e09b91fb5378552c948feabb63ad7688_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e09b91fb5378552c948feabb63ad7688_JaffaCakes118
Size

596KB
MD5

e09b91fb5378552c948feabb63ad7688
SHA1

7aa69c461ee3214a06f293bbe90ab5bd2694573c
SHA256

4cf50b970f0a5d58dca92a1ae84f7b9fe45c7c4f68e92db16932b8e740bea150
SHA512

1af50c0ac856d9a168677743dce5a6982eea05ea8bf92b4cbe059a220ee22412c9be03cc80117dca0814ae7c86a96e9bc19f1a508eac59001aa3fa79a267dd38
SSDEEP

12288:/yOXFitDMFakjb5cR8TdDT3cUm0sp/q/5PYhuE/mju1:BXQwFakjbSOdDT59sdK5eugmjw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e09b91fb5378552c948feabb63ad7688_JaffaCakes118

Files

e09b91fb5378552c948feabb63ad7688_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0286d4e3c8072c67e4340b02acbebd5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\OCEBCNEEXF\DJFEEKAO\IPAEPTP.PDB

Imports

comctl32

ImageList_Add
InitCommonControlsEx

gdi32

GdiGetBatchLimit
GdiSetBatchLimit
GetKerningPairsA
ChoosePixelFormat
SetStretchBltMode
GetObjectW
GetKerningPairsW
DeleteObject
GetDeviceCaps
SetWindowOrgEx
PolylineTo
CreateFontIndirectA
SetBkMode
GetViewportOrgEx
SaveDC
SetTextAlign
DeleteDC
CreateDCA
CreateColorSpaceA
GetTextColor
ResetDCW
PtInRegion

kernel32

Sleep
GetModuleFileNameA
GetLocaleInfoW
HeapSize
RtlUnwind
SetFilePointer
GetTimeFormatA
CreateToolhelp32Snapshot
GetStartupInfoW
GetFileType
WriteConsoleA
TlsSetValue
GetLastError
GetModuleHandleA
UnhandledExceptionFilter
WideCharToMultiByte
GetCurrentThreadId
LoadLibraryA
TlsGetValue
LCMapStringA
TlsFree
CompareStringW
FreeLibrary
ResumeThread
FlushInstructionCache
WriteFile
EnumSystemLocalesA
FindNextChangeNotification
GetDiskFreeSpaceW
GetCPInfo
GetProcessHeap
CompareStringA
LocalCompact
GetStringTypeW
GetCurrentProcess
HeapDestroy
GetConsoleMode
GetVersionExA
VirtualFree
GetOEMCP
ReadConsoleOutputAttribute
GetCommandLineA
GetCurrentDirectoryW
CreateMutexA
DeleteCriticalSection
ExpandEnvironmentStringsA
GetEnvironmentStringsW
InitializeCriticalSection
GetTimeZoneInformation
SetLocaleInfoA
RaiseException
GetTempFileNameA
SetLastError
GetPrivateProfileStringW
SetConsoleCtrlHandler
EnterCriticalSection
IsValidCodePage
IsValidLocale
CreateNamedPipeW
InterlockedDecrement
VirtualQuery
InterlockedIncrement
MultiByteToWideChar
InterlockedExchange
LeaveCriticalSection
SetHandleCount
FlushFileBuffers
lstrcatW
GetConsoleOutputCP
GetUserDefaultLCID
GetSystemTimeAsFileTime
DebugBreak
TlsAlloc
HeapFree
FreeEnvironmentStringsW
VirtualAlloc
SetUnhandledExceptionFilter
GetCurrentThread
CloseHandle
HeapReAlloc
GetStdHandle
FreeEnvironmentStringsA
GetModuleFileNameW
LCMapStringW
GetProcAddress
GetStringTypeA
GetEnvironmentStrings
WaitForSingleObjectEx
WriteConsoleW
CreateFileA
GetConsoleCP
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentProcessId
GetDateFormatA
CompareFileTime
HeapCreate
GetTickCount
GetStartupInfoA
OpenMutexA
HeapAlloc
SetStdHandle
GetCommandLineW
ReadFile
GlobalFindAtomA
TerminateProcess
IsDebuggerPresent
SetEnvironmentVariableA
GetACP
ExitProcess
HeapLock
SetCurrentDirectoryA

shell32

FreeIconList
RealShellExecuteExW
ExtractIconW
SHGetPathFromIDList
RealShellExecuteExA

comdlg32

ReplaceTextA
PageSetupDlgW
ChooseFontW
PrintDlgW

user32

DefWindowProcW
CreateDesktopW
IsDialogMessage
SetKeyboardState
GetMenuState
SetThreadDesktop
ToAsciiEx
InvertRect
SetWindowLongA
GetTopWindow
FindWindowExA
SetProcessWindowStation
SetWindowTextW
SetPropW
IsCharAlphaA
DlgDirSelectExW
SetDlgItemTextA
ExcludeUpdateRgn
wsprintfW
UnhookWinEvent
CharToOemBuffW
DestroyWindow
ShowWindow
CreateWindowExW
RegisterClassExA
GetListBoxInfo
MessageBoxW
ScrollWindowEx
DrawFrame
CallWindowProcA
SendIMEMessageExW
GetNextDlgGroupItem
RegisterClassA

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0286d4e3c8072c67e4340b02acbebd5d

Headers

File Characteristics

PDB Paths

Imports

comctl32

gdi32

kernel32

shell32

comdlg32

user32

Sections

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 120KB - Virtual size: 135KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 120KB - Virtual size: 135KB

.rsrc
Size: 32KB - Virtual size: 29KB