000f682b732337e93a69ff5d48afbe76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

000f682b732337e93a69ff5d48afbe76_JaffaCakes118
Size

744KB
MD5

000f682b732337e93a69ff5d48afbe76
SHA1

55bef6f00b62f7983524507a295cef8c931e6b9d
SHA256

e41379acb24b60466e66d692a000ad8cd17c8c3f10af61da268f5cb08b6a5b65
SHA512

919bc9537ca7aa86e35116daea465bf82920c4793a48e85e2bdce70e7b917f45eea53ddbf2e29f943e16e7d5e3cecacb0edc057bcfccd2d3b78c82dc5ae8f4c0
SSDEEP

12288:4UqCdFSCs+8GHfgP+OZ9eCz0Xq1cSRzeNxRtQ5HYoUKmKdNfbXooROpgA:4lC//T/rOZ9eCYXSRzeNxY5HXUKmKdNg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000f682b732337e93a69ff5d48afbe76_JaffaCakes118

Files

000f682b732337e93a69ff5d48afbe76_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6b6372767aedc49f90dd48e503714b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup

kernel32

GetTimeFormatW
GetStartupInfoA
GetLastError
GetConsoleOutputCP
GetConsoleMode
LocalFree
TerminateThread
InterlockedIncrement
TlsFree
HeapCreate
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
GetStdHandle
GetTickCount
FindClose
LockResource
SetFilePointer
EnumSystemLocalesA
CreateMutexW
VirtualQuery
GetVersionExA
HeapReAlloc
GetModuleHandleA
InitializeCriticalSection
GlobalAlloc
VirtualAlloc
GetCurrentDirectoryA
OutputDebugStringA
HeapSize
CreateFileW
GetEnvironmentStrings
GetProcessHeap
ResumeThread
FormatMessageW
GetCommandLineA
GetSystemInfo
GetCommandLineW
GetModuleFileNameW
SizeofResource
FileTimeToSystemTime
FileTimeToLocalFileTime
InterlockedExchange
GetFileType
DuplicateHandle
WriteConsoleA
ExpandEnvironmentStringsA
SetUnhandledExceptionFilter
InterlockedCompareExchange
TlsGetValue
WriteConsoleW
SetEnvironmentVariableW
ExitProcess
GetSystemDirectoryW
DeleteFileW
GlobalUnlock
UnlockFile
WriteFile
LocalAlloc
LoadLibraryA
GlobalReAlloc
GetThreadLocale
TlsSetValue
GetEnvironmentStringsW
GetLocaleInfoW
CreateEventW
GetOEMCP
UnhandledExceptionFilter
GetTempPathW
GetCurrentThreadId
TlsAlloc
GlobalFlags
GetLocaleInfoA
GetLocalTime
CopyFileW
GetStringTypeA
SetErrorMode
LocalReAlloc
CreateProcessW
GetFileSize
GetCurrentProcess
GetDriveTypeA
SetEnvironmentVariableA
GetExitCodeProcess
GlobalLock
GetCPInfo
LoadLibraryW
GetModuleFileNameA
GetFileAttributesW
lstrcpynW
RtlUnwind
GetModuleHandleW
GetFileTime
IsBadReadPtr
GetTempFileNameW
HeapAlloc
GetVersion
LocalFileTimeToFileTime
SetHandleCount
SetLastError
UnmapViewOfFile
SetFileAttributesW
lstrlenW
GetTimeZoneInformation
GetVersionExW
Sleep
FindFirstFileW
FreeEnvironmentStringsA
InterlockedDecrement
FreeEnvironmentStringsW
FindNextFileA
LCMapStringA
LCMapStringW
GetFileAttributesA
GetDateFormatW
CompareStringA
WideCharToMultiByte
FreeLibrary
CloseHandle
lstrcmpiW
DeviceIoControl
GetTimeFormatA
GetStartupInfoW
SetStdHandle
SetThreadPriority
GetUserDefaultLCID
GetStringTypeW
RaiseException
GetConsoleCP
CreateDirectoryA
CreateThread
CreateMutexA
GetSystemTimeAsFileTime
GlobalDeleteAtom
MultiByteToWideChar
WaitForSingleObject
CreateProcessA
ReadFile
GlobalFree
GlobalHandle
IsDebuggerPresent
HeapDestroy
GlobalSize
LockFile
DeleteCriticalSection
GetFullPathNameW
CreateFileA
IsValidCodePage
MoveFileW
IsBadWritePtr
ExitThread
TerminateProcess
FindNextFileW
lstrlenA
SetEndOfFile
LoadResource
FlushFileBuffers
GetCurrentThread
lstrcmpiA
GetProcAddress
LeaveCriticalSection
SetEvent
EnterCriticalSection
MulDiv
GetDateFormatA
GetACP
CreateDirectoryW
CompareStringW
HeapFree

