1621924047b7dd52c7e2af3a59b42652_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1621924047b7dd52c7e2af3a59b42652_JaffaCakes118
Size

332KB
MD5

1621924047b7dd52c7e2af3a59b42652
SHA1

73ff2eafb0083d9fa9c095e5ceec0d3f34ef4ca9
SHA256

7815a83dec0708952556f0f2a516744a2d5ce671372a0757fe66232436d0cc87
SHA512

c482da626e8252be7b91ce1fc72b7842df836befd22d82fe6808162a83cdb22c06715d2c6671a7a6716ace18b2093499315100713270b33ea3a6e0fc9a841f33
SSDEEP

6144:gcooWNpn59tY8PmTkE3iSHo8vKYJoKRhezZuydnSIGk+Ifn:gcInNYrTkE39vKYJKzZjNSRk+If

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1621924047b7dd52c7e2af3a59b42652_JaffaCakes118

Files

1621924047b7dd52c7e2af3a59b42652_JaffaCakes118
.exe windows:4 windows x86 arch:x86

756257f29ce4c44e7832336f92491812

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\jsejm\weeepwjpt\nrvtg\ihzkleb\ue

Imports

shell32

DragQueryPoint
ShellAboutW
RealShellExecuteW

comdlg32

GetOpenFileNameW
PrintDlgA
PageSetupDlgA
ReplaceTextA

user32

VkKeyScanW
CreatePopupMenu
GetProcessWindowStation
CreateDialogParamW
GetScrollBarInfo
GetWindow
WaitForInputIdle
DefWindowProcW
GetTopWindow
DestroyWindow
ShowScrollBar
MsgWaitForMultipleObjects
EnumThreadWindows
InvalidateRgn
DrawStateA
GetShellWindow
SetCursorPos
PostThreadMessageW
GetOpenClipboardWindow
SetMenuDefaultItem
LoadIconA
GetMessagePos
IsWindowUnicode
RegisterClassExA
SetMessageQueue
SetMenuItemBitmaps
CallMsgFilter
MessageBoxW
CheckMenuItem
AdjustWindowRectEx
ScreenToClient
SetDebugErrorLevel
CharPrevExA
GetMessageExtraInfo
CharNextA
OpenIcon
GetComboBoxInfo
DrawTextA
ToUnicodeEx
MessageBoxA
wsprintfW
HideCaret
GetListBoxInfo
InvertRect
MonitorFromRect
IsCharLowerA
DrawIconEx
SetScrollPos
DdePostAdvise
DrawCaption
DdeGetData
WINNLSGetEnableStatus
CreateWindowExA
CharLowerW
CheckDlgButton
RegisterWindowMessageA
DrawTextExW
CharPrevW
GetMenu
IntersectRect
GetClientRect
ReuseDDElParam
DdeDisconnect
ShowWindow
ValidateRect
UpdateWindow
SetUserObjectSecurity
SetWinEventHook
GetMenuStringW
SetWindowPos
GetWindowThreadProcessId
CreateAcceleratorTableW
LookupIconIdFromDirectoryEx
SetWindowLongW
RegisterClassA

comctl32

ImageList_EndDrag
InitMUILanguage
ImageList_Create
ImageList_SetOverlayImage
ImageList_DragLeave
InitCommonControlsEx
DrawStatusTextA

kernel32

GetEnvironmentStrings
GetFileTime
TlsAlloc
UnhandledExceptionFilter
InterlockedExchange
HeapCreate
GetACP
HeapSize
LoadLibraryA
WideCharToMultiByte
GetPrivateProfileStructA
GetTickCount
GetCurrentThreadId
GetVersionExA
GetProfileSectionW
GetOEMCP
SetHandleCount
WritePrivateProfileStringW
GetLocaleInfoA
OpenMutexA
GetStringTypeW
SetLastError
lstrcpyn
GetSystemTimeAsFileTime
TerminateProcess
VirtualProtect
FreeEnvironmentStringsW
VirtualFree
EnterCriticalSection
GetCurrentThread
SetLocalTime
GetCurrentProcessId
GetVersion
LCMapStringA
WriteFile
GetModuleFileNameA
GetLocaleInfoW
GetEnvironmentStringsW
ExitProcess
GetTimeFormatA
GetLastError
SetComputerNameW
GetCPInfo
EnumCalendarInfoW
LoadLibraryExW
IsBadWritePtr
SetStdHandle
GetCurrentProcess
GetProcAddress
lstrcpyA
EnumSystemLocalesA
GetSystemInfo
SetFilePointer
GetCommandLineA
IsValidLocale
HeapAlloc
CreateFileW
InitializeCriticalSection
ReadFileEx
GetTimeZoneInformation
GetUserDefaultLCID
CompareStringA
TlsGetValue
CloseHandle
FreeEnvironmentStringsA
CompareStringW
IsValidCodePage
GetFileType
VirtualQuery
GetModuleHandleA
LeaveCriticalSection
GetTimeFormatW
SetLocaleInfoW
WritePrivateProfileStringA
ReadFile
GetProfileStringA
GetCommandLineW
VirtualAlloc
LCMapStringW
GetStringTypeA
HeapDestroy
QueryPerformanceCounter
TlsFree
HeapFree
GetStdHandle
TlsSetValue
RtlUnwind
CreateMutexW
CreateMutexA
GetDateFormatA
HeapReAlloc
WaitForSingleObject
SetThreadIdealProcessor
WriteConsoleOutputA
GetStartupInfoA
DeleteCriticalSection
MultiByteToWideChar
SetEnvironmentVariableA
CreateEventW
FlushFileBuffers
CreateProcessW

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

756257f29ce4c44e7832336f92491812

Headers

File Characteristics

PDB Paths

Imports

shell32

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 92KB - Virtual size: 121KB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 92KB - Virtual size: 121KB

.rsrc
Size: 20KB - Virtual size: 17KB