fd61467c6b7b515a3b27f9315f165547_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fd61467c6b7b515a3b27f9315f165547_JaffaCakes118
Size

4.1MB
MD5

fd61467c6b7b515a3b27f9315f165547
SHA1

3d278a94b946752862fd3166c101d6388c851d49
SHA256

95c5f906569d822948e34903e5ca80170951ebe174fc68f48161764a5b5fbdde
SHA512

02f25a3eb42c938fdfc403bc81fc2c324382326d24d952e0f4d33d4f6db9036876f0c4dfdf5ad2873fea8b32da58efc0878d83d9b268b8a6fcdd212fae5c6ea3
SSDEEP

98304:Z4w8C8/bPpcAtMe2Lh113m8iemr0uevpt3FM:iw8C8PpceMe2xm8idrQvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd61467c6b7b515a3b27f9315f165547_JaffaCakes118

Files

fd61467c6b7b515a3b27f9315f165547_JaffaCakes118
.exe windows:4 windows x86 arch:x86

479172af211207045940ff4b6e73042a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cooltype

ord43
ord42
ord41
ord40
ord44
ord39
ord38
ord37
ord36
ord35
ord34
ord49
ord33
ord32
ord31
ord30
ord29
ord28
ord27
ord26
ord25
ord51
ord24
ord23
ord22
ord21
ord46
ord45
ord47
ord16
ord60
ord14
ord13
ord12
ord11
ord50
ord10
ord48
ord9
ord8
ord2
ord6
ord7
ord93
ord4
ord84
ord85
ord97
ord88
ord87
ord86
ord68
ord66
ord59
ord52
ord18
ord54
ord56
ord15
ord57
ord61
ord58
ord92
ord100
ord101
ord20
ord19
ord65
ord55
ord53
ord3
ord17

