da31d2730b43c86f0646357abf65752f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da31d2730b43c86f0646357abf65752f_JaffaCakes118
Size

524KB
MD5

da31d2730b43c86f0646357abf65752f
SHA1

f826e2910955a6291b9e4bbb403b4fb04b4c4215
SHA256

713adf461e804a1601ab477ec9f6be7afb711fd1aed3c4c8fab00368a39689dd
SHA512

ee1137552a67f1273534a5e222756c5923652ac61321925f6c6f73bb70e55d9485b22a6b70c24fec00c6b6fe7d10a0193612e9ebafdba013aa63b6b4ca719d08
SSDEEP

12288:gG0suejehegBEc+ur4yiMJgpIi9odQCLUEwW6gZvHge:90sueihFzliMJgpIi9odDLUpRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da31d2730b43c86f0646357abf65752f_JaffaCakes118

Files

da31d2730b43c86f0646357abf65752f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ce7864507d97edd009116ef967ed2da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\oapb.pdb

Imports

kernel32

CreateMutexA
GetStringTypeA
FreeEnvironmentStringsW
GetPrivateProfileStructA
HeapDestroy
LoadLibraryA
RtlUnwind
GetLogicalDriveStringsA
GetProfileSectionW
WriteProfileSectionA
GetEnvironmentStringsW
GetModuleHandleW
lstrlenW
EnumSystemLocalesW
MultiByteToWideChar
IsBadWritePtr
TlsGetValue
SetHandleCount
WideCharToMultiByte
TlsAlloc
lstrcpy
ConvertDefaultLocale
GetSystemTimeAsFileTime
GetPriorityClass
InterlockedIncrement
HeapReAlloc
GetStartupInfoA
OpenMutexA
lstrcpyW
GetCurrentProcess
EnumDateFormatsExA
SetThreadAffinityMask
TlsSetValue
LCMapStringW
GetStringTypeW
EnumResourceNamesA
GetCurrentThreadId
GetACP
VirtualFree
OpenProcess
InterlockedExchange
VirtualAlloc
GetModuleFileNameA
TlsFree
SetThreadContext
VirtualQuery
CommConfigDialogA
GetOEMCP
EnumCalendarInfoExW
EnumDateFormatsW
WriteFile
GetSystemTime
InterlockedDecrement
TerminateProcess
GetCurrentThread
GetPrivateProfileIntW
lstrcatA
ExpandEnvironmentStringsA
GetSystemDirectoryW
GetCPInfo
GetLongPathNameW
CloseHandle
InitializeCriticalSection
GetProcAddress
GetLocalTime
GetCurrentProcessId
GetEnvironmentStrings
WriteConsoleW
GetPrivateProfileIntA
LeaveCriticalSection
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
FlushFileBuffers
DeleteCriticalSection
GetStdHandle
GlobalFlags
LockResource
SetFilePointer
CompareStringA
GetNumberFormatW
GetModuleHandleA
GetTickCount
HeapFree
EnumDateFormatsA
FindResourceW
SetStdHandle
QueryPerformanceCounter
LCMapStringA
HeapAlloc
FlushInstructionCache
GetFileType
GetThreadSelectorEntry
GetLastError
ExitProcess
GetVersion
FreeEnvironmentStringsA
CreateSemaphoreA
SetLastError
HeapCreate
ReadFile
UnhandledExceptionFilter
GetTimeZoneInformation
CreateWaitableTimerA
EnterCriticalSection

user32

SetClipboardViewer
CallWindowProcW
GetCursorInfo
LoadMenuA
MapVirtualKeyExA
CharNextExA
UnpackDDElParam
GetKeyNameTextW
SetDebugErrorLevel
GetSystemMetrics
GetMenuContextHelpId
InsertMenuItemA
SetWindowTextW
EmptyClipboard
DefDlgProcW
GetKeyState
ReleaseCapture
DefWindowProcA
IsRectEmpty
CreateIconIndirect
MessageBoxExW
NotifyWinEvent
RegisterClassExA
DialogBoxIndirectParamW
DestroyWindow
ChangeDisplaySettingsA
ModifyMenuA
DrawFrameControl
CreateWindowExW
GetDlgItem
SetCursorPos
EnumDesktopsW
LoadCursorFromFileA
DdeAddData
GetMenuItemInfoA
EnumChildWindows
EnumWindowStationsA
GetSysColor
DlgDirSelectExW
GetWindowTextA
SetRectEmpty
ChangeMenuW
ShowWindow
CheckMenuItem
IsMenu
IsCharAlphaA
BroadcastSystemMessageW
MessageBoxA
IsChild
SendIMEMessageExW
UnionRect
CharLowerW
UnhookWindowsHook
SetMenu
GetAsyncKeyState
PeekMessageW
GetUserObjectInformationA
CharUpperBuffA
OemToCharBuffA
WindowFromDC
SetScrollInfo
OemKeyScan
CascadeChildWindows
GetScrollBarInfo
SetPropW
UnregisterHotKey
SetCaretPos
LoadAcceleratorsA
CopyAcceleratorTableA
RegisterClassA

comctl32

ImageList_Read
ImageList_LoadImage
InitCommonControlsEx
_TrackMouseEvent
ImageList_SetIconSize
ImageList_Remove
ImageList_SetFilter
ImageList_LoadImageA
ImageList_SetOverlayImage
ImageList_Replace
ImageList_Draw
CreatePropertySheetPage
DestroyPropertySheetPage
CreateUpDownControl
DrawInsert
DrawStatusText
InitMUILanguage
CreateToolbar
GetEffectiveClientRect
ImageList_AddMasked
DrawStatusTextA
ImageList_Merge

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ce7864507d97edd009116ef967ed2da

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 260KB - Virtual size: 256KB

.data Size: 108KB - Virtual size: 135KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 260KB - Virtual size: 256KB

.data
Size: 108KB - Virtual size: 135KB

.rsrc
Size: 16KB - Virtual size: 15KB