d55f802169296176e25f6523d442038f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d55f802169296176e25f6523d442038f_JaffaCakes118
Size

696KB
MD5

d55f802169296176e25f6523d442038f
SHA1

0f38e173c971c925ac15cddc4fa018eb45dd9a4b
SHA256

329c08371992770d548785b08913a04e8d2998644989e0122bfcf025544786e9
SHA512

ec575ad45faa5252fb8457b62f5ec91ad26978c6fa1ec863b8afb8f7ddd51ad1456a703143f34025747f24c714c219fb260253514bef9d439f77b7d35cbe8367
SSDEEP

12288:0dLVkqfyAagO7+M/BaoDDEFleyufZf/dtKK+M26+DKu6w35YXho2D:0dLVkgC22Z9VwWXa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d55f802169296176e25f6523d442038f_JaffaCakes118

Files

d55f802169296176e25f6523d442038f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d48ada8bdc1febe4bfcb447860a6ab39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ejff.pdb

Imports

shell32

SHInvokePrinterCommandA
SHGetFileInfoA

gdi32

CreateColorSpaceA
DeleteObject
GetObjectW
GetDeviceCaps
CreateDCA
DeleteDC
SelectObject

kernel32

InitializeCriticalSection
GetCommandLineW
QueryPerformanceCounter
HeapDestroy
FlushFileBuffers
VirtualQuery
GetCPInfo
LeaveCriticalSection
GetEnvironmentStrings
GetCurrentThread
SetEnvironmentVariableA
SetStdHandle
EnumResourceNamesW
SetHandleCount
IsBadWritePtr
RtlUnwind
CreateDirectoryExW
HeapReAlloc
GetEnvironmentStringsW
LCMapStringW
ReadFile
HeapFree
ExitProcess
InterlockedIncrement
GetStartupInfoA
GetTickCount
GetStdHandle
CompareStringW
HeapAlloc
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetLastError
WriteFile
TlsGetValue
CreateMutexA
VirtualFree
SetFileAttributesA
GetCurrentProcess
DeleteCriticalSection
EnterCriticalSection
HeapCreate
OpenMutexA
EnumResourceTypesW
SetLastError
UnhandledExceptionFilter
WideCharToMultiByte
TlsFree
InterlockedExchange
CloseHandle
GetAtomNameA
GetStringTypeW
OpenFile
MultiByteToWideChar
SetFilePointer
GetVersion
GetModuleHandleA
GlobalFree
TlsSetValue
FreeEnvironmentStringsW
VirtualAlloc
SetTimeZoneInformation
GetPrivateProfileIntA
CreateMutexW
TerminateProcess
GetModuleFileNameW
GetLocalTime
GetCurrentThreadId
SleepEx
FreeEnvironmentStringsA
TlsAlloc
GetSystemTime
GetFileType
GetStringTypeA
GetTimeZoneInformation
InterlockedDecrement
EnumDateFormatsA
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
CompareStringA
GetCommandLineA

comctl32

ImageList_GetImageCount
ImageList_EndDrag
ImageList_GetIcon
CreateMappedBitmap
ImageList_SetOverlayImage
CreateStatusWindowA
InitCommonControlsEx
ImageList_GetDragImage
ImageList_Remove
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_SetDragCursorImage
DestroyPropertySheetPage
CreateToolbar
ImageList_DragShowNolock
ImageList_Read

wininet

InternetTimeToSystemTimeW

advapi32

CreateServiceW
CryptHashSessionKey
CryptGetUserKey
RegSaveKeyA
RegConnectRegistryA
AbortSystemShutdownW
LookupSecurityDescriptorPartsW
RegCreateKeyA
CryptAcquireContextA

user32

SetWindowsHookExW
DestroyWindow
GetKBCodePage
OpenInputDesktop
OpenDesktopA
DefWindowProcW
CreateMDIWindowW
DdeGetData
CallMsgFilter
CreateDesktopA
VkKeyScanExA
RegisterClassA
RegisterClassExA
MessageBoxA
SetRectEmpty
TrackPopupMenuEx
DdeQueryConvInfo
CreateIconFromResourceEx
SetPropA
GetActiveWindow
CreateWindowExA
DeleteMenu
wsprintfW
SetWindowPos
ShowWindow
GetKeyboardLayoutList
IntersectRect

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 448KB - Virtual size: 447KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48ada8bdc1febe4bfcb447860a6ab39

Headers

File Characteristics

PDB Paths

Imports

shell32

gdi32

kernel32

comctl32

wininet

advapi32

user32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 448KB - Virtual size: 447KB

.data Size: 136KB - Virtual size: 147KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 448KB - Virtual size: 447KB

.data
Size: 136KB - Virtual size: 147KB

.rsrc
Size: 28KB - Virtual size: 26KB