3b4da5a384d363a13133162f16d9ff1c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b4da5a384d363a13133162f16d9ff1c_JaffaCakes118
Size

547KB
MD5

3b4da5a384d363a13133162f16d9ff1c
SHA1

90d483b453e9042296573f14b165fc615a5c6c4b
SHA256

7e5cfd53cff61b058f7cf9f7ddef04fb28b7bfb8e4de46f9fcc28e5221b2ca04
SHA512

ea10275510fcfa1155e53fb05c82a7b4651a274cb69cf5d9fd776aa4aadb004d33972a5c4771172281213999726044eb2c5ce61cd36d75156e04caa1e1560415
SSDEEP

12288:OsS90y8N0H2/FV44JTgVTuH/fz/Lqj8fibXbYtn:OsCiN2uVTiTuHDuQfiS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4da5a384d363a13133162f16d9ff1c_JaffaCakes118

Files

3b4da5a384d363a13133162f16d9ff1c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ecf2d95b5bebdd91fb63a9e72e9f5783

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetStartupInfoA
HeapReAlloc
RtlUnwind
Sleep
ExitProcess
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsValidCodePage
HeapCreate
VirtualFree
GetStdHandle
GetTimeZoneInformation
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualQuery
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
VirtualProtect
HeapFree
SetErrorMode
GetModuleHandleW
FindResourceA
GetPrivateProfileStringA
GetDateFormatA
GetPrivateProfileIntA
GetFileSizeEx
LocalFileTimeToFileTime
GetFileAttributesExA
CreateFileA
GetShortPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcmpA
GetDiskFreeSpaceA
WritePrivateProfileStringA
GetTimeFormatA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
InterlockedIncrement
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
FreeLibrary
InterlockedDecrement
FreeResource
GlobalAlloc
GlobalFree
SystemTimeToFileTime
GetThreadLocale
GetCurrentProcessId
GlobalLock
GlobalUnlock
GetProcAddress
SetLastError
CreateThread
GetSystemTime
LocalFree
CloseHandle
GetModuleHandleA
GetSystemInfo
CreateEventW
CancelIoEx
VirtualAlloc
GetLastError
GetTempPathW
GetACP
GetOverlappedResult
CreateFileW
GetModuleFileNameW
ReadFile
MulDiv
FormatMessageW
WriteFile
GetCompressedFileSizeW
FormatMessageA
GetProcessHeap
WaitForSingleObject
GetCommState
HeapAlloc
GetFullPathNameW
FileTimeToLocalFileTime
GetCurrentDirectoryA
FindNextFileA
FindClose
FindFirstFileA
SetCurrentDirectoryA
FileTimeToSystemTime
GetModuleFileNameA
LockResource
RaiseException
MultiByteToWideChar
SizeofResource
WideCharToMultiByte
LoadResource
lstrlenA
FreeEnvironmentStringsW

user32

IsZoomed
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
SetRect
CharNextA
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
CreateWindowExA
RegisterClassA
DeferWindowPos
DefWindowProcA
PtInRect
SystemParametersInfoA
GetWindowRect
GetClassNameA
PostQuitMessage
InvalidateRgn
LoadMenuA
DestroyMenu
WinHelpA
SetFocus
GetActiveWindow
EqualRect
GetKeyState
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
SetActiveWindow
IsWindowVisible
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
GetClassInfoA
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
SetCapture
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
DestroyIcon
GetMenu
BringWindowToTop
PostMessageA
SetMenu
GetDesktopWindow
IsWindow
TranslateAcceleratorA
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowTextLengthA
GetWindowTextA
GetWindowThreadProcessId
ShowOwnedPopups
ValidateRect
GetCursorPos
GetMessageA
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
RegisterClipboardFormatA
GetSysColorBrush
LoadCursorA
InsertMenuA
GetMenuStringA
InflateRect
UnpackDDElParam
CopyAcceleratorTableA
GetMenuItemInfoA
CharUpperA
SetTimer
KillTimer
WindowFromPoint
GetLastActivePopup
IsWindowEnabled
GetDlgCtrlID
IsChild
IsIconic
AdjustWindowRectEx
GetDCEx
LockWindowUpdate
PostThreadMessageA
ReuseDDElParam
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringA
DrawTextExA
TabbedTextOutA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
EndPaint
DestroyWindow
SetWindowPlacement
GetWindowTextLengthW
GetMessageW
SendDlgItemMessageA
FillRect
DrawTextA
GetPropA
LoadStringA
GetParent
LoadIconA
RemovePropA
WaitForInputIdle
DrawIcon
CharPrevA
SendMessageA
BeginPaint
SetScrollRange
GetDC
TranslateMessage
GetWindowPlacement
GetCursorInfo
SetPropA
SetWindowLongA
MessageBoxA
InvalidateRect
CreateAcceleratorTableA
AppendMenuW
GetWindowLongA
GetWindowTextW
SetScrollPos
ReleaseDC
GetDlgItem
GetSysColor
ShowWindow
IsDlgButtonChecked
ScrollWindowEx
GetSystemMetrics
UpdateWindow
CallWindowProcA
DispatchMessageW
GetClientRect
EnableWindow
GetClassInfoExA

gdi32

GetBkColor
GetTextColor
CreateDCA
GetTextExtentPoint32A
GetCharWidthA
StretchDIBits
CreateRectRgnIndirect
SetRectRgn
GetMapMode
PatBlt
GetRgnBox
CreateCompatibleBitmap
GetTextMetricsA
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleWindowExtEx
GetPixel
SetWindowExtEx
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
CreateSolidBrush
GetObjectA
DeleteObject
IntersectClipRect
ExcludeClipRect
SetBkColor
RestoreDC
SaveDC
CreateBitmap
BitBlt
TranslateCharsetInfo
SetViewportOrgEx
SetTextColor
DeleteDC
CreateFontA
GetDeviceCaps
CreateFontIndirectA
CreatePalette
UnrealizeObject
SetBkMode
SelectObject
SelectClipRgn
CreateCompatibleDC
CombineRgn
SetMapMode
RealizePalette
CreateFontW
SelectPalette
CreateRectRgn
GetClipBox
Escape

comdlg32

GetOpenFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetValueExA
GetFileSecurityA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyA
RegDeleteValueA
SetFileSecurityA
RegCreateKeyExA
RegSetValueA
RegQueryValueA

shell32

ExtractIconA
ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetFileInfoA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

ole32

CoRevokeClassObject
CoInitializeEx
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
OleIsCurrentClipboard
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SysAllocString
DispCallFunc
VariantClear
VariantCopy
VariantInit
SysAllocStringLen
VariantChangeType
SysFreeString
LoadRegTypeLi
OleCreatePictureIndirect
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
SystemTimeToVariantTime
VariantTimeToSystemTime

msvfw32

ICSendMessage
ICOpen
ICClose
ICInfo

avifil32

AVIStreamInfoA
AVIFileExit
AVIFileGetStream
AVIFileInit
AVIStreamOpenFromFileA
AVIFileInfoA
AVIFileRelease
AVIFileOpenA

opengl32

glTexCoord2f
glBegin
glVertex3f
glLoadIdentity
glClear

imm32

ImmAssociateContext

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

SetupInitDefaultQueueCallbackEx
SetupDiDestroyDriverInfoList
SetupCommitFileQueueA
SetupOpenFileQueue
SetupCloseInfFile
SetupDiDestroyDeviceInfoList
SetupCloseFileQueue
SetupTermDefaultQueueCallback
SetupOpenInfFileA
SetupSetDirectoryIdA
SetupDefaultQueueCallbackA
SetupInstallFilesFromInfSectionA

wsnmp32

ord901
ord902
ord606
ord605

Sections

.text
Size: 338KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecf2d95b5bebdd91fb63a9e72e9f5783

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

msvfw32

avifil32

opengl32

imm32

oleacc

setupapi

wsnmp32

Sections

.text Size: 338KB - Virtual size: 337KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 117KB - Virtual size: 116KB

.text
Size: 338KB - Virtual size: 337KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 117KB - Virtual size: 116KB