171745c5d31c46807e45a2a273dc367e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

171745c5d31c46807e45a2a273dc367e_JaffaCakes118
Size

300KB
MD5

171745c5d31c46807e45a2a273dc367e
SHA1

9e21b6e2ddfbe5b249ba7c6810667487fb04e03f
SHA256

b458ee4d8b4dd87d1dcaf524bfa978d6639c6e2a09497b080e2641aaa4e04b4c
SHA512

748672c304af3a3988385bb24437e799894e93efe8be116e7985350e8591803b70e83444aebaecba19ddf5e6d25a15b465c1d00a8391b2181ef61118f77c3889
SSDEEP

3072:qETHGNaL1eByO0+yJvoXZ13zVMrJAZ/swfkCWNRTlJwrySDJUi3IXjUlziMN3To2:rIuOkoX33WyZEwtWNRByDlPdOkiB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171745c5d31c46807e45a2a273dc367e_JaffaCakes118

Files

171745c5d31c46807e45a2a273dc367e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ae872d29ae3f3837d6c8d15813e59d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRetToStrA

kernel32

HeapSize
HeapReAlloc
GetTimeZoneInformation
GetACP
CompareStringA
CompareStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapFree
HeapAlloc
RaiseException
GetProfileStringA
InterlockedExchange
GetTickCount
GetFileAttributesA
GetCurrentProcess
SizeofResource
GetProcAddress
LoadLibraryExA
LoadLibraryExW
lstrlenA
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
FreeLibrary
LoadLibraryA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
LocalFree
FormatMessageA
lstrcpynA
FindClose
SetLastError
GetLastError
FindFirstFileA
FindNextFileA
lstrcmpA
GetCurrentThread
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
GetFileTime
GetFileSize
GlobalAlloc
GlobalLock
GetModuleFileNameA
TerminateProcess
CloseHandle
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
SetErrorMode
GetThreadLocale
GetCurrentDirectoryA
WritePrivateProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
MulDiv
GlobalUnlock
GlobalFree

user32

InvalidateRect
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
InflateRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
DestroyMenu
LoadStringA
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
PostQuitMessage
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SendMessageA
GetParent
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
DefDlgProcA
IsWindowUnicode
LoadIconA
GetSystemMenu
AppendMenuA
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
ReleaseDC
GetDC
CopyRect
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetCursor

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
PatBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

ImageList_Destroy
ImageList_LoadImageA
ord17

oledlg

ord8

ole32

OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

VariantCopy
VariantClear
VariantChangeType
SysAllocStringLen
SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen
VariantTimeToSystemTime

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ae872d29ae3f3837d6c8d15813e59d2

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 188KB - Virtual size: 187KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 52KB - Virtual size: 50KB

.text
Size: 188KB - Virtual size: 187KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 52KB - Virtual size: 50KB