24bfb22bdc0112c0a6d6735e292323af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24bfb22bdc0112c0a6d6735e292323af_JaffaCakes118
Size

2.8MB
MD5

24bfb22bdc0112c0a6d6735e292323af
SHA1

93dbf83b0b3afd84fbea96083d61e13d35adbe01
SHA256

12252fd602fc2b192d4e792bfb3e4efa8aad2beb3806d2797e872b47da50eb71
SHA512

cf5ff44f7422c3619611ce3f23651b7740883c6834efdad749cbaeb91d9aa5d642ee0bbe9889847039fa5a7b8cfdcb1a3028bb0f1364546bd7861dc431e68510
SSDEEP

49152:GyDXh6cDLdRiHXHF8LTMGU1ZuWsjeL93FFii7NjlYEGWz0osxgoVJ:GybhzDLdRi3HMTMGmtsjeR1LYs0P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24bfb22bdc0112c0a6d6735e292323af_JaffaCakes118

Files

24bfb22bdc0112c0a6d6735e292323af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f59b86608b4daec73f4adc60fa936fed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

SetJobW

comctl32

ImageList_EndDrag
CreateToolbarEx
CreatePropertySheetPageW
ImageList_Create
ImageList_GetImageCount
ImageList_Add
ImageList_GetBkColor
ImageList_DragEnter
ImageList_DragMove
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_SetIconSize

kernel32

CreateFileW
CloseHandle
VirtualAlloc
HeapDestroy
HeapAlloc
HeapFree
GetCurrentThreadId
GetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCommTimeouts
FileTimeToSystemTime
lstrcmpiW
OutputDebugStringW
CopyFileW
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
FreeConsole
GetConsoleWindow
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
HeapReAlloc
RtlUnwind
LoadLibraryExW
IsProcessorFeaturePresent
IsDebuggerPresent
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
GetModuleFileNameW
GetStartupInfoW
DeleteCriticalSection
GetFileType
GetStdHandle
GetProcessHeap
GetProcAddress
GetModuleHandleExW
GetConsoleMode
ExitProcess
DecodePointer
EncodePointer
SetLastError
GetCommandLineW
SetStdHandle
SetFilePointerEx
WriteConsoleW

setupapi

SetupFindNextLine
SetupGetLineCountW
SetupGetFieldCount
SetupFindFirstLineW
SetupOpenInfFileW
SetupGetStringFieldW
SetupOpenFileQueue
SetupCloseFileQueue
SetupInstallFromInfSectionW
SetupDiGetDeviceInfoListDetailW
SetupDiOpenDeviceInfoW
SetupDiBuildDriverInfoList
SetupDiGetSelectedDriverW
SetupDiGetClassDevsExW
SetupDiCallClassInstaller
SetupDiOpenDevRegKey
SetupDiGetDeviceRegistryPropertyW
SetupDiSetDeviceRegistryPropertyW
SetupDiCreateDeviceInfoListExW
SetupDiSetDeviceInstallParamsW
SetupDiSetClassInstallParamsW
SetupDiGetActualSectionToInstallW
CM_Get_Device_IDW
CM_Get_DevNode_Registry_Property_ExW
CM_Get_DevNode_Status
CM_Get_Parent_Ex
CM_Locate_DevNodeW

user32

AttachThreadInput
SendMessageW
ExitWindowsEx
DrawFrameControl
ActivateKeyboardLayout
IsChild
CreateDialogParamW
CheckRadioButton
IsCharUpperW
SetFocus
GetActiveWindow
EnableWindow
ExcludeUpdateRgn
InvalidateRect
EnableScrollBar
SetWindowTextW
ScreenToClient
WindowFromPoint
CopyRect
GetScrollInfo
TranslateMDISysAccel
SystemParametersInfoW
ValidateRect
MonitorFromWindow

wininet

HttpQueryInfoW
InternetOpenUrlW
InternetCrackUrlW

oleaut32

SafeArrayGetElement
SafeArrayPutElement
VariantInit
VariantCopy
VariantChangeType
VarI4FromStr
VarCyFromStr
VarBstrFromCy
VarBstrFromBool
VarBoolFromStr
RegisterTypeLi
SafeArrayAccessData
SafeArrayGetLBound
SysFreeString
SysReAllocStringLen

wintrust

WinVerifyTrust
CryptCATAdminAcquireContext

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetWindowTheme
DrawThemeParentBackground

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 34.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f59b86608b4daec73f4adc60fa936fed

Headers

File Characteristics

Imports

winspool.drv

comctl32

kernel32

setupapi

user32

wininet

oleaut32

wintrust

uxtheme

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 1.5MB - Virtual size: 34.4MB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 1.5MB - Virtual size: 34.4MB

.rsrc
Size: 23KB - Virtual size: 23KB