f5bbdce03b361f2177ab2fa4f21a18d5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f5bbdce03b361f2177ab2fa4f21a18d5_JaffaCakes118
Size

520KB
MD5

f5bbdce03b361f2177ab2fa4f21a18d5
SHA1

f0d93f86120b812d9650aa901059205684062f54
SHA256

5a652ebf598db6ef688920e2b319bcc4e43a95823f50d627b9089e9f78be085f
SHA512

a19f31e69847be3aa2d7c560ec752127351e00a085a8858d40be0d7232418ec5305c77000df7f2c023b1b843908dac0287cd60c092fd3709519b6e04b99767b0
SSDEEP

12288:YtVuvH6mSsqY21BivqGTEtAvhJmOixuNriK:Yt88YRPYAvh8Wi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5bbdce03b361f2177ab2fa4f21a18d5_JaffaCakes118

Files

f5bbdce03b361f2177ab2fa4f21a18d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27af0b62d1c58407b9755498f9b70e95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\aoqtoo\ooydwzw\cztmr\kxfk.pdb

Imports

comctl32

ImageList_BeginDrag
ImageList_DragEnter
DrawInsert
ImageList_DragMove
ImageList_LoadImageA
ImageList_GetFlags
ImageList_GetImageCount
CreateStatusWindowW
ImageList_DrawEx
ImageList_Duplicate
ImageList_Read
CreateUpDownControl
CreateToolbar
InitCommonControlsEx
ImageList_AddIcon
ImageList_GetDragImage
DestroyPropertySheetPage
ImageList_LoadImageW
ImageList_DragLeave
CreateStatusWindowA
ImageList_ReplaceIcon
ImageList_Write
ImageList_Destroy

kernel32

LCMapStringA
VirtualQueryEx
GetNamedPipeHandleStateA
GetModuleFileNameW
HeapDestroy
GetPriorityClass
ConvertDefaultLocale
DebugBreak
FreeEnvironmentStringsA
GetProcessHeaps
GetCPInfo
GetLastError
GetNumberFormatA
UnlockFile
QueryPerformanceCounter
VirtualQuery
TlsAlloc
TlsSetValue
ReadFile
GetSystemTimeAdjustment
GetCurrentThread
CompareStringA
IsDebuggerPresent
WriteConsoleOutputAttribute
SetConsoleWindowInfo
FindResourceExW
ReleaseSemaphore
LoadLibraryW
InterlockedIncrement
MoveFileExA
GetModuleFileNameA
TerminateProcess
GetStartupInfoA
OutputDebugStringA
GetStartupInfoW
OpenMutexA
GetAtomNameW
EnumCalendarInfoExA
GetAtomNameA
FreeEnvironmentStringsW
GetSystemDirectoryA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetLogicalDrives
TlsFree
OpenFileMappingA
VirtualFreeEx
CloseHandle
SetLocaleInfoW
GetCommandLineA
CreateFileA
GlobalDeleteAtom
HeapAlloc
CreateRemoteThread
ReadConsoleOutputAttribute
UnhandledExceptionFilter
GetProcAddress
DeleteCriticalSection
GetEnvironmentStringsW
SleepEx
WaitForSingleObjectEx
GetExitCodeThread
GetLocalTime
DeleteFileW
LoadLibraryA
VirtualAlloc
HeapReAlloc
LocalUnlock
VirtualFree
GetCurrentProcessId
MultiByteToWideChar
GetCommandLineW
ExitProcess
GetStringTypeW
GetSystemTime
InterlockedDecrement
lstrcpyn
FreeLibraryAndExitThread
CreateFileW
GetStringTypeA
InitializeCriticalSection
TlsGetValue
SetEnvironmentVariableA
GetTickCount
SetFileAttributesW
WriteFile
InterlockedExchange
CompareStringW
WideCharToMultiByte
GetFullPathNameA
HeapFree
FindNextChangeNotification
EnumTimeFormatsW
CreateProcessW
GetTimeZoneInformation
RtlMoveMemory
GetModuleHandleA
GetPrivateProfileSectionW
SetStdHandle
SetHandleCount
SetVolumeLabelW
IsBadWritePtr
GetDiskFreeSpaceW
SetFilePointer
FlushInstructionCache
GetCurrentProcess
RtlUnwind
FlushFileBuffers
CreateWaitableTimerA
GetShortPathNameA
SystemTimeToFileTime
SetLastError
LockFile
FindAtomA
GetPrivateProfileIntA
GetCompressedFileSizeW
HeapCreate
LocalAlloc
GetCurrentThreadId
CreateMailslotA
AddAtomA
EnumResourceLanguagesA
GetEnvironmentStrings
CreateEventW
WritePrivateProfileStringW
GetFileAttributesExA
GetFileAttributesExW
GetStdHandle
SetWaitableTimer
WaitForSingleObject
GetVersion
LCMapStringW
EnterCriticalSection
GetTempFileNameA
GetFileType
CreateMutexA
SetThreadLocale
WaitForMultipleObjectsEx

user32

InvalidateRgn
TrackPopupMenu
FindWindowA
GetKeyNameTextA
RemovePropA
CreateWindowExW
GetMenuItemCount
LoadAcceleratorsA
IsDialogMessageA
ValidateRect
SetThreadDesktop
DialogBoxParamA
OpenIcon
TranslateAcceleratorW
SetWindowsHookW
CountClipboardFormats
AppendMenuA
BeginPaint
OpenClipboard
GetAltTabInfo
ExcludeUpdateRgn
TabbedTextOutA
DdeAbandonTransaction
RegisterClassExA
GetMessageExtraInfo
MapVirtualKeyA
CharLowerBuffW
MapVirtualKeyExW
SetUserObjectInformationA
EnumDisplayMonitors
DrawStateW
PeekMessageW
SendNotifyMessageA
GetQueueStatus
SendMessageA
CharNextW
OemToCharBuffW
GetProcessDefaultLayout
DrawIcon
EnumDisplaySettingsExA
InSendMessage
GetSubMenu
SetCursorPos
GetClipCursor
DdeDisconnect
SendDlgItemMessageW
ChildWindowFromPoint
SetClassWord
DdeConnect
CharNextA
EnumWindowStationsW
FindWindowExA
RegisterClassA
DialogBoxIndirectParamW
TranslateMDISysAccel
RedrawWindow
DdeClientTransaction
GetWindowRect
FrameRect
IsCharLowerW
WaitForInputIdle
IsCharAlphaNumericA
ChildWindowFromPointEx
SetDlgItemTextW
DlgDirListComboBoxW
CreateWindowExA
GetCursor
TileWindows
TrackMouseEvent
DdePostAdvise
DdeNameService
RegisterClassExW
SetProcessDefaultLayout
CopyImage
DrawMenuBar
GetComboBoxInfo
CheckDlgButton
GetPriorityClipboardFormat
DdeConnectList
DrawIconEx
GetWindowTextW
GetCursorPos
UnregisterClassA
CreateDesktopW
SetLastErrorEx
IsCharLowerA
SetParent
SetMenuItemBitmaps
AdjustWindowRect
GetShellWindow
PtInRect
CharToOemBuffA
MonitorFromRect
NotifyWinEvent
AdjustWindowRectEx
SetRectEmpty
GetDC
LoadImageW
SetShellWindow

Sections

.text
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27af0b62d1c58407b9755498f9b70e95

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

Sections

.text Size: 140KB - Virtual size: 137KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 108KB - Virtual size: 113KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 140KB - Virtual size: 137KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 108KB - Virtual size: 113KB

.rsrc
Size: 12KB - Virtual size: 10KB