bib

ord4
ord3

pdfpoquito50irelease

PDEFontCreateFromSysFontWithParams
PDEFontCreateFromSysFontEx
PDESoftMaskSetBackdropColor
PDSysFontGetAttrs
PDFindSysFontEx
PDEmbedSysFontForPDEFont
PDEFontSubsetNow
PDEFontGetWidthsNow
CosArrayLength
PDPageGetNumber
PDETextAdd
PDETextCreate
PDEBeginGroupCreate
PDEEndGroupCreate
PDEClipCreate
PDEWriterClose
PDEClipAddElem
PDEElementSetClip
PDEWriterPut
PDPageSetTrimBox
PDPageSetMediaBox
PDPageSetArtBox
PDPageSetThumb
PDFLGetVersion
PDDocSetInfo
PDEWriterCreateFromCosDoc
PDEPathCreate
PDEPathSetData
PDEPathSetPaintOp
CosArrayInsert
PDEShadingCreateFromCosObj
ASGetErrorString
PDEBeginContainerCreate
PDEEndContainerCreate
ASProcStmRdOpen
PDEImageCreate
PDEImageSetSMask
PDEPatternCreate
PDEExtGStateSetOPStroke
PDEExtGStateSetOPM
PDEExtGStateSetOPFill
PDEPlaceCreate
PDEFormCreateFromCosObj
PDESoftMaskCreate
PDEImageGetDataLen
PDESoftMaskSetTransferFunction
PDEXGroupCreate
PDEXGroupSetIsolated
PDEXGroupSetKnockout
PDEXGroupSetColorSpace
PDEFormSetXGroup
PDEExtGStateCreateNew
PDEExtGStateSetOpacityFill
PDEExtGStateSetOpacityStroke
PDEExtGStateSetBlendMode
PDEExtGStateSetAIS
PDEExtGStateSetSoftMask
PDEElementSetGState
PDEWriterCreateFromCosDocEx
PDEExtGStateAcquireSoftMask
PDESoftMaskAcquireForm
PDESoftMaskGetTransferFunction
PDEFormHasXGroup
PDEFormAcquireXGroup
PDEXGroupGetIsolated
PDEXGroupGetKnockout
PDEFontGetWidths
PDFindSysFontForPDEFont
PDEExtGStateGetBlendMode
PDEExtGStateGetOpacityFill
PDEExtGStateGetAIS
PDEExtGStateGetCosObj
PDETextGetTextMatrix
PDETextGetGState
PDETextGetTextState
PDPageHasThumb
PDPageAcquireThumb
PDThumbGetImageData
PDThumbGetIndexedColorSpace
PDThumbRelease
PDDocGetNumPages
PDETextGetNumRuns
PDETextGetFont
PDEFontGetAttrs
PDETextGetText
PDEFontTranslateGlyphIdsToUnicode
PDEPathGetData
PDEPathGetPaintOp
PDEImageGetColorSpace
CosParseStmToken
PDPageGetMediaBox
PDEImageGetAttrs
PDEImageGetSMask
PDEElementGetGState
PDEColorSpaceGetNumComps
PDEColorSpaceGetHiVal
PDEImageGetData
PDEImageGetDataStm
PDEImageGetMatteArray
PDEImageGetCosObj
PDEShadingGetCosObj
PDEPatternGetCosObj
PDEReaderClose
PDPageGetRotate
PDPageGetBleedBox
PDPageGetTrimBox
PDPageGetCropBox
PDEPlaceGetMCTag
PDEPlaceGetDict
PDEContainerGetMCTag
CosStreamDict
PDEContainerGetDict
PDEBeginContainerGetMCTag
PDEBeginContainerGetDict
PDEElementGetMatrix
PDEFormGetCosObj
PDEElementGetClip
PDEGroupGetContent
PDEContainerGetContent
PDEContentGetNumElems
PDEContentGetElem
PDEObjectGetType
PDEClipGetNumElems
PDEClipGetElem
PDEAcquire
ASPurgeMemory
PDEReaderCreateFromCosObj
PDEReaderHasMoreElements
PDEReaderGetNextElem
CosBooleanValue
PDPageRelease
PDDocClose
CosObjGetType
CosArrayGet
PDDocRemoveAllSignatures
PDEColorSpaceCreateFromName
ASAtomFromString
PDSysFontSetFontContext
PDFLInit
ASMemStmRdOpen
ASStmClose
PDFLTerm
PDERelease
PDPageGetCosObj
PDPageSetRotate
PDEWriterCreateFromPDPage
PDDocCreatePage
PDDocGetCosDoc
PDDocCreate
ACGetExceptionErrorCode
ACPopExceptionFrame
PDDocAcquirePage
PDEReaderCreateFromPDPage
ASRaise
PDDocGetPermissions
PDDocOpenEx
PDDocOpen
ACPushExceptionFrame
RestorePlugInFrame
PDDocFreeAuthData
PDDocAuthorize
ASFileSysReleasePathName
ASFileSysDIPathFromPath
ASFileAcquirePathName
ASFileGetFileSys
PDDocGetFile
ASmalloc
PDDocSave
PDEColorSpaceGetCosObj
PDDocIsSigned
PDDocSetLangVersion
CosDictGet
CosNewString
CosNewFixed
CosNewBoolean
CosNewInteger
CosDictPut
CosNewDict
CosObjDestroy
CosDictRemove
PDEWriterToCosObj
CosNewNull
CosObjEqual
CosDocGetRoot
CosIntegerValue
CosStringValue
CosDictKnown
CosNewStream
CosArrayPut
CosNewArray
CosNewName
CosFixedValue
ASStmRead
CosStreamOpenStm
CosStreamLength
ASAtomGetString
CosNameValue
PDEColorSpaceCreate
PDEColorSpaceGetName
PDEColorSpaceGetBase
PDEColorSpaceGetBaseNumComps
PDEColorSpaceGetCTable

