e03e269d51cad82b58f682f0237f51e6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e03e269d51cad82b58f682f0237f51e6_JaffaCakes118
Size

613KB
MD5

e03e269d51cad82b58f682f0237f51e6
SHA1

9cd9dc061d5834a1335111596c77cd66ef8a000c
SHA256

1da2faf336b6ef20b903970ec66189b28d221ad7d3acf43d4199419179fe609e
SHA512

ba0fac38373fb521fae93d34206d48d299c4926030e63a3046eb62f68981a0aa88f6a4ddff281cf484e6cc220f2c0a195656221a064780f041b58be7c990165c
SSDEEP

12288:l4GZ4aQolcocMjIHIp0VNL07Sbtznxny4L6+:lLZHlcofh+VB4SbpVyk6+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e03e269d51cad82b58f682f0237f51e6_JaffaCakes118

Files

e03e269d51cad82b58f682f0237f51e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeaf68799785fe46442112220657330d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\ypf\psm

Imports

gdi32

StrokePath
CreateScalableFontResourceW
Polygon
SetDeviceGammaRamp
GetDeviceGammaRamp
CreateHalftonePalette
ResizePalette
OffsetClipRgn
SetColorAdjustment
GetTextMetricsW
ArcTo
GetObjectW
ModifyWorldTransform
SetWindowExtEx
AddFontResourceA
SetMetaFileBitsEx
GetTextExtentExPointW
SelectPalette
PtVisible
Pie
SetBkMode
GetCurrentPositionEx
CreateDIBSection
Ellipse
GetWindowOrgEx

user32

RegisterDeviceNotificationA
FindWindowA
BroadcastSystemMessageW
BeginPaint
UnhookWinEvent
IsCharLowerA
CreateMenu
DestroyIcon
GetMenuCheckMarkDimensions
GetUserObjectInformationW
TileChildWindows
GetKeyboardType
DlgDirListComboBoxW
GetWindowWord
DrawStateW
ChangeMenuA
DefWindowProcA
wvsprintfA
GetMenuStringA
GetMenuItemID
DeferWindowPos
IsZoomed
GetInputState
DispatchMessageW
CharLowerA
EnumDisplayMonitors
CascadeWindows
ShowWindow
EndDeferWindowPos
DdeDisconnectList
EndTask
CreateWindowExW
DlgDirListW
SetShellWindow
SendDlgItemMessageA
GetWindowModuleFileNameA
ActivateKeyboardLayout
SetMenuContextHelpId
ChangeClipboardChain
DlgDirListA
ReuseDDElParam
SetRectEmpty
SetParent
SetMessageQueue
InternalGetWindowText
IsWindowUnicode
SetMenuItemInfoW
GetWindowContextHelpId
GetUserObjectSecurity
GetSubMenu
IsDialogMessageA
GetMenuItemInfoA
GetKeyNameTextW
SetScrollPos
DefMDIChildProcA
SendMessageTimeoutA
UnregisterClassA
EndPaint
RegisterWindowMessageW
SetUserObjectInformationA
GetUpdateRect
DlgDirSelectComboBoxExW
GetFocus
LoadCursorFromFileW
GetClipboardOwner
DestroyWindow
UnhookWindowsHookEx
SendMessageA
OemToCharBuffW
GetWindowRect
IsCharAlphaA
EnumWindows
DdeConnectList
DdePostAdvise
RealChildWindowFromPoint
RegisterClassA
MessageBoxA
RegisterClassExA
VkKeyScanExA
PostQuitMessage
SetLastErrorEx
GetTabbedTextExtentA
GetClipCursor
BlockInput
EnumDesktopsA
TileWindows
SetProcessWindowStation
DdeFreeDataHandle
InsertMenuA
CreateDialogIndirectParamA
SendNotifyMessageW
CallMsgFilterA
GetMenu
LoadKeyboardLayoutA
DdeGetLastError
SetForegroundWindow
CreateAcceleratorTableW

wininet

InternetCombineUrlA
FindNextUrlCacheEntryW
GetUrlCacheGroupAttributeA
FtpOpenFileA
FtpSetCurrentDirectoryA
InternetGoOnline
CreateUrlCacheContainerA

comctl32

ImageList_Merge
ImageList_DrawEx
ImageList_DragLeave
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Add
ImageList_GetBkColor
ImageList_SetFlags
ImageList_SetIconSize
CreatePropertySheetPage
ImageList_GetImageCount
ImageList_Replace
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_LoadImageW
DrawInsert
CreateStatusWindow
ImageList_LoadImageA

kernel32

LeaveCriticalSection
LCMapStringA
GetSystemTimeAsFileTime
VirtualAlloc
TlsFree
DeleteCriticalSection
VirtualProtect
GetSystemTimeAdjustment
GetStdHandle
SetCurrentDirectoryW
HeapAlloc
FindResourceA
OpenMutexA
ExitProcess
GetACP
HeapSize
GetThreadContext
FreeEnvironmentStringsW
TlsSetValue
IsValidCodePage
GetSystemInfo
CloseHandle
GetLocaleInfoW
TlsAlloc
HeapDestroy
GetLocaleInfoA
EnumCalendarInfoA
SystemTimeToTzSpecificLocalTime
GetPrivateProfileIntA
FlushFileBuffers
LoadLibraryA
VirtualQuery
GetCurrentThread
HeapCreate
CreateNamedPipeA
MapViewOfFileEx
InterlockedExchange
GetOEMCP
GetTimeFormatA
GetSystemDefaultLangID
EnumSystemLocalesA
TlsGetValue
SetEnvironmentVariableA
lstrlenA
GetVersionExA
CompareStringA
QueryPerformanceCounter
GetProfileSectionW
InterlockedCompareExchange
WideCharToMultiByte
GetVersionExW
SetHandleCount
HeapReAlloc
GetFileType
GetLastError
SetLastError
GetModuleFileNameA
GetDateFormatA
GlobalGetAtomNameW
GetThreadPriorityBoost
WritePrivateProfileStringA
lstrcpynW
IsValidLocale
GetStringTypeA
GetEnvironmentStrings
SetStdHandle
LCMapStringW
GetFileAttributesExW
GetProcAddress
WriteFile
FreeEnvironmentStringsA
WritePrivateProfileStructW
GetTimeZoneInformation
GetCurrentProcess
GetCommandLineA
GetUserDefaultLCID
RtlUnwind
GetCPInfo
GetEnvironmentStringsW
GetStartupInfoA
ReadFile
MultiByteToWideChar
InitializeCriticalSection
VirtualFree
UnhandledExceptionFilter
HeapFree
GetModuleHandleA
CreateMutexA
CreateWaitableTimerW
GetNamedPipeInfo
GetCurrentThreadId
IsBadWritePtr
GetTickCount
GetCurrentProcessId
RemoveDirectoryA
SetFilePointer
GetStringTypeW
CompareStringW
EnterCriticalSection
TerminateProcess

Sections

.text
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeaf68799785fe46442112220657330d

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

wininet

comctl32

kernel32

Sections

.text Size: 218KB - Virtual size: 218KB

.rdata Size: 246KB - Virtual size: 245KB

.data Size: 117KB - Virtual size: 129KB

.rsrc Size: 30KB - Virtual size: 30KB

.text
Size: 218KB - Virtual size: 218KB

.rdata
Size: 246KB - Virtual size: 245KB

.data
Size: 117KB - Virtual size: 129KB

.rsrc
Size: 30KB - Virtual size: 30KB