f192624e25824385f21a66e1f7924c86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f192624e25824385f21a66e1f7924c86_JaffaCakes118
Size

232KB
MD5

f192624e25824385f21a66e1f7924c86
SHA1

d12a035941dc2fe17ab34aee206d2c86d0edb0f8
SHA256

e16363aacfe1210fd97402b2f0e08ba248a31d2eed0b9fb7791e551e68935ac3
SHA512

043b759f483edcf1690168ccf4c3e9886acf1e73382ce0c2cacc66adb6ef49b86711e732a01db6bd9b1a17f7cc8a61b245581379816ff69a78c1cbe095dc66a3
SSDEEP

6144:0FU7/orQ+ucZRCtkOS/KNxyqIXTjFubt7:81ucTCPSiNxSW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f192624e25824385f21a66e1f7924c86_JaffaCakes118

Files

f192624e25824385f21a66e1f7924c86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e008e0d8d2645e13f1c7b9e03886044

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CopyFileA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
DeviceIoControl
DisableThreadLibraryCalls
EnterCriticalSection
EnumCalendarInfoA
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FindResourceW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetCurrentThread
GetDateFormatA
GetDriveTypeA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetSystemDefaultLCID
GetSystemTime
GetTempFileNameA
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExA
GlobalFindAtomA
GlobalLock
HeapReAlloc
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
IsDBCSLeadByte
LCMapStringW
LoadResource
LocalFileTimeToFileTime
LocalFree
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
SetEndOfFile
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
SetStdHandle
SetThreadLocale
SetUnhandledExceptionFilter
SizeofResource
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WriteFile
lstrcmpA
lstrcmpiA

user32

CallWindowProcA
CheckMenuItem
CreateMenu
DefWindowProcA
DeleteMenu
DestroyIcon
DestroyMenu
DestroyWindow
DrawFrameControl
DrawIcon
EnableMenuItem
EndPaint
FindWindowA
GetKeyState
GetMessagePos
GetScrollPos
GetSysColorBrush
GetWindowDC
GetWindowThreadProcessId
InsertMenuItemA
InvalidateRect
IsChild
IsRectEmpty
IsWindow
IsWindowEnabled
LoadCursorA
MapWindowPoints
OemToCharA
PostMessageA
PtInRect
ScrollWindow
SetActiveWindow
SetClipboardData
SetScrollInfo
SetScrollPos
SetTimer
SetWindowLongA
ShowWindow
TrackPopupMenu
UnregisterClassA
UpdateWindow

gdi32

Arc
BeginPath
CombineRgn
CreateBrushIndirect
CreateDCW
CreateFontIndirectW
CreateFontW
CreatePalette
CreateRectRgn
CreateSolidBrush
EnumFontFamiliesExA
ExcludeClipRect
GetBrushOrgEx
GetCharWidthA
GetCharWidthW
GetClipRgn
GetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
GetObjectA
GetTextCharsetInfo
GetTextExtentPoint32A
LineDDA
OffsetClipRgn
OffsetWindowOrgEx
Polyline
PolylineTo
RestoreDC
SelectClipRgn
SelectObject
SetColorAdjustment
SetPolyFillMode
StartDocW
StretchBlt
StretchDIBits
TranslateCharsetInfo

shell32

DragQueryFile
DragQueryFileW
DragQueryPoint
ExtractIconA
ExtractIconExA
ExtractIconW
SHAppBarMessage
SHBindToParent
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFolderLocation
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
ShellExecuteEx
Shell_NotifyIconA
Shell_NotifyIconW

comctl32

CreatePropertySheetPageA
CreateStatusWindowA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Read
ImageList_Replace
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
InitCommonControls
InitCommonControlsEx
InitializeFlatSB
PropertySheetW

advapi32

CryptCreateHash
CryptGenRandom
CryptReleaseContext
FreeSid
InitializeAcl
InitiateSystemShutdownA
IsValidSid
OpenSCManagerW
RegEnumKeyExA
RegFlushKey
RegOpenKeyA
RegQueryInfoKeyW

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoInitializeEx
CoInitializeSecurity
CoMarshalInterThreadInterfaceInStream
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateILockBytesOnHGlobal
CreateItemMoniker
GetRunningObjectTable
IIDFromString
IsEqualGUID
OleIsCurrentClipboard
OleSetClipboard
ProgIDFromCLSID
RegisterDragDrop
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e008e0d8d2645e13f1c7b9e03886044

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 79KB - Virtual size: 80KB