3186c721adf37f8e0d8b4fa01fb42c64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3186c721adf37f8e0d8b4fa01fb42c64_JaffaCakes118
Size

828KB
MD5

3186c721adf37f8e0d8b4fa01fb42c64
SHA1

2d51d55e2af9c4bb076e497e27b59eae90186fbb
SHA256

503651eba99ec79a1af2f54ab97505dc5f6e40bbd1fa9e3b596772f7b9b3597d
SHA512

67df67a259394ceeaa173b9d1cdd1a9bc26e79ef01ab559231416468582a1b0a6dd0993e64b2b77d67e96471ba65e686dfe22445c30476b9778553e0054f10e6
SSDEEP

12288:lPzTWfspiB4hD3dfBpcK1RZBoQ/30mVaNaxcx:l2fsSADlB9RLB/0icx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3186c721adf37f8e0d8b4fa01fb42c64_JaffaCakes118

Files

3186c721adf37f8e0d8b4fa01fb42c64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9257324187d8cb026a67b32892307cdf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetCurrentThreadId
SetLastError
FreeLibrary
LoadLibraryExA
GetModuleHandleA
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
lstrcmpA
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapCreate
HeapDestroy
GetStartupInfoA
GetCommandLineA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
RtlUnwind
GetSystemTimeAsFileTime
LocalFree
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
FlushInstructionCache
IsDBCSLeadByte
CreateThread
TerminateThread
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrlenW
MoveFileExA
GlobalLock
GlobalUnlock
GetCurrentProcess
SetProcessWorkingSetSize
FindFirstFileA
FindNextFileA
FindClose
WideCharToMultiByte
DeleteFileA
GetVolumeInformationA
GetVersionExA
GetFileSize
ReadFile
CreateFileA
GetLastError
WriteFile
CloseHandle
GlobalAlloc
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
lstrcpynA
MultiByteToWideChar
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
Sleep
GetModuleFileNameA
SetCurrentDirectoryA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetOEMCP

user32

GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
GetFocus
GetWindow
DestroyAcceleratorTable
GetDesktopWindow
ReleaseCapture
GetClassNameA
GetParent
IsChild
SetCapture
InvalidateRgn
ScreenToClient
IsWindow
GetClassInfoExA
LoadCursorA
RegisterClassExA
CallWindowProcA
CreateAcceleratorTableA
SetWindowLongA
GetWindowLongA
CreateWindowExA
DestroyWindow
SetWindowPos
ShowWindow
SystemParametersInfoA
LoadIconA
ReleaseDC
FillRect
GetDC
SetTimer
EnableWindow
GetDlgItem
SetDlgItemTextA
MessageBoxA
SendDlgItemMessageA
GetScrollInfo
SetCursor
GetDlgItemInt
GetDlgCtrlID
DialogBoxParamA
CheckMenuItem
GetMenuItemID
TrackMouseEvent
PostQuitMessage
DispatchMessageA
TranslateMessage
GetMessageA
PostMessageA
GetWindowRect
InsertMenuItemA
FindWindowA
GetKeyState
SetWindowTextA
GetSystemMetrics
SetActiveWindow
EndPaint
BeginPaint
LoadImageA
GetClientRect
PtInRect
RedrawWindow
SetLayeredWindowAttributes
KillTimer
CharLowerA
OffsetRect
InflateRect
GetUpdateRect
SetFocus
GetWindowDC
CreatePopupMenu
ClientToScreen
MoveWindow
LoadStringA
SendMessageA
GetWindowInfo
GetSysColor
SetForegroundWindow
TrackPopupMenu
DefWindowProcA
ValidateRect
GetSysColorBrush
GetMenuItemRect
FrameRect
CharNextA
EndDialog
DestroyMenu
CopyRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
UnregisterClassA
LockWindowUpdate
MessageBeep
GetCursorPos
SetScrollInfo
GetWindowPlacement
RegisterHotKey
UnregisterHotKey
InvalidateRect
UpdateWindow
DrawTextA
GetMenuItemCount

gdi32

GetTextExtentPoint32A
GetStockObject
GetTextMetricsA
TextOutA
SetTextAlign
CreateDIBitmap
SetBkMode
Polygon
CreatePen
CreateRectRgn
EndPage
CreatePatternBrush
Rectangle
SetTextColor
GetCurrentObject
EndDoc
GetTextExtentExPointA
GetDeviceCaps
StartDocA
BitBlt
CreateRoundRectRgn
DeleteObject
SelectObject
CreateFontA
GetObjectA
DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
StartPage
SelectClipRgn
SetStretchBltMode

comdlg32

GetOpenFileNameA
PrintDlgA

advapi32

RegDeleteKeyA
GetUserNameA
RegEnumKeyExA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

shell32

DragFinish
SHGetSpecialFolderPathA
Shell_NotifyIconA
ShellExecuteA
DragQueryFileA

ole32

CLSIDFromProgID
CoGetClassObject
CLSIDFromString
StringFromGUID2
CoInitializeEx
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
OleLockRunning

oleaut32

LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
SysStringByteLen
VariantClear
VarUI4FromStr
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
GetErrorInfo

ws2_32

closesocket
recv
send
connect
htonl
htons
socket
gethostbyname
setsockopt
WSAStartup
WSACleanup

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdiplusShutdown
GdiplusStartup
GdipAlloc
GdipCloneImage
GdipCreateBitmapFromStreamICM
GdipFree
GdipDisposeImage

winmm

PlaySoundA

comctl32

InitCommonControlsEx

msimg32

TransparentBlt

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9257324187d8cb026a67b32892307cdf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

gdiplus

winmm

comctl32

msimg32

Sections

.text Size: 237KB - Virtual size: 236KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 69KB - Virtual size: 692KB

.rsrc Size: 457KB - Virtual size: 456KB

.text
Size: 237KB - Virtual size: 236KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 69KB - Virtual size: 692KB

.rsrc
Size: 457KB - Virtual size: 456KB