f5b1b073ee9c0b06d40c0e947f32f45c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5b1b073ee9c0b06d40c0e947f32f45c_JaffaCakes118
Size

792KB
MD5

f5b1b073ee9c0b06d40c0e947f32f45c
SHA1

46b51e0a4c06ca8e5de6fefda4d07c51fcb016e9
SHA256

558852e416c8d7fcbffc4f0c1cb1174f189bb90d278a842b72425d6bcf367ce8
SHA512

7e7958af3908aa13cb90509fd5e57c81b29746fecb5cf7a45d8bb3ac74944fd8768b1bc5f479817fa1e6aa353f278e64f899667c8f27a0e7969b0c3172cb6ea1
SSDEEP

12288:ThBve3+t4DK6/JrXyXqoMB2s87djq7vvxFlWK7USMUkow:ThBv5t4DK6/dXyXqbR2k7of

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5b1b073ee9c0b06d40c0e947f32f45c_JaffaCakes118

Files

f5b1b073ee9c0b06d40c0e947f32f45c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2beaffa6bf48da12370dc82e64a894ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
GetMessagePos
GetMessageTime
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
MapWindowPoints
GetSysColorBrush
LoadStringA
UnregisterClassA
PostThreadMessageA
CreateDialogIndirectParamA
EndDialog
GrayStringA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
ClientToScreen
GetWindow
GetDlgCtrlID
PtInRect
RegisterClipboardFormatA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
SetWindowsHookExA
GetLastActivePopup
SystemParametersInfoA
LoadIconA
GetWindowPlacement
SendDlgItemMessageA
GetCursorPos
PeekMessageA
wsprintfA
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
CheckMenuItem
RemoveMenu
MenuItemFromPoint
GetMenuDefaultItem
GetMenuInfo
GetMenuState
GetMenuItemRect
GetMenuItemInfoA
GetMenuStringA
TrackPopupMenu
SetForegroundWindow
CheckMenuRadioItem
GetMenuItemID
GetSubMenu
SetMenuInfo
InsertMenuA
GetMenuItemCount
AppendMenuA
DestroyMenu
LoadMenuA
GetSystemMenu
CreatePopupMenu
CreateMenu
KillTimer
SetTimer
ReleaseDC
GetDC
RegisterClassExA
SetActiveWindow
DispatchMessageA
TranslateMessage
IsDialogMessageA
TranslateAcceleratorA
GetMessageA
UnregisterHotKey
RegisterHotKey
RegisterWindowMessageA
DrawMenuBar
SetMenu
GetMenu
GetSystemMetrics
IsZoomed
IsIconic
GetSysColor
FillRect
SetClassLongA
GetClassLongA
SetRect
SetWindowRgn
RemovePropA
GetPropA
SetPropA
MessageBoxA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
EnableWindow
IsWindowEnabled
ShowWindow
IsWindowVisible
SetParent
PostMessageA
SetWindowPos
MoveWindow
UpdateWindow
ValidateRect
InvalidateRect
ScreenToClient
GetParent
GetWindowRect
GetFocus
SetFocus
GetClassNameA
IsWindow
GetDlgItem
GetWindowLongA
CreateWindowExA
DestroyCursor
SetWindowLongA
PostQuitMessage
DestroyIcon
TrackMouseEvent
SetCursor
LoadCursorA
DefMDIChildProcA
SendMessageA
DefWindowProcA
DestroyWindow
GetClientRect
GetAsyncKeyState
CallWindowProcA
EndPaint
BeginPaint

kernel32

GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
FindResourceA
SizeofResource
LoadResource
LockResource
RtlMoveMemory
GetModuleHandleA
GetProcessHeap
HeapFree
HeapAlloc
LocalSize
lstrlenA
ExitProcess
HeapReAlloc
IsBadReadPtr
CloseHandle
GetFileSize
CreateFileA
WriteFile
GetTickCount
ReadFile
MultiByteToWideChar
WideCharToMultiByte
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateDirectoryA
SetFilePointer
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
GetVersion
GetProcessVersion
SetErrorMode
GetCurrentProcess
FlushFileBuffers
GetCPInfo
GetOEMCP
GetLastError
SetLastError
InterlockedIncrement
lstrcpyA
lstrcatA
WritePrivateProfileStringA
GetStartupInfoA
GetCommandLineA
RtlUnwind
TerminateProcess
RaiseException
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
InterlockedDecrement
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GetModuleFileNameA
LocalAlloc
LocalFree
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcpynA
MulDiv
GlobalFlags
GetCurrentThreadId

gdi32

RestoreDC
SaveDC
CreateBitmap
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
SetBkMode
SetTextColor
CreatePatternBrush
CreateSolidBrush
StretchBlt
CreateRoundRectRgn
CombineRgn
ExtCreateRegion
BitBlt
SelectObject
DeleteDC
CreateDIBSection
CreateCompatibleDC
GetObjectA
GetStockObject
DeleteObject
CreateFontA

atl

ord42

comctl32

InitCommonControlsEx
ord17

shell32

DragAcceptFiles
Shell_NotifyIconA
DragFinish
DragQueryFileA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun

oleaut32

VariantChangeType
VariantInit
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayGetElemsize
SysFreeString
VarR8FromCy
VarR8FromBool
LoadTypeLi
LHashValOfNameSys
RegisterTypeLi
SafeArrayCreate
SysAllocString
VariantClear
SafeArrayDestroy

winmm

PlaySoundA

shlwapi

PathFileExistsA

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2beaffa6bf48da12370dc82e64a894ac

Headers

File Characteristics

Imports

user32

kernel32

gdi32

atl

comctl32

shell32

comdlg32

winspool.drv

advapi32

oledlg

ole32

oleaut32

winmm

shlwapi

Sections

.text Size: 464KB - Virtual size: 461KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 32KB - Virtual size: 92KB

.rsrc Size: 268KB - Virtual size: 265KB

.text
Size: 464KB - Virtual size: 461KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 32KB - Virtual size: 92KB

.rsrc
Size: 268KB - Virtual size: 265KB