f3ac1f00ff55a77e7b40866f361a7894_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3ac1f00ff55a77e7b40866f361a7894_JaffaCakes118
Size

260KB
MD5

f3ac1f00ff55a77e7b40866f361a7894
SHA1

7c109e22dea084c2718a2c375435952d8854088e
SHA256

0ef3d5e6808d6186a5e8a550d09208a55684d192d8cd652bcd18106dfddcb0ac
SHA512

f3f1597a88d1406382af6142cdcc953f374a0c64bec077a6163121d44e7798cab556f50133a9b32fcfabf0ac5a940548bde3ae3db907109134d8c4b3163fad01
SSDEEP

3072:+zBQ3PPI+2cB8+SQbK6uvWihKzsTVZediVzMwi4BhvkZoz0v3lX3L6mg+vmsDJUJ:CLcB802LlidiPL3YvN76LpReO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3ac1f00ff55a77e7b40866f361a7894_JaffaCakes118

Files

f3ac1f00ff55a77e7b40866f361a7894_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c5739db5ce39e87a68ffd2d5e7f90b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\DVLP\VS7.2003\Client\Hb4.0\4.7.1.0\_bin\Release_HbTools\WeatherOnTray.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

lstrcpyA
GlobalUnlock
GlobalLock
GlobalAlloc
lstrcmpiA
GetLastError
MulDiv
lstrcmpA
WideCharToMultiByte
GetTickCount
SetLastError
GetCurrentProcessId
CloseHandle
ReadFile
GetFileSize
CreateFileA
Sleep
WaitForSingleObject
OpenEventA
CreateThread
CreateEventA
lstrcpynA
lstrcatA
IsDBCSLeadByte
InterlockedIncrement
SetEvent
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
CreateProcessA
GetCommandLineA
WriteFile
UnmapViewOfFile
MoveFileA
GetSystemTime
TlsSetValue
TlsGetValue
SetFilePointer
OutputDebugStringA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
SetFileTime
FileTimeToSystemTime
GetFileTime
TlsAlloc
ResumeThread
TerminateThread
SetUnhandledExceptionFilter
VirtualQuery
GetVersionExA
GetCurrentThread
GetProcAddress
LoadLibraryA
HeapAlloc
GetLocalTime
CreateDirectoryA
ReleaseSemaphore
ReleaseMutex
CreateSemaphoreA
CreateMutexA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetStringTypeW
GetStringTypeA
HeapSize
TerminateProcess
VirtualFree
HeapCreate
HeapDestroy
QueryPerformanceCounter
TlsFree
GetCPInfo
GetOEMCP
LCMapStringW
LCMapStringA
GetStartupInfoA
GetSystemTimeAsFileTime
HeapReAlloc
GetSystemInfo
VirtualAlloc
VirtualProtect
RtlUnwind
ExitProcess
LocalFree
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetProcessHeap
HeapFree
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrlenW
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameA
MultiByteToWideChar
InterlockedDecrement
FormatMessageA
lstrlenA
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
RaiseException
IsBadWritePtr

user32

LoadStringA
SetPropA
UnregisterClassA
wsprintfA
PostMessageA
DispatchMessageA
TranslateMessage
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
SetWindowLongA
GetWindowLongA
DestroyWindow
SendMessageA
MoveWindow
GetClientRect
BeginPaint
EndPaint
ReleaseDC
InvalidateRect
GetMessageA
LoadMenuA
GetCursorPos
GetSubMenu
TrackPopupMenu
PostQuitMessage
CharUpperA
PostThreadMessageA
FindWindowA
SendMessageTimeoutA
ReplyMessage
GetSystemMetrics
GetForegroundWindow
LoadIconA
DestroyIcon
CreateIconIndirect
SetForegroundWindow
DrawTextA
EnumChildWindows
LoadBitmapA
CreateAcceleratorTableA
IsWindowVisible
CharNextA
GetParent
GetClassNameA
SetWindowPos
RedrawWindow
GetDlgItem
IsWindow
GetFocus
IsChild
GetWindow
DestroyAcceleratorTable
InvalidateRgn
GetDC
FillRect
SetCapture
ReleaseCapture
GetSysColor
CreateWindowExA
RegisterWindowMessageA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetDesktopWindow
GetWindowRect
DefWindowProcA
CallWindowProcA
LoadCursorA
GetClassInfoExA
GetLastActivePopup
SetFocus
KillTimer
SetTimer
ShowWindow
RemovePropA

gdi32

DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
GetObjectA
GetStockObject
CreateSolidBrush
CreateFontIndirectA
GetTextExtentPoint32A
SetTextColor
SetBkMode
CreatePatternBrush
CreateBitmapIndirect
SelectObject

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CoInitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoUninitialize
StringFromGUID2
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoTaskMemRealloc
CoCreateGuid
CoTaskMemAlloc

oleaut32

SysAllocStringByteLen
SysAllocString
SysFreeString
SysStringByteLen
SysStringLen
VariantInit
VariantCopy
VariantClear
VariantChangeType
LoadRegTypeLi
LoadTypeLi
DispCallFunc
SysAllocStringLen
OleCreateFontIndirect
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr

shlwapi

StrRChrA
StrToIntA
PathFindExtensionA

Sections

.text
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7c5739db5ce39e87a68ffd2d5e7f90b0

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 174KB - Virtual size: 174KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 174KB - Virtual size: 174KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 3KB - Virtual size: 3KB