0f33202ca677bd4d564e9b48576d3b2d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f33202ca677bd4d564e9b48576d3b2d_JaffaCakes118
Size

348KB
MD5

0f33202ca677bd4d564e9b48576d3b2d
SHA1

586ea2e1daf36f2ae6052d9ec7d7716b64f111f7
SHA256

e44f5dcff7f6096e4244ff6175cd0eb22f3b6a244ff872b3ce5829a8f9cca35f
SHA512

2959f5f7a3d7d872fdd205d62c64fb62067c91ea3cef7ffdbe9bf68123c6eeb563b1f903c6974e0e83c5abb721c63de53be595d6b87adeb8ae096e225818e50a
SSDEEP

6144:YfxHT79YwwGbLACI8IIr2hYc9kSpER5Uuw+XLLXmJ9:Yfl9bIQKac9k/5UuVL2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f33202ca677bd4d564e9b48576d3b2d_JaffaCakes118

Files

0f33202ca677bd4d564e9b48576d3b2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

596acaed4520864a38207c4019435632

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoRevokeClassObject
CLSIDFromProgID
StgOpenStorageOnILockBytes
StringFromCLSID
CoLockObjectExternal
CoRegisterMessageFilter
OleUninitialize
OleIsCurrentClipboard
CoTaskMemFree
OleRun
OleSave
OleCreateLinkFromData
OleLoad
OleSaveToStream
RegisterDragDrop
OleGetClipboard
CreateFileMoniker
OleFlushClipboard
OleCreateFromFile
DoDragDrop
CLSIDFromString
OleSetMenuDescriptor
CoCreateInstance
RevokeDragDrop
CreateStreamOnHGlobal
OleCreateLinkToFile
OleCreate
CreateGenericComposite
CoInitializeEx
OleGetIconOfClass
CreateBindCtx
StgCreateDocfileOnILockBytes
OleCreateFromData
CoUninitialize
OleSetClipboard
ReleaseStgMedium
CoTaskMemAlloc
CoGetClassObject
CreateILockBytesOnHGlobal
WriteClassStg
OleDuplicateData
CoFreeUnusedLibraries
OleInitialize

oleaut32

LoadTypeLi

gdi32

BitBlt
ExtFloodFill
CreateRectRgnIndirect
SetBkColor
SetBkMode
SetViewportOrgEx
RectVisible
CreateEllipticRgn
GetPixel
StartPage
CreatePatternBrush
SetROP2
GetClipBox
CreateDIBSection
PtVisible
SetPixel
StartDocW
GetTextMetricsW
RestoreDC
CreateDCW
SetStretchBltMode
EnumFontFamiliesExW
GetObjectW
SetTextColor
CreateRectRgn
GetDeviceCaps
ScaleWindowExtEx
SelectClipRgn
CreateBrushIndirect
ScaleViewportExtEx
SetAbortProc
EndPage
IntersectClipRect
DeleteEnhMetaFile
MoveToEx
RectInRegion
TextOutW
PatBlt
GetStockObject
GