7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118
Size

652KB
MD5

7625b18518f0ff9b42b4d95b93cc5d82
SHA1

2ac608221610e1e3bbdf28a60ac9cac798604798
SHA256

82fd827a828f7eb4c9683707910a8f4d135c7f2107c33dd94196a09a92e31898
SHA512

2bd93eaa1f8835496919d9b5f0cec0e1c0bd63f7d58b59a92778af721cc9005b741ae99426232232bc5d141cd11f9b9d7574c90d7904a3b595c15043df7ea2ba
SSDEEP

6144:M1kldizdOT/pS0MIt7YRU6f5+StXzXYbnnuCYUvaJqqjbGdIBJxmA++j90TTofwz:VplfofXYbjYUvaVaCn++O4ZV4o6L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118

Files

7625b18518f0ff9b42b4d95b93cc5d82_JaffaCakes118
.exe windows:4 windows x86 arch:x86

618a93df816f43670858378581269bb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\User\Desktop\2005\DlgSmpl\WinRel\DlgSmpl.pdb

Imports

kernel32

TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetAtomNameA
FindResourceExA
SetErrorMode
RtlUnwind
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
ExitThread
CreateThread
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
LocalReAlloc
LCMapStringA
LCMapStringW
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
InterlockedDecrement
GetModuleFileNameW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
VirtualProtect
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetModuleHandleA
GetFileAttributesA
FindResourceA
LoadResource
SizeofResource
GetStringTypeExW
GetStringTypeExA
GetEnvironmentVariableW
GetEnvironmentVariableA
lstrlenA
lstrcmpiW
lstrcmpiA
CompareStringW
CompareStringA
lstrlenW
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
LockResource
GetModuleHandleW
LoadLibraryW
GetACP
GetProcAddress

user32

GrayStringA
GetWindowDC
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorA
DestroyIcon
GetDialogBaseUnits
InflateRect
GetMenuItemInfoA
GetKeyNameTextA
MapVirtualKeyA
UnionRect
GetDCEx
LockWindowUpdate
SetCapture
UnregisterClassA
IsRectEmpty
WindowFromPoint
KillTimer
SetTimer
ClientToScreen
SetRect
GetDC
ReleaseDC
IsZoomed
GetAsyncKeyState
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
DrawTextExA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
BeginDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetClientRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
CopyRect
GetScrollInfo
SetScrollInfo
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SendMessageA
EnableWindow
GetWindowRect
MapDialogRect
CharLowerA
CharLowerW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDesktopWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
DrawTextA
TabbedTextOutA
FillRect
GetMenuStringA
InsertMenuA
RemoveMenu
SetParent
GetSystemMenu
AppendMenuA
SetFocus
DeleteMenu
CharUpperA
CharUpperW
IsWindowVisible
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
PostMessageA
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
EndDeferWindowPos

gdi32

ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
TextOutA
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
EnumFontFamiliesExA
RectVisible
SetMapperFlags
PtVisible
StartDocA
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
GetStockObject
CreateBitmap
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CopyMetaFileA
GetBkColor
StretchDIBits
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
GetDeviceCaps
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetArcDirection

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA

shell32

DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragFinish

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
CoTaskMemAlloc
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
OleDuplicateData
CoDisconnectObject
CoCreateInstance
StringFromGUID2
CLSIDFromString
ReadFmtUserTypeStg

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VariantTimeToSystemTime
SystemTimeToVariantTime
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Sections

.text
Size: 428KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

618a93df816f43670858378581269bb3

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 428KB - Virtual size: 424KB

.rdata Size: 104KB - Virtual size: 101KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 104KB - Virtual size: 101KB

.text
Size: 428KB - Virtual size: 424KB

.rdata
Size: 104KB - Virtual size: 101KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 104KB - Virtual size: 101KB