260eb3a4c9c142a3dffa9e6135614487_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

260eb3a4c9c142a3dffa9e6135614487_JaffaCakes118
Size

2.5MB
MD5

260eb3a4c9c142a3dffa9e6135614487
SHA1

622a23ba311517554f3fa217722e006d143dad4f
SHA256

e0f735422592fee63820521da18bd4ec87c3e34bdb85e9f65946d1fc5998e42b
SHA512

46d24150a184b85ab07e66d8f833a45d598087028c387b1c68aeb0f1b35a2324819bb6dbc3d9494497cd93dbd3524cafe67257ae952eed193c85bc84b6c38133
SSDEEP

49152:TrYIYPlGjowod6+x7J9RLOU+1vD/HstoN1:/YIZoddr9N+1vDEtI1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/winner.pw-37a643.exe

Files

260eb3a4c9c142a3dffa9e6135614487_JaffaCakes118
.iso
out.iso
.iso
winner.pw-37a643.exe
.exe windows:5 windows x86 arch:x86

ac610aaa0f7ab838dd93c878ab1afb0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetCommandLineW
SetHandleCount
HeapDestroy
HeapCreate
VirtualFree
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
CreateFileA
SetEnvironmentVariableA
GetModuleFileNameW
OutputDebugStringW
LoadLibraryW
GetProcAddress
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
SetEndOfFile
SetFilePointer
WriteConsoleW
GetStdHandle
GetConsoleMode
LocalFree
GetVolumeInformationW
WaitForSingleObject
GetFileAttributesW
GetCommandLineA
GetLastError
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
lstrlenW
InterlockedExchange
FindFirstFileW
lstrcmpW
FindClose
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetLocaleInfoW
GetLocaleInfoA
GetVersionExW
GetFileSize
ReadFile
GlobalReAlloc
FindResourceExW
WideCharToMultiByte
GetPrivateProfileStringW
GlobalLock
GetPrivateProfileSectionW
GlobalUnlock
GetProcessHeap
HeapAlloc
HeapFree
WritePrivateProfileStringW
Sleep
SetEvent
GetExitCodeThread
TerminateThread
GetFullPathNameW
MulDiv
GlobalAlloc
CreateFileW
WriteFile
GlobalFree
DeviceIoControl
GetEnvironmentVariableA
RtlUnwind
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
HeapSize
GetFileType
SetStdHandle
ExitProcess
SetLastError
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
SetErrorMode
GetFileTime
FileTimeToLocalFileTime
GlobalFlags
FileTimeToSystemTime
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
LocalAlloc
lstrlenA
GetCurrentProcess
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetModuleHandleA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
CompareStringA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
InterlockedDecrement
GetModuleHandleW
FormatMessageW
GetStartupInfoA
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
LoadLibraryA
GetVersion
GetTickCount
CreateMutexW

user32

GetSubMenu
LoadCursorW
EqualRect
SetRectEmpty
IsRectEmpty
SetWindowLongW
ReleaseDC
GetDC
GetClientRect
UpdateWindow
IsWindow
GetParent
IsWindowVisible
SetForegroundWindow
GetWindowLongW
SetRect
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableW
SetCursor
PtInRect
ScreenToClient
GetCursorPos
UnregisterClassW
GetSysColorBrush
CharUpperW
DestroyMenu
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
GetWindowThreadProcessId
RegisterClipboardFormatW
SetWindowContextHelpId
MapDialogRect
SetMenuItemBitmaps
DrawIcon
GetSystemMetrics
SendMessageW
GetWindowRect
LoadIconW
EnableWindow
PostQuitMessage
IsIconic
CopyRect
InvalidateRect
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
AdjustWindowRectEx
CheckMenuItem
UnregisterClassA
SystemParametersInfoA
MessageBoxA
WindowFromPoint
GetSysColor
LoadBitmapW
LoadMenuW
CharNextW
InflateRect
MessageBoxW
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
GetWindow
GetWindowPlacement
IntersectRect
SetWindowPos
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
GetScrollInfo
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetMenu
GetScrollPos
GetKeyState
TrackPopupMenu
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
SetFocus
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
IsChild
CreateDialogIndirectParamW
GetNextDlgTabItem
SetWindowRgn
GetWindowRgn
GetWindowDC
GetCapture
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
IsDialogMessageW
SetWindowTextW
MoveWindow
ShowWindow
IsWindowEnabled
ValidateRect
TranslateMessage
GetMessageW
EndDialog
SetCapture
GetDesktopWindow
PostMessageW
ReleaseCapture
LoadCursorFromFileW
ClientToScreen
SetTimer
KillTimer
GetFocus
GetActiveWindow
SetScrollInfo

gdi32

RestoreDC
SaveDC
GetClipBox
SetBkMode
OffsetRgn
GetWindowExtEx
RectVisible
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetBkColor
DPtoLP
StretchBlt
BitBlt
CombineRgn
GetRegionData
ExtCreateRegion
CreateRectRgn
CreateCompatibleBitmap
CreateFontIndirectW
CreateSolidBrush
GetObjectW
SetDIBColorTable
SelectObject
DeleteObject
CreateDIBSection
CreateCompatibleDC
GetViewportExtEx
DeleteDC
GetMapMode
SetMapMode
FrameRgn
CreateRectRgnIndirect
GetStockObject
GetTextExtentPoint32W
CreateBitmap
SetBkColor
SetTextColor
SelectClipRgn
GetRgnBox
GetDeviceCaps
GetTextColor
PtVisible

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

GetFileTitleW

advapi32

RegOpenKeyW
OpenEventLogA
ClearEventLogW
AllocateLocallyUniqueId
RegCloseKey
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegQueryValueExW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CLSIDFromString
CLSIDFromProgID
CoRevokeClassObject
OleUninitialize
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc
StringFromIID
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CreateILockBytesOnHGlobal

shlwapi

PathFileExistsW
PathIsURLW
PathAppendW
PathIsDirectoryW
PathFindExtensionW
PathFindFileNameW
PathAddBackslashW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gaaf7a
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iaaf7c
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac610aaa0f7ab838dd93c878ab1afb0a

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

shlwapi

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.gaaf7a Size: 12KB - Virtual size: 10KB

.data Size: 12KB - Virtual size: 28.0MB

.iaaf7c Size: 8KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.gaaf7a
Size: 12KB - Virtual size: 10KB

.data
Size: 12KB - Virtual size: 28.0MB

.iaaf7c
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 21KB