dd2d4739806c97c188ff08f0381d2d73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dd2d4739806c97c188ff08f0381d2d73_JaffaCakes118
Size

565KB
MD5

dd2d4739806c97c188ff08f0381d2d73
SHA1

05c8830ff2106a254ba4a5a4611dd1296949f3ae
SHA256

79ca27355c733e841a05dec7fad8c2aab6871e48ce0d5ae5ceaf4f09d982cb9c
SHA512

dbdd20bca8bed7beb0ed1d5fdf126361a3ac30da86fb9150c805c61abe10fc73ceec70b09a67f1b16880855f7e3c15efbce50420d6fc12874bd6b3b2d40218f2
SSDEEP

12288:KyYANRtDaPpQgRnrXkx3hx0r5pHl8RHp/2xgJjwKINoFP5ccni+v8IagF+jXyaWY:fBNRt+PpxRnIx3crjCtpuojwKIb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd2d4739806c97c188ff08f0381d2d73_JaffaCakes118

Files

dd2d4739806c97c188ff08f0381d2d73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba54a418dcdbc965b431994b17c4bf17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\psvia\ypeyabkiw\oioh\reoe\oqv\doelaes.PDB

Imports

comctl32

ImageList_GetIconSize
ImageList_DragMove
ImageList_Copy
ImageList_GetIcon
ImageList_SetBkColor
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_LoadImageA
DrawStatusText
ImageList_Draw
ImageList_DrawEx
CreateStatusWindowA
CreateUpDownControl

user32

GetClassNameW
GetClipboardFormatNameA
EnableScrollBar
ValidateRect
OpenIcon
PackDDElParam
RegisterClassExA
SetThreadDesktop
SetDoubleClickTime
GetDesktopWindow
GetDlgItem
IsWindowVisible
WindowFromPoint
SetWindowPlacement
EnumDisplayDevicesA
GetWindowInfo
RegisterClassA
DispatchMessageW
BringWindowToTop
IsCharUpperW
GetWindowModuleFileNameA
BeginPaint

wininet

GopherGetAttributeW
RetrieveUrlCacheEntryFileA
InternetCombineUrlW

kernel32

GetEnvironmentStringsW
InitializeCriticalSection
VirtualFree
CompareStringA
GetCurrentThreadId
InterlockedIncrement
HeapReAlloc
HeapDestroy
GetLocalTime
GetProcAddress
GetSystemTimeAsFileTime
GetStringTypeA
GetModuleFileNameW
GetLastError
QueryPerformanceCounter
MultiByteToWideChar
SetEnvironmentVariableA
GetStdHandle
GetCurrentProcess
GetEnvironmentStrings
CloseHandle
FreeEnvironmentStringsA
LeaveCriticalSection
GetModuleFileNameA
GetModuleHandleA
UnhandledExceptionFilter
GetCPInfo
VirtualQuery
GetCommandLineW
SetFilePointer
SetStdHandle
GetFileType
GetTimeZoneInformation
OpenMutexA
WritePrivateProfileStructW
CreateSemaphoreA
LoadLibraryA
HeapAlloc
GetExitCodeThread
GetStartupInfoW
DeleteCriticalSection
CreateMutexA
FlushFileBuffers
FreeEnvironmentStringsW
TlsGetValue
InterlockedExchange
TerminateProcess
TlsFree
HeapCreate
WideCharToMultiByte
LCMapStringW
ReadFile
SetLastError
LCMapStringA
SetHandleCount
RtlUnwind
GetVersion
GetStartupInfoA
WriteFile
TlsSetValue
GetStringTypeW
ExitProcess
GetSystemTime
GetCurrentThread
HeapFree
GetTickCount
GetCommandLineA
IsBadWritePtr
InterlockedDecrement
GetCurrentProcessId
CompareStringW
EnterCriticalSection
VirtualAlloc
TlsAlloc

comdlg32

PageSetupDlgA
PrintDlgA
GetFileTitleW
ChooseFontW

advapi32

RegFlushKey
RegCreateKeyExA
CryptAcquireContextW
RegQueryInfoKeyW

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba54a418dcdbc965b431994b17c4bf17

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

wininet

kernel32

comdlg32

advapi32

Sections

.text Size: 162KB - Virtual size: 161KB

.rdata Size: 246KB - Virtual size: 254KB

.data Size: 119KB - Virtual size: 118KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 162KB - Virtual size: 161KB

.rdata
Size: 246KB - Virtual size: 254KB

.data
Size: 119KB - Virtual size: 118KB

.rsrc
Size: 36KB - Virtual size: 36KB