09252007cdfbcd837746b15e9cdaee9e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09252007cdfbcd837746b15e9cdaee9e_JaffaCakes118
Size

276KB
MD5

09252007cdfbcd837746b15e9cdaee9e
SHA1

310ada99e63f50d8614920d2f22b5b430070149b
SHA256

97b1bf00b7ccf1d4463f250042284b1616a2deda291ed71c245ff377a51893a2
SHA512

1ce3ea170fb6e6b22e1c042d36de687f14570d3eb2b8951a60982fe18c17eb1991e5038ff84d84484d927cc329c6b979a8cdec5570a1e45623dbf402594c8576
SSDEEP

6144:7yPwchXP2J2VJgln/T3lYYUAb4LemNDkxdX:iXPXXkn/rbUAb2eAAxdX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09252007cdfbcd837746b15e9cdaee9e_JaffaCakes118

Files

09252007cdfbcd837746b15e9cdaee9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3e507309769bc41a0631c6ed7394b31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

mpr

WNetGetUserW

kernel32

LoadLibraryA
ExpandEnvironmentStringsA
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentThreadId
LocalFree
GetLogicalDriveStringsW
MoveFileW
GetTempFileNameW
SetErrorMode
GetCurrentProcessId
GetVersion
GetCurrentThread
lstrcpynA
lstrlenA
GetFullPathNameA
GetFileAttributesA
lstrcpynW
lstrlenW
GetFileAttributesW
LoadLibraryW
GetLocalTime
GetSystemInfo
GetModuleHandleW
GetVersionExW
LoadResource
FindResourceW
InitializeCriticalSection
MultiByteToWideChar
CreateEventW
FreeLibrary
GetTickCount
GlobalAlloc
GetWindowsDirectoryW
Sleep
GetTempPathW
GetModuleFileNameW
GetLastError
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
GetProcAddress

user32

SetWindowRgn
IsWindow
wsprintfW
LoadImageW
PeekMessageW
GetIconInfo
LoadBitmapW
GetMenuItemID
GetMenuItemCount
SetForegroundWindow
GetSubMenu
LoadMenuW
GetDesktopWindow
SetWindowPos
GetCursorPos
GetActiveWindow
OffsetRect
AppendMenuW
CreatePopupMenu
GetSysColor
SetTimer
DestroyCursor
LoadCursorW
DestroyIcon
CheckMenuItem
LoadIconW
EmptyClipboard
InvalidateRect
SetCapture
OpenClipboard
DestroyMenu
SendMessageW
GetFocus
SetCursor
EnableMenuItem
GetSystemMetrics
RemoveMenu
GetAsyncKeyState
GetClassInfoW
PostMessageW
EnableWindow
RegisterWindowMessageW
RegisterClassW
GetTopWindow
CreateDesktopA
CharLowerW
PeekMessageA
MessageBoxIndirectW
IsChild
CreateDialogParamA
FindWindowW
CharPrevA
RegisterWindowMessageA
CharNextA
MessageBoxA
EndMenu
SetDlgItemInt
mouse_event
SetFocus
keybd_event
RegisterClassExW
GetMenuItemRect
PostMessageA
InsertMenuA
CreateDialogIndirectParamA
IsIconic
ShowWindow
GetMenuStringW
SetWindowTextW
GetClassInfoExW
GetClassInfoA
ActivateKeyboardLayout
CharPrevW
SetDlgItemTextA

gdi32

CreateRectRgn
CreateDIBSection
DeleteObject
CreateBitmap
CreateCompatibleDC
CreatePen
CreateSolidBrush
CreateFontIndirectW
CreateFontIndirectExA
ExtCreateRegion
AddFontResourceA
SetMetaFileBitsEx
GetRasterizerCaps
CreateFontIndirectA
CreateColorSpaceA

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
SetThreadToken
DuplicateToken
LookupAccountSidW
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
DuplicateTokenEx
GetSidSubAuthority
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RevertToSelf
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken
RegDeleteKeyW
RegDeleteKeyA
RegOpenKeyW
RegCreateKeyW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
LookupPrivilegeValueW
ImpersonateSelf

shell32

SHGetDesktopFolder
ShellExecuteW
ShellExecuteExW

query

DoneCIISAPIPerformanceData

duser

MapGadgetPoints
DUserInstanceOf
DUserRegisterGuts
InitGadgetComponent
UnregisterGadgetMessageString
DUserCastDirect
SetGadgetFocus
IsStartDelete
GetGadgetScale
DUserBuildGadget
SetGadgetCenterPoint
RegisterGadgetMessageString
DUserSendMethod
FindStdColor
GetStdColorBrushF
RemoveGadgetProperty
GetGadgetRotation
SetGadgetProperty

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Lli
Size: 5KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 108KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TBcmE
Size: 3KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 105KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3e507309769bc41a0631c6ed7394b31

Headers

File Characteristics

Imports

comctl32

mpr

kernel32

user32

gdi32

comdlg32

advapi32

shell32

query

duser

Sections

.text Size: 6KB - Virtual size: 5KB

.text Size: 14KB - Virtual size: 16KB

.Lli Size: 5KB - Virtual size: 336KB

.rdata Size: 5KB - Virtual size: 20KB

.edata Size: 108KB - Virtual size: 122KB

.TBcmE Size: 3KB - Virtual size: 191KB

.data Size: 6KB - Virtual size: 237KB

.edata Size: 105KB - Virtual size: 202KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 6KB - Virtual size: 5KB

.text
Size: 14KB - Virtual size: 16KB

.Lli
Size: 5KB - Virtual size: 336KB

.rdata
Size: 5KB - Virtual size: 20KB

.edata
Size: 108KB - Virtual size: 122KB

.TBcmE
Size: 3KB - Virtual size: 191KB

.data
Size: 6KB - Virtual size: 237KB

.edata
Size: 105KB - Virtual size: 202KB

.rsrc
Size: 22KB - Virtual size: 21KB