f033dbe1047f5bb54f236f1e9f2c18ed_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f033dbe1047f5bb54f236f1e9f2c18ed_JaffaCakes118
Size

1.0MB
MD5

f033dbe1047f5bb54f236f1e9f2c18ed
SHA1

ecb559ae5104504ecb2e89f3eba424aa5aead84a
SHA256

3e892f4f5969a24099936367a6feacaed08d41bc25659bfa68290bab7ceefd09
SHA512

fcd1c2712c57bfadf8448038f00331d40b60e4bdd0e20204d14050bb24f5437b22cb4e79bd0c86da47e440a3cc10e2fe4349f57a294bdc65846da5e4e4346914
SSDEEP

24576:LKG+6WC0IBOw0DW/yvZnTQYuGJWcMMMMMMcuR:uovBOrRnTQYZMMMMMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f033dbe1047f5bb54f236f1e9f2c18ed_JaffaCakes118

Files

f033dbe1047f5bb54f236f1e9f2c18ed_JaffaCakes118
.exe windows:5 windows x86 arch:x86

928f8b6a5c6c6b935f97fdbacd39dcc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\WinRAR\build\winrar32\Release\WinRAR.pdb

Imports

comctl32

ord17
ord8
ord6
ImageList_ReplaceIcon
ImageList_Create
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Add
PropertySheetA

kernel32

CreateFileA
ReadFile
GetStdHandle
WriteFile
GetDiskFreeSpaceA
GetFileAttributesW
SetFileAttributesW
GetFullPathNameA
GetFullPathNameW
MoveFileW
DeleteFileW
RemoveDirectoryA
RemoveDirectoryW
DeviceIoControl
CreateDirectoryA
CreateDirectoryW
ExpandEnvironmentStringsW
FindNextFileW
FindFirstFileW
MultiByteToWideChar
CompareFileTime
FindCloseChangeNotification
lstrcmpiA
FindFirstChangeNotificationA
SetCurrentDirectoryW
GetLocaleInfoA
GetNumberFormatA
CreateThread
ExitThread
GetProcessAffinityMask
SetEvent
ResetEvent
WaitForMultipleObjects
CreateEventA
GetCompressedFileSizeA
FindResourceA
SizeofResource
LoadResource
LoadLibraryExA
UpdateResourceA
EnumResourceLanguagesA
EndUpdateResourceA
EnumResourceNamesA
BeginUpdateResourceA
CompareStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
SetCurrentDirectoryA
CompareStringW
IsDBCSLeadByte
GetCPInfo
GlobalMemoryStatus
GetLogicalDrives
lstrlenA
ResumeThread
SuspendThread
GetSystemTimeAsFileTime
GetCurrentThreadId
GetFileType
GetThreadPriority
GetPriorityClass
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
SetErrorMode
GetCommandLineW
GetCurrentProcessId
MulDiv
GetProfileStringA
FindNextChangeNotification
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetVersion
HeapSize
SetHandleCount
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
GetStartupInfoA
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
RaiseException
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
GetFileTime
SetFilePointer
FlushFileBuffers
SetEndOfFile
SetFileTime
BackupSeek
BackupRead
CreateFileW
GetCurrentProcess
SetLastError
FormatMessageA
LocalFree
WideCharToMultiByte
GetLogicalDriveStringsA
CreateMutexA
ReleaseMutex
GetLastError
GlobalSize
GetProcessHeap
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpyA
GlobalFree
GetModuleHandleA
GetVersionExA
GetTickCount
GetSystemTime
SystemTimeToFileTime
CreateFileMappingA
WaitForSingleObject
OpenFileMappingA
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetCurrentDirectoryW
GetModuleFileNameA
FindNextFileA
MoveFileA
LoadLibraryA
GetProcAddress
FreeLibrary
LocalFileTimeToFileTime
CopyFileA
Sleep
GetTempPathA
ExpandEnvironmentStringsA
GetDriveTypeA
FileTimeToDosDateTime
SetFileAttributesA
DeleteFileA
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTimeFormatA
GetDateFormatA
FindClose
DosDateTimeToFileTime
GetFileAttributesA
GetCurrentDirectoryA
GetLocalTime

