dbcccd39621defa3883b6fc308bede22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dbcccd39621defa3883b6fc308bede22_JaffaCakes118
Size

352KB
MD5

dbcccd39621defa3883b6fc308bede22
SHA1

569a61a41388f8a43c4631627a10b7d6cd4616a3
SHA256

ebef60712127480d0c17088c36a64d4c863ec3042bafdfbab5fe210d8281bafc
SHA512

9bda337f940409d00ee61c5160af157571873576f52e7be09a7fc2c74f01c15621e39157d21b354f3be0267a8f7ebf3dfd2cec3ce12a382362e82702763c0aed
SSDEEP

6144:f7rioQ4BOFI5J+1TtGtH7vuYWTHn5ZuN1MeHQXiFlr41CZn4dQ:f7+IQI5J0GtH1W75ZHYl8ml

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbcccd39621defa3883b6fc308bede22_JaffaCakes118

Files

dbcccd39621defa3883b6fc308bede22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a92e1bb4dd54c19ddc49f81fa430d83e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\EHVCFOURN\SEOXCJQUA\OOEANDVVW

Imports

user32

IsCharUpperA
DdeAddData
CheckRadioButton
TabbedTextOutA
DeleteMenu
IsChild
LoadBitmapW
RegisterClassA
UnhookWindowsHookEx
DdeCreateDataHandle
DdeFreeDataHandle
LoadKeyboardLayoutW
GetWindowPlacement
EnumDisplaySettingsExA
ChangeDisplaySettingsExW
EnableMenuItem
RegisterClassExA
LoadMenuIndirectA
GetClassInfoExW
MsgWaitForMultipleObjects

kernel32

GetTimeZoneInformation
FreeLibraryAndExitThread
GetCurrentProcess
GetSystemDefaultLCID
TlsGetValue
InterlockedExchange
MultiByteToWideChar
IsDebuggerPresent
TerminateThread
SetHandleCount
GetCurrentThreadId
LoadLibraryA
VirtualQuery
GetConsoleMode
CloseHandle
FileTimeToDosDateTime
TerminateProcess
GetConsoleCP
TransactNamedPipe
CompareStringW
CreateDirectoryW
GetCPInfo
RtlFillMemory
CreateNamedPipeA
DuplicateHandle
WriteConsoleOutputW
IsValidCodePage
ConvertDefaultLocale
ReadConsoleA
GetModuleFileNameA
LocalFileTimeToFileTime
SetEnvironmentVariableA
FlushFileBuffers
GetLocaleInfoA
Sleep
IsValidLocale
lstrcat
LockFileEx
WriteFile
GetModuleFileNameW
SetWaitableTimer
FreeLibrary
ExitProcess
GetCommandLineW
HeapReAlloc
TryEnterCriticalSection
GetProcessHeap
GetStartupInfoA
RtlUnwind
GetConsoleOutputCP
lstrcpyn
GetComputerNameW
GetStringTypeW
VirtualAlloc
CompareFileTime
GetAtomNameA
TlsAlloc
HeapDestroy
GetLocaleInfoW
SetConsoleCtrlHandler
ExpandEnvironmentStringsW
GetVersionExA
TlsFree
DebugActiveProcess
GetModuleHandleA
GetDateFormatA
GetSystemTimeAsFileTime
GetEnvironmentStrings
EnumSystemLocalesA
LCMapStringW
RemoveDirectoryW
GetLogicalDriveStringsA
HeapFree
GlobalDeleteAtom
WriteConsoleA
HeapSize
CreateFileA
GetSystemDirectoryW
LeaveCriticalSection
OpenMutexA
GetTempPathW
WriteConsoleW
HeapAlloc
UnhandledExceptionFilter
GlobalReAlloc
FreeEnvironmentStringsW
VirtualFree
GetCurrentThread
GetACP
EnterCriticalSection
SetLastError
GetTickCount
ReadFile
WideCharToMultiByte
SetConsoleWindowInfo
CompareStringA
SetFilePointer
GetUserDefaultLCID
LCMapStringA
TlsSetValue
OutputDebugStringA
GetStringTypeA
EnumSystemLocalesW
GetFileType
WritePrivateProfileStructW
GetProcAddress
OpenEventA
GetStdHandle
lstrcmpW
WriteFileEx
InterlockedDecrement
DeleteCriticalSection
GetOEMCP
InterlockedCompareExchange
GetCurrentProcessId
ReadFileEx
GetTimeFormatA
GlobalGetAtomNameW
GetLastError
FreeEnvironmentStringsA
InitializeCriticalSection
FindNextChangeNotification
SetStdHandle
QueryPerformanceCounter
HeapCreate
GetCommandLineA
GetNumberFormatW
CreateMutexA
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetCurrentDirectoryA
InterlockedIncrement

comctl32

DrawStatusText
ImageList_GetImageInfo
ImageList_GetDragImage
ImageList_DragMove
_TrackMouseEvent
ImageList_LoadImageW
CreateToolbarEx
InitCommonControlsEx
CreateMappedBitmap
ImageList_SetFilter
ImageList_DragLeave
CreatePropertySheetPageW
ImageList_Remove
ImageList_LoadImage
CreateUpDownControl
ImageList_Add
ImageList_SetBkColor

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a92e1bb4dd54c19ddc49f81fa430d83e

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 99KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 99KB

.rsrc
Size: 40KB - Virtual size: 39KB