncrement
GetCurrentThreadId
GetOEMCP
LCMapStringA
GetComputerNameW
LocalShrink
GetLongPathNameW
SetStdHandle
FreeResource
TlsGetValue
AddAtomW
GetFileType
GetCPInfo
FlushFileBuffers
FindClose
GetEnvironmentStrings
HeapAlloc
GetSystemDefaultLangID
InitializeCriticalSection
CloseHandle
TlsFree
UnhandledExceptionFilter
LockFile
lstrcatA
InterlockedDecrement
VirtualQuery
GetTickCount
LocalUnlock
IsBadWritePtr
EnterCriticalSection
SetCurrentDirectoryA
GetConsoleTitleW
CreateProcessA
GetSystemTimeAsFileTime
HeapCreate
LoadLibraryA
TryEnterCriticalSection
GlobalLock
WriteFile
UnlockFile
HeapReAlloc
GetDateFormatW

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

502321a7b392f95271f52132659dbfc0

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

gdi32

kernel32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 404KB - Virtual size: 402KB

.data Size: 132KB - Virtual size: 159KB

.rsrc Size: 48KB - Virtual size: 45KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 404KB - Virtual size: 402KB

.data
Size: 132KB - Virtual size: 159KB

.rsrc
Size: 48KB - Virtual size: 45KB