user32

CreateDialogParamA
PostThreadMessageA
CharToOemBuffA
IsChild
GetLastActivePopup
GetClipboardData
GetMenuItemID
PostQuitMessage
InsertMenuA
LoadMenuA
RegisterClassA
LoadAcceleratorsA
FindWindowA
GetMenuState
SetDlgItemTextW
TranslateAcceleratorA
IsDialogMessageA
SetPropA
RegisterWindowMessageA
SetMenu
EnumWindows
FindWindowExA
CreateIcon
SetWindowTextW
GetWindowTextW
FlashWindow
CharUpperW
ValidateRect
GetSysColor
CopyImage
FillRect
ExitWindowsEx
RedrawWindow
DrawIconEx
LoadStringA
GetWindow
SetScrollPos
IsCharUpperW
IsCharAlphaW
CharLowerW
IsCharUpperA
IsCharAlphaA
CharLowerA
OpenClipboard
EmptyClipboard
SetClipboardData
CharToOemA
CloseClipboard
MessageBeep
PeekMessageA
GetFocus
SetForegroundWindow
CopyIcon
EnableMenuItem
MoveWindow
CheckMenuItem
LoadBitmapA
LoadImageA
MapWindowPoints
SetTimer
KillTimer
UpdateWindow
CharUpperA
GetClientRect
BeginPaint
EndPaint
SetWindowTextA
IsWindow
GetWindowTextLengthA
AppendMenuA
AppendMenuW
DrawMenuBar
GetMenu
GetSubMenu
DeleteMenu
ScrollWindowEx
LoadIconA
SetScrollRange
GetDialogBaseUnits
PtInRect
SendMessageW
CreateDialogIndirectParamA
GetPropA
RemovePropA
GetSystemMenu
BringWindowToTop
SetWindowPlacement
GetMessageA
TranslateMessage
DispatchMessageA
GetIconInfo
SetMenuItemInfoA
CreateIconIndirect
SendMessageA
SetFocus
SetWindowPos
CreateWindowExA
DestroyWindow
GetWindowTextA
GetMenuItemCount
GetMenuItemInfoA
ScreenToClient
ClientToScreen
CreatePopupMenu
SetWindowLongA
TrackPopupMenu
DestroyMenu
CallWindowProcA
RegisterClipboardFormatA
GetKeyState
LoadCursorA
SetCursor
WindowFromPoint
GetWindowThreadProcessId
InvalidateRect
GetDC
ReleaseDC
GetDesktopWindow
GetCursorPos
GetWindowLongA
ShowWindow
EnableWindow
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
IsWindowEnabled
SetDlgItemInt
GetDlgItemInt
IsDlgButtonChecked
PostMessageA
EnumChildWindows
GetDlgItem
GetWindowRect
GetClassNameA
GetParent
CheckDlgButton
MessageBoxA
IsWindowVisible
OemToCharBuffA
DialogBoxParamA
SendDlgItemMessageA
DestroyIcon
GetDlgItemTextA
SetDlgItemTextA
EndDialog
OemToCharA
DefWindowProcA
InsertMenuItemA

gdi32

GetDeviceCaps
LineTo
MoveToEx
DPtoLP
SetPixel
CreatePatternBrush
GetTextExtentPoint32A
GetMapMode
SetMapMode
CreateCompatibleBitmap
Rectangle
StretchBlt
SetBkColor
BitBlt
GetObjectA
CreateCompatibleDC
GetPixel
DeleteDC
ExtTextOutA
TextOutA
CreatePen
CreateSolidBrush
SetTextColor
Polygon
Polyline
SelectObject
GetTextFaceA
GetTextMetricsA
CreateFontA
CreateBitmap
DeleteObject

comdlg32

GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA

advapi32

LookupPrivilegeValueA
OpenProcessToken
SetFileSecurityA
SetFileSecurityW
GetSecurityDescriptorLength
GetFileSecurityA
GetFileSecurityW
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
AdjustTokenPrivileges

shell32

DragFinish
DragQueryFileA
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconA
ShellExecuteA
ExtractIconExA
SHFileOperationA
ShellExecuteExA
SHGetMalloc
SHBrowseForFolderA
SHChangeNotify
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA
FindExecutableA

ole32

OleInitialize
CoCreateInstance
OleSetClipboard
DoDragDrop
OleUninitialize

Sections

.text
Size: 703KB - Virtual size: 702KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

928f8b6a5c6c6b935f97fdbacd39dcc2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 703KB - Virtual size: 702KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 13KB - Virtual size: 274KB

.rsrc Size: 200KB - Virtual size: 199KB

.reloc Size: 74KB - Virtual size: 148KB

.text
Size: 703KB - Virtual size: 702KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 13KB - Virtual size: 274KB

.rsrc
Size: 200KB - Virtual size: 199KB

.reloc
Size: 74KB - Virtual size: 148KB