e7f3495f0d5b6274d96431a1763eda8f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e7f3495f0d5b6274d96431a1763eda8f_JaffaCakes118
Size

3.8MB
MD5

e7f3495f0d5b6274d96431a1763eda8f
SHA1

f1a4aa6d5f5541b9e66912ac61c51fbfe2f45519
SHA256

90eed810b825e485e65f1522a18d6cf34409819723a03969a3eaf2339d38a241
SHA512

020453a51cc107894da1e8962aa4b22d45aaf66aa5e982875ff799ee54d397b5ae15d2ab4b80b61a58e49c9756804319cdfffb28d4d87dc065fd551e14d29baf
SSDEEP

98304:UQ9m70c5aYWzPCoAeSInRkJZwsW9Uasj+k:UWmYc5zW2eSInRknPaQ+k

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/vk/vkeditor.exe
unpack001/vk/vkeditor_demo.exe

Files

e7f3495f0d5b6274d96431a1763eda8f_JaffaCakes118
.rar
vk/ReadMe.txt
vk/vkeditor.exe
.exe windows:5 windows x86 arch:x86

a23895a5467dfb327260a1a739477834

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

user32

GetDC

gdi32

Arc

shell32

SHGetMalloc

winmm

PlaySoundA

ole32

DoDragDrop

ws2_32

accept

Sections

.MPRESS1
Size: 761KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
vk/vkeditor_demo.exe
.exe windows:5 windows x86 arch:x86

dff258db4a872f1b40491f6a19d6b139

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetUserNameA

user32

PeekMessageW
MessageBoxA
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
CloseClipboard
GetActiveWindow
GetSystemMetrics
GetDoubleClickTime
GetSysColor
SystemParametersInfoA
SetClipboardData
OpenClipboard
RegisterClipboardFormatA
GetClipboardFormatNameA
CreateIconIndirect
LoadImageA
LoadIconA
GetIconInfo
FlashWindowEx
SendMessageA
SetWindowTextW
SetWindowTextA
DestroyIcon
IsIconic
IsZoomed
BeginPaint
EndPaint
DefWindowProcW
MessageBeep
GetWindowPlacement
AdjustWindowRect
GetKeyboardLayout
GetKeyState
PostMessageA
LoadCursorA
RegisterClassW
CreateWindowExW
MoveWindow
GetDC
GetUpdateRgn
HideCaret
ValidateRect
ScrollWindow
AdjustWindowRectEx
SetWindowPos
GetWindowRect
GetClientRect
ClientToScreen
CreateCaret
SetCaretPos
ShowCaret
MsgWaitForMultipleObjects
UnregisterHotKey
RegisterClassA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
PostQuitMessage
InvalidateRect
ReleaseCapture
SetCursor
DestroyCursor
GetCursorPos
ReleaseDC
GetCapture
SetCapture
GetFocus
SetFocus
GetForegroundWindow
GetParent
SetForegroundWindow
GetWindowLongA
SetWindowLongA
UpdateWindow
ShowWindow
DestroyCaret
GetWindow
SetTimer
PostThreadMessageA
DefWindowProcA
DestroyWindow
PeekMessageA
IsWindowUnicode

gdi32

ExtTextOutW
GetClipRgn
ExtSelectClipRgn
GetROP2
GetCurrentObject
GetBkColor
GetTextColor
SetROP2
Polyline
PolyPolyline
MoveToEx
LineTo
RectVisible
Ellipse
Arc
Polygon
PolyPolygon
CreatePatternBrush
SetTextColor
SetBkColor
PatBlt
CreateRectRgnIndirect
CreatePen
GetStockObject
GetNearestColor
CreateFontA
CreateICA
SetBkMode
GetViewportOrgEx
GetDeviceCaps
LPtoDP
CreatePalette
SetMapMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StretchDIBits
CreateSolidBrush
CreateDIBitmap
GetObjectA
GetDIBits
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
SetDIBitsToDevice
CreateBitmap
BitBlt
SelectObject
DeleteDC
SelectPalette
RealizePalette
CreateRectRgn
SelectClipRgn
DeleteObject
GdiFlush
GetCharABCWidthsA
GetTextMetricsA
GetCharWidthW
GetCharABCWidthsW
EnumFontFamiliesA
SetTextAlign
CreateDCA

kernel32

HeapCreate
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapSize
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemTimeAsFileTime
GetModuleFileNameW
GetFileType
WriteConsoleW
HeapAlloc
HeapFree
RaiseException
ExitProcess
GetModuleHandleW
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
EncodePointer
DecodePointer
GetLocaleInfoW
ReadFile
SetEndOfFile
GetCurrentProcess
GlobalMemoryStatus
GetUserDefaultLCID
FindFirstFileA
FindNextFileA
FindClose
VirtualAlloc
VirtualFree
OutputDebugStringA
DeleteFileA
MoveFileA
SetFilePointer
GetVersionExA
FreeLibrary
CreateEventA
SetEvent
CreateSemaphoreA
ReleaseSemaphore
SetUnhandledExceptionFilter
GetLocalTime
IsBadReadPtr
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
CreateFileA
GetFileSize
GetStdHandle
WriteFile
CloseHandle
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
InterlockedIncrement
GetTickCount
Sleep
CreateThread
GlobalFree
CreateFileW
GetProcessHeap
SetStdHandle
SetEnvironmentVariableA
CompareStringW
IsValidLocale
EnumSystemLocalesA
GetStringTypeW
VirtualQuery
FlushFileBuffers
LCMapStringW
HeapReAlloc
GetConsoleMode
GetConsoleCP
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
LoadLibraryW
InterlockedExchange
IsProcessorFeaturePresent
GetCurrentProcessId
GlobalUnlock
GlobalLock
DeleteCriticalSection
InitializeCriticalSection
GlobalSize
GlobalAlloc
GetModuleHandleA
GetLocaleInfoA
WaitForSingleObject
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetVersion
GetLastError
QueryPerformanceCounter

shell32

ShellExecuteA

winmm

PlaySoundA

ole32

CoCreateGuid
DoDragDrop
CoTaskMemFree
ReleaseStgMedium
OleUninitialize
OleInitialize
RevokeDragDrop
RegisterDragDrop

ws2_32

accept
ntohl
send
recv
closesocket
gethostbyname
connect
htons
htonl
bind
WSAGetLastError
select
WSAStartup
setsockopt
ioctlsocket
socket

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 528KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a23895a5467dfb327260a1a739477834

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

winmm

ole32

ws2_32

Sections

.MPRESS1 Size: 761KB - Virtual size: 2.4MB

.MPRESS2 Size: 20KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 4KB

dff258db4a872f1b40491f6a19d6b139

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

gdi32

kernel32

shell32

winmm

ole32

ws2_32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 528KB - Virtual size: 528KB

.data Size: 116KB - Virtual size: 292KB

.tls Size: 17KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 245KB - Virtual size: 244KB

.MPRESS1
Size: 761KB - Virtual size: 2.4MB

.MPRESS2
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 528KB - Virtual size: 528KB

.data
Size: 116KB - Virtual size: 292KB

.tls
Size: 17KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 245KB - Virtual size: 244KB