agm

ord4
ord3

ace

ord3
ord4

opp

ord3

imagehlp

MakeSureDirectoryPathExists

kernel32

GetFileSize
GetTempFileNameA
HeapCreate
RtlUnwind
GetCurrentDirectoryA
lstrcpyA
SetEnvironmentVariableA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
FlushFileBuffers
SetConsoleCtrlHandler
SetStdHandle
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
SetUnhandledExceptionFilter
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
HeapSize
HeapCompact
HeapWalk
HeapValidate
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
MoveFileA
GetDriveTypeA
GetFileType
TerminateProcess
IsBadReadPtr
RaiseException
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
VirtualQuery
VirtualLock
VirtualAlloc
VirtualFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
IsBadCodePtr
MapViewOfFileEx
OpenFileMappingA
OpenProcess
GetCurrentProcess
VirtualQueryEx
GetCurrentThreadId
GetVersion
GetLogicalDrives
GetDiskFreeSpaceA
RemoveDirectoryA
HeapDestroy
ReleaseMutex
OpenMutexA
CreateMutexA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetFileInformationByHandle
GetShortPathNameA
CreateDirectoryA
SetCurrentDirectoryA
GetWindowsDirectoryA
GetTimeFormatA
GetDateFormatA
GetLocalTime
GetSystemInfo
QueryPerformanceCounter
GetCurrentProcessId
GetComputerNameA
GetSystemTimeAsFileTime
GetTempPathA
GetSystemDirectoryA
ExitProcess
GetUserDefaultLangID
GetNumberFormatA
GetCurrencyFormatA
GetLocaleInfoA
GlobalReAlloc
IsBadWritePtr
GlobalMemoryStatus
CreateThread
lstrcmpiA
GetBinaryTypeA
SetEndOfFile
lstrcpynA
GetTickCount
GetFullPathNameA
LoadLibraryExA
EnumResourceNamesA
FindFirstFileA
FindNextFileA
FindClose
GetFileTime
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
GetFileAttributesA
CreateProcessA
WriteFile
CreateFileA
ReadFile
SetFilePointer
lstrcmpA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
WideCharToMultiByte
DeleteFileA
GlobalAlloc
lstrlenA
GetSystemDefaultLangID
ReleaseSemaphore
CreateSemaphoreA
OpenSemaphoreA
lstrcatA
GetModuleFileNameA
CloseHandle
WaitForSingleObject
OutputDebugStringA
DebugBreak
Sleep
GlobalUnlock
MulDiv
GlobalLock
_llseek
MultiByteToWideChar
_lopen
_lcreat
_lclose
_lread
_lwrite
GlobalSize
GlobalFree
SetEvent
CreateEventA

user32

ClipCursor
GetKeyboardLayout
DefMDIChildProcA
GetPropA
SetCapture
OffsetRect
ReleaseCapture
DefFrameProcA
PostQuitMessage
SetWindowPlacement
SystemParametersInfoA
LoadIconA
GetForegroundWindow
GetMessageA
GetKeyboardLayoutList
SetMenu
TrackPopupMenu
CheckMenuItem
EnableMenuItem
GetMenuItemInfoA
SetMenuItemInfoA
LoadMenuA
InsertMenuItemA
CreateMenu
ScrollDC
LoadBitmapA
GetWindowLongA
wsprintfA
GetCaretBlinkTime
FindWindowA
IntersectRect
GetActiveWindow
GetSubMenu
GetMenuItemID
MapVirtualKeyA
GetKeyState
ModifyMenuA
InsertMenuA
DrawMenuBar
GetMenuItemCount
RemoveMenu
CreatePopupMenu
AppendMenuA
DestroyMenu
IsChild
MessageBeep
TranslateMessage
DispatchMessageA
GetKeyboardState
VkKeyScanA
BringWindowToTop
GetNextDlgTabItem
MessageBoxA
PeekMessageA
SendDlgItemMessageA
IsWindowEnabled
SetWindowLongA
GetWindowTextA
SetWindowTextA
GetSysColor
DrawFocusRect
InvertRect
GetQueueStatus
ClientToScreen
DialogBoxIndirectParamA
EnumChildWindows
GetWindowPlacement
GetClassNameA
ScreenToClient
IsIconic
FillRect
GetSysColorBrush
GetKeyboardType
GetMenuState
GetMenuStringA
SetForegroundWindow
SetFocus
IsClipboardFormatAvailable
CheckRadioButton
GetDlgItemInt
GetDlgItem
EnableWindow
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextA
DdeInitializeA
DdeClientTransaction
DdeDisconnect
DdeCreateStringHandleA
DdeConnect
DdeGetLastError
DdeFreeStringHandle
GetSystemMetrics
CreateCursor
EnumDisplaySettingsA
GetCursorPos
GetCursor
WindowFromPoint
GetCapture
IsWindowVisible
SendMessageA
SetCursor
ShowCursor
SetCursorPos
CreateDialogParamA
UpdateWindow
DialogBoxParamA
UnregisterClassA
LoadCursorA
RegisterClassA
GetDesktopWindow
GetWindowRect
GetClientRect
MoveWindow
CreateWindowExA
SetTimer
SetActiveWindow
ShowWindow
KillTimer
DestroyWindow
EndDialog
DrawTextA
LoadStringA
DefWindowProcA
GetParent
PostMessageA
GetAsyncKeyState
GetDC
ReleaseDC
BeginPaint
EndPaint
ChildWindowFromPoint
RegisterClipboardFormatA
DdeUninitialize

