154f6e3ecac9a7397d728958e885fcc0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

154f6e3ecac9a7397d728958e885fcc0_JaffaCakes118
Size

716KB
MD5

154f6e3ecac9a7397d728958e885fcc0
SHA1

fb3434f3dcc2cb2b6c3dd09e99810187b683310c
SHA256

2935947978401338dc4ea72dd8d67b701dc35de5d1cf7258bd4e5444aee97b9b
SHA512

17438548922fd125edac0b96ab3841e1b77121c8f090a93dae33c1d359ce0deaf4154c7acc8ba8f3175a4709cc7f285398731daebd1fb6f96fb32ddfade3898b
SSDEEP

12288:9kaHbOM39b8VsYXJpF5dMeBugAUQzTWYnbJ+Q6czRjvL:aUb3RyZpF5KWudHTWY93R7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
154f6e3ecac9a7397d728958e885fcc0_JaffaCakes118

Files

154f6e3ecac9a7397d728958e885fcc0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0199d6db4671bbb77866c8ccf4008596

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\zpeeqexzg\pvzboemx\eejaofez\ojtywqaec\yow\dahiooee.pdb

Imports

comdlg32

GetOpenFileNameW
FindTextA

comctl32

InitCommonControlsEx
DestroyPropertySheetPage
ImageList_GetImageInfo
ImageList_AddIcon
ImageList_DragMove
ImageList_Duplicate
ImageList_Read
ImageList_GetImageCount
ImageList_Create
ImageList_GetImageRect
ImageList_EndDrag
ImageList_Replace

user32

MessageBeep
SetMenuItemBitmaps
MapWindowPoints
GetKBCodePage
DefWindowProcA
ClientToScreen
CopyAcceleratorTableW
MessageBoxA
ShowWindow
RegisterClassExA
RegisterClassA
WINNLSEnableIME
DdeNameService
LoadCursorW
MsgWaitForMultipleObjects
GetWindowTextLengthW
OemToCharA
ValidateRgn
OemToCharBuffA
DrawIcon
GetPropW
InSendMessage
DestroyWindow
CreateWindowExW

advapi32

CryptEncrypt
CryptAcquireContextW
RegEnumKeyExA
RegOpenKeyExA
RegFlushKey
RegEnumKeyA
RegQueryValueA
CryptHashData
CreateServiceA
RegSetValueExW
RegSetValueExA
CryptSignHashA
LookupSecurityDescriptorPartsA
RegConnectRegistryW
CryptImportKey
RegEnumValueW
CryptDestroyHash
CryptContextAddRef
RegSetValueW

kernel32

SetConsoleCtrlHandler
OpenMutexA
CreateMutexA
GetCommandLineA
SetWaitableTimer
IsValidLocale
ReleaseMutex
InterlockedExchange
lstrcatA
GetOEMCP
GetThreadTimes
EnumResourceLanguagesA
GetStartupInfoA
GetCPInfo
TryEnterCriticalSection
UnhandledExceptionFilter
WideCharToMultiByte
GetEnvironmentStringsW
SetEnvironmentVariableA
GetStartupInfoW
EnumSystemLocalesA
ExitThread
GetStdHandle
SetConsoleScreenBufferSize
TlsFree
SetLastError
WriteConsoleW
TlsAlloc
GetCurrentProcess
GetFileAttributesExA
CloseHandle
HeapSize
DeleteCriticalSection
ReadFile
TerminateProcess
SetHandleCount
ReadConsoleInputW
GetDiskFreeSpaceExW
VirtualQuery
GetConsoleScreenBufferInfo
IsValidCodePage
FreeLibrary
TlsGetValue
CreateFileA
HeapCreate
GetFileType
GetVersionExA
lstrlenW
GetProcessHeap
VirtualQueryEx
GetCurrentThread
GetSystemTimeAsFileTime
GetDiskFreeSpaceA
InterlockedIncrement
GetStringTypeW
MultiByteToWideChar
ReadConsoleW
GetPrivateProfileSectionA
LeaveCriticalSection
InterlockedDecrement
GetCurrentProcessId
FlushFileBuffers
SetUnhandledExceptionFilter
SetEnvironmentVariableW
QueryPerformanceCounter
GetEnvironmentStringsA
WriteConsoleOutputAttribute
RtlUnwind
lstrcmpiA
GetConsoleOutputCP
CopyFileExA
FreeEnvironmentStringsW
GetModuleHandleA
GetLogicalDrives
GetUserDefaultLCID
InitializeCriticalSectionAndSpinCount
SystemTimeToTzSpecificLocalTime
GetProcAddress
GetNamedPipeHandleStateW
GetModuleFileNameA
SetFilePointer
WritePrivateProfileStringA
VirtualFree
InitializeCriticalSection
SetVolumeLabelA
GetDateFormatA
SystemTimeToFileTime
EnterCriticalSection
GetTickCount
WriteFile
SetStdHandle
LoadModule
GetLastError
FreeEnvironmentStringsA
GetLocaleInfoA
CopyFileA
GetCurrencyFormatA
GetCompressedFileSizeA
WritePrivateProfileSectionA
Sleep
ExitProcess
HeapDestroy
CompareStringW
TlsSetValue
HeapReAlloc
HeapAlloc
GetTimeFormatA
GetConsoleCP
WriteConsoleA
GetEnvironmentStrings
GetCurrentThreadId
LocalReAlloc
HeapFree
GetConsoleMode
CreateDirectoryExA
GetTimeZoneInformation
ConvertDefaultLocale
GetLocaleInfoW
CompareStringA
IsDebuggerPresent
SetConsoleMode
LCMapStringA
LoadLibraryA
GetStringTypeA
GetACP
VirtualAlloc
LCMapStringW
DebugBreak

Sections

.text
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0199d6db4671bbb77866c8ccf4008596

Headers

File Characteristics

PDB Paths

Imports

comdlg32

comctl32

user32

advapi32

kernel32

Sections

.text Size: 96KB - Virtual size: 93KB

.rdata Size: 456KB - Virtual size: 455KB

.data Size: 140KB - Virtual size: 137KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 96KB - Virtual size: 93KB

.rdata
Size: 456KB - Virtual size: 455KB

.data
Size: 140KB - Virtual size: 137KB

.rsrc
Size: 20KB - Virtual size: 18KB