advapi32

RegCreateKeyA
SetFileSecurityA
RegDeleteValueA
RegSetValueA
RegQueryValueExA
GetFileSecurityA

ole32

StgCreateDocfileOnILockBytes
CoTaskMemAlloc
CreateStreamOnHGlobal
OleCreateLinkFromData
OleSetClipboard
OleRun
OleIsRunning
StringFromCLSID
WriteClassStm
StgIsStorageFile
OleCreateFromData
CreateFileMoniker
CLSIDFromString
CoRegisterMessageFilter
GetHGlobalFromILockBytes
OleRegGetUserType
OleUninitialize
StgOpenStorage
OleCreateLinkToFile
CLSIDFromProgID
CreateBindCtx
OleQueryCreateFromData
CreateILockBytesOnHGlobal
CoLockObjectExternal
CreateItemMoniker
OleIsCurrentClipboard
CoGetClassObject
CoFreeUnusedLibraries
OleLockRunning
OleDuplicateData
OleSave
OleCreateFromFile
OleQueryLinkFromData
CoCreateInstance
OleCreateStaticFromData
CreateDataAdviseHolder
OleSetMenuDescriptor
GetRunningObjectTable
StgOpenStorageOnILockBytes
OleCreate
CreateGenericComposite
CoGetMalloc
DoDragDrop
CoRevokeClassObject
CoTaskMemFree
OleGetIconOfClass
OleFlushClipboard

comdlg32

PrintDlgW
GetSaveFileNameW

shell32

ord155
ShellExecuteA
SHEmptyRecycleBinA
SHGetSpecialFolderPathA
ShellExecuteExA

oleaut32

LoadTypeLi

gdi32

CreateRoundRectRgn
LineTo
SetStretchBltMode
DeleteDC
ExtTextOutA
RealizePalette
MoveToEx
GetObjectType
GetClipBox
SetROP2
EnumFontFamiliesA
PatBlt
CreateCompatibleDC
SetRectRgn
SetDIBColorTable
GetTextExtentPoint32A
CreateDIBitmap
IntersectClipRect
SetPixelV
OffsetRgn
GetDIBits

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_GetIconSize
ImageList_DrawEx
ImageList_GetIcon
PropertySheetW
ord17
ImageList_Create
ImageList_Remove
CreatePropertySheetPageW
ImageList_Destroy
_TrackMouseEvent
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_ReplaceIcon
DestroyPropertySheetPage
ImageList_AddMasked

user32

GetClientRect
SetCaretPos
GetParent
SetDlgItemTextA
GetScrollPos
PostMessageA
SendMessageA
LoadBitmapA
ScreenToClient
RegisterClassExA
LoadCursorA
UpdateWindow
RegisterClassA
GetDC
EmptyClipboard
DrawTextExA
LoadIconA
CreateMenu
GetMenuItemCount
GetWindowTextLengthA
ExitWindowsEx
GetMessagePos
GetNextDlgTabItem
DispatchMessageA
CharUpperA
LoadStringA
RegisterWindowMessageA
IntersectRect
SendDlgItemMessageA
DefWindowProcA
DrawFrameControl
SystemParametersInfoA
ExcludeUpdateRgn
GetDesktopWindow

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6b6372767aedc49f90dd48e503714b3

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

ole32

comdlg32

shell32

oleaut32

gdi32

comctl32

user32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 476KB - Virtual size: 473KB

.data Size: 100KB - Virtual size: 96KB

.rsrc Size: 48KB - Virtual size: 44KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 476KB - Virtual size: 473KB

.data
Size: 100KB - Virtual size: 96KB

.rsrc
Size: 48KB - Virtual size: 44KB