d56ba296bd59b3ccabec3947043b9042_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d56ba296bd59b3ccabec3947043b9042_JaffaCakes118
Size

276KB
MD5

d56ba296bd59b3ccabec3947043b9042
SHA1

352783bcdf8442c475dfb7452165addcaae2cc73
SHA256

75a0a219c650d6685e908c8d1263a0aa7ba87624cf08ccf6adbbb87a71c12e57
SHA512

ad56bbd972685d8cddd14461a6ceed7bac07641cbe2aa87af7938e5aa49ea1e78052d180e0d7930e866a950d2d918ec92ad1b9f0c3826b81a66d57b4863ccfb7
SSDEEP

3072:2/dIwefd5jhVIP7gZDNDi9Wc0bl65aGou8gMH2cT4uoRbXBQO7lbef3HM7+LvDgR:2gd53eX05AaLHJYbXRJO3yqg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56ba296bd59b3ccabec3947043b9042_JaffaCakes118

Files

d56ba296bd59b3ccabec3947043b9042_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b3cc3514b8953d196a01d9b6bf94a8c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\evonvt\jnbhe\

Imports

user32

wvsprintfA
GetClipboardData
OpenWindowStationA
SetClassLongW
UnionRect
GetWindowTextW
OpenInputDesktop
OpenWindowStationW
BringWindowToTop
CharPrevExA
DispatchMessageW
DdeClientTransaction
InsertMenuW
GetKeyNameTextA
ChangeDisplaySettingsExW
GetWindowLongW
IsMenu
GetDoubleClickTime
BlockInput
SetWindowTextW
EnumDisplaySettingsExA
SetWindowPos
IsDialogMessageW
DestroyWindow
GetClassInfoExW
RegisterClassExA
CallWindowProcA
SetFocus
SetMenu
GetWindowModuleFileNameW
GetShellWindow
ReleaseDC
OemToCharBuffW
DdeInitializeA
DrawTextExW
TrackPopupMenu
SetWindowLongA
IsCharLowerW
CopyIcon
CharLowerBuffA
ShowWindow
RegisterClassA
PeekMessageA
GetQueueStatus
ShowCaret
UnloadKeyboardLayout
LoadKeyboardLayoutW
DdeCmpStringHandles
CopyImage
CreateWindowExA
OemToCharW
OffsetRect
MessageBoxA
SetUserObjectInformationA
EditWndProc
UnregisterHotKey
DdeDisconnect
IsWindowVisible
DrawIcon
DefWindowProcW
AdjustWindowRect
EnumPropsA
AttachThreadInput
DispatchMessageA
GetMessageW
DlgDirSelectExW
PostMessageW

comctl32

MakeDragList
DrawStatusText
CreatePropertySheetPageA
ImageList_SetIconSize
InitCommonControlsEx
CreateStatusWindowA
ImageList_Create
CreateToolbarEx
ImageList_GetIcon
DestroyPropertySheetPage
ImageList_Read
ImageList_AddIcon
ImageList_Copy
ImageList_DrawIndirect
CreateMappedBitmap
ImageList_LoadImageW
ImageList_BeginDrag

kernel32

SetEnvironmentVariableW
DeleteFiber
WriteConsoleOutputA
GetFileTime
RtlUnwind
IsBadWritePtr
VirtualQuery
HeapDestroy
SetLastError
ReadConsoleOutputW
UnhandledExceptionFilter
TlsSetValue
TlsAlloc
GetShortPathNameW
GetCurrentThread
GlobalGetAtomNameA
GetLogicalDrives
WriteFile
ReadConsoleInputW
HeapLock
ReadFile
GetACP
RaiseException
VirtualFree
GetCurrentProcessId
GetStringTypeW
SetEvent
GetTempFileNameA
GetCurrentProcess
GetDateFormatA
GetCommandLineA
HeapAlloc
SetConsoleTextAttribute
CreateMutexA
LoadLibraryA
UnlockFile
GetLocaleInfoW
ExitProcess
GetNamedPipeHandleStateA
GetCPInfo
GetExitCodeThread
GetProcessHeap
GetEnvironmentStrings
GetSystemDirectoryA
GetModuleFileNameW
LCMapStringA
SetHandleCount
SetComputerNameA
LeaveCriticalSection
GetUserDefaultLCID
GetCurrencyFormatW
LCMapStringW
SetWaitableTimer
CompareFileTime
SetConsoleCP
CompareStringA
WaitForMultipleObjectsEx
UnlockFileEx
EnumCalendarInfoExA
MapViewOfFileEx
FindNextChangeNotification
GetLocaleInfoA
GetLastError
GetProcessShutdownParameters
GlobalFlags
FreeLibrary
ReadConsoleOutputCharacterA
GetVersionExA
GetSystemTime
CopyFileA
GetLogicalDriveStringsW
EnterCriticalSection
SetEnvironmentVariableA
IsValidLocale
CompareStringW
GetTimeZoneInformation
VirtualAlloc
GetStringTypeA
HeapReAlloc
ReadConsoleOutputCharacterW
GetModuleFileNameA
LocalCompact
LoadLibraryExA
DeleteCriticalSection
HeapSize
CreateSemaphoreA
OpenMutexA
GetSystemTimeAsFileTime
GetFileType
GetPrivateProfileSectionA
GlobalFix
GetProcAddress
GetStdHandle
GetSystemInfo
HeapFree
GetCurrentThreadId
HeapCreate
GlobalFree
InitializeCriticalSection
TlsFree
lstrcpy
EnumSystemLocalesA
GetEnvironmentStringsW
CloseHandle
ReadConsoleInputA
GetThreadPriorityBoost
VirtualProtect
GetThreadLocale
QueryPerformanceCounter
GetOEMCP
IsValidCodePage
GlobalFindAtomA
GetSystemDirectoryW
SetStdHandle
CreateThread
GetTimeFormatA
GlobalDeleteAtom
FreeEnvironmentStringsW
GetProfileSectionW
MultiByteToWideChar
GetTickCount
GetModuleHandleA
ConnectNamedPipe
TlsGetValue
SetThreadLocale
WriteConsoleInputW
CreateDirectoryW
SetConsoleTitleA
FindFirstFileExW
FlushFileBuffers
SetFilePointer
TerminateProcess
AddAtomA
ResumeThread
RtlMoveMemory
lstrcpyW
WaitNamedPipeW
InterlockedExchange
GetStartupInfoA
GetLongPathNameA
lstrlenA
WideCharToMultiByte
SetConsoleScreenBufferSize
FreeEnvironmentStringsA

gdi32

AddFontResourceA
GetBkColor
GdiGetBatchLimit
GetStretchBltMode
Polygon
GetTextCharset
CreateFontW
LPtoDP
DeviceCapabilitiesExW
SetColorSpace
GetROP2
CloseFigure
GetMetaFileBitsEx
gdiPlaySpoolStream
SetMapMode
SetBkColor
SwapBuffers
CreateHatchBrush
DeleteColorSpace

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3cc3514b8953d196a01d9b6bf94a8c8

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

gdi32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 88KB - Virtual size: 117KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 88KB - Virtual size: 117KB

.rsrc
Size: 28KB - Virtual size: 25KB