gdi32

SetRectRgn
Polygon
CreatePolygonRgn
FillRgn
StretchBlt
CreatePen
GetTextColor
SetPixel
SetROP2
CreateBitmap
CreatePatternBrush
EnumFontFamiliesA
CreatePalette
CreateSolidBrush
SetICMMode
GetObjectA
Escape
EndDoc
AbortDoc
EndPage
StartPage
StartDocA
DeleteEnhMetaFile
CreateDIBSection
DeleteMetaFile
CreateMetaFileA
CloseMetaFile
CombineRgn
SelectClipRgn
CloseEnhMetaFile
GetDIBits
LineTo
GetTextExtentPointA
CreateDCA
RemoveFontResourceA
AddFontResourceA
DeleteDC
GetStockObject
CreateFontIndirectA
GetDeviceCaps
SetTextColor
SetBkColor
GetTextMetricsA
SelectPalette
RealizePalette
StretchDIBits
DeleteObject
SetWindowOrgEx
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
SetBkMode
ExtTextOutA
GetTextExtentPoint32A
PatBlt
CreateRectRgn
CreateEnhMetaFileA
CreateICA
MoveToEx
CreateBrushIndirect

winspool.drv

ClosePrinter
GetPrinterDriverA
OpenPrinterA
DocumentPropertiesA
DeviceCapabilitiesA

comdlg32

CommDlgExtendedError
PrintDlgA
ChooseColorA
GetOpenFileNameA
GetSaveFileNameA

advapi32

RegOpenKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueA
GetUserNameA
RegQueryValueExA

shell32

DragQueryFileA
SHGetDesktopFolder
DragFinish
ShellExecuteA
FindExecutableA
DragAcceptFiles

ole32

CoRevokeClassObject
OleIsCurrentClipboard
CoCreateInstance
WriteClassStg
WriteFmtUserTypeStg
CoRegisterClassObject
OleSetClipboard
DoDragDrop
ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
CreateDataAdviseHolder
OleInitialize
GetRunningObjectTable
OleUninitialize
CreateOleAdviseHolder
CoGetMalloc
ReadClassStg
StgIsStorageFile
OleDuplicateData
OleFlushClipboard
OleGetClipboard

mpr

WNetGetUniversalNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

PDEImageHasSMask

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nbgnjuo
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

479172af211207045940ff4b6e73042a

Headers

File Characteristics

Imports

cooltype

bib

pdfpoquito50irelease

agm

ace

opp

imagehlp

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

mpr

version

Exports

Exports

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 344KB - Virtual size: 341KB

.data Size: 168KB - Virtual size: 242KB

.rsrc Size: 128KB - Virtual size: 128KB

nbgnjuo Size: 4KB - Virtual size: 32KB

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 344KB - Virtual size: 341KB

.data
Size: 168KB - Virtual size: 242KB

.rsrc
Size: 128KB - Virtual size: 128KB

nbgnjuo
Size: 4KB - Virtual size: 32KB