e92c3590eed1d87430aad65d69f92e06_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e92c3590eed1d87430aad65d69f92e06_JaffaCakes118
Size

736KB
MD5

e92c3590eed1d87430aad65d69f92e06
SHA1

d4f6c18509ec35c93bf78addfa25147ed873f01f
SHA256

2700a756b519766aba3709b2cf94980ca747753bb67dbfe877fc67bb0eee2364
SHA512

837b42aaf77a46efb536ac838acd2c4a012bd7dad01c2b349596942ebfcd891fbeda0ee5b81550fe2904a0e6c32442398af5afb61b8d4e9668a7e86b87dcaf2c
SSDEEP

6144:Wy1wKrY0EeL9PmTZ9FBk1rd8vHH6bMkzn/umam2ZuMgV7T9:zhJpmNiB8vHSjim2gMw7T9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e92c3590eed1d87430aad65d69f92e06_JaffaCakes118

Files

e92c3590eed1d87430aad65d69f92e06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

78dbc9917e4d266ade4d74ab652688f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
Sleep
GetStdHandle
WriteFile
ExitProcess
HeapCreate
IsValidCodePage
GetOEMCP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
lstrcpyA
GetCurrentProcessId
lstrcpynA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
InterlockedExchange
CreateMutexA
CreateFileMappingA
MapViewOfFile
OpenFileMappingA
CloseHandle
UnmapViewOfFile
GetModuleHandleA
LoadLibraryExA
FreeLibrary
GetVersionExA
IsDBCSLeadByte
lstrcmpiA
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
MulDiv
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenW
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenA
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
VirtualQuery
RaiseException

user32

CallNextHookEx
GetWindowDC
GetSubMenu
LoadBitmapA
SetActiveWindow
OffsetRect
EnableMenuItem
ModifyMenuA
UpdateWindow
PostMessageA
SetMenuItemBitmaps
SetWindowRgn
UnhookWindowsHookEx
SetWindowsHookExA
FlashWindowEx
CharLowerA
LoadMenuA
LoadAcceleratorsA
PtInRect
MessageBeep
AppendMenuA
TrackPopupMenuEx
MonitorFromPoint
GetMonitorInfoA
GetMenuItemCount
DestroyMenu
CheckMenuItem
SetRect
DrawStateA
IsWindowVisible
IsWindowEnabled
DrawTextA
DrawEdge
GetActiveWindow
WindowFromPoint
GetMessagePos
FrameRect
GetSysColorBrush
GetCursorPos
InflateRect
GetKeyState
IsMenu
SetRectEmpty
LoadStringW
PostQuitMessage
LoadStringA
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
RemoveMenu
CreatePopupMenu
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
CreateAcceleratorTableA
IsWindow
GetDesktopWindow
GetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
DestroyWindow
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
MoveWindow
CharNextA
GetSysColor
RegisterWindowMessageA
CallWindowProcA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
DefWindowProcA
SetLayeredWindowAttributes
CreateWindowExA
RegisterClassExA
LoadCursorA
GetClassInfoExA
TranslateAcceleratorA
DialogBoxParamA
DestroyIcon
GetSystemMetrics
LoadImageA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
SendMessageA
SetFocus
GetWindowLongA
SetWindowLongA
EndDialog
GetWindowThreadProcessId
UnregisterClassA

gdi32

ExtCreateRegion
GetDIBits
CreateICA
SetBkMode
SetTextColor
CreateFontIndirectA
CreatePen
TextOutW
CreatePatternBrush
CreateBitmap
StretchBlt
SetStretchBltMode
Rectangle
LineTo
MoveToEx
SelectClipRgn
SetBkColor
ExtTextOutA
LPtoDP
GetMapMode
SetMapMode
DeleteObject
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
Polygon
SetWindowOrgEx
GetStockObject

advapi32

RegDeleteKeyA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

ole32

CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoTaskMemAlloc
OleLockRunning
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal

oleaut32

DispCallFunc
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SafeArrayCreate
SafeArrayAccessData
SafeArrayUnaccessData
SysFreeString
SysAllocString
SysAllocStringLen
VariantClear
VariantInit
SysStringLen

shlwapi

PathFileExistsA

comctl32

ImageList_LoadImageA
ImageList_Destroy
ImageList_Draw
_TrackMouseEvent
ord17
ImageList_GetImageCount
ImageList_GetIcon
ImageList_DrawEx
InitCommonControlsEx
ImageList_GetIconSize

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 532KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78dbc9917e4d266ade4d74ab652688f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 532KB - Virtual size: 528KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 532KB - Virtual size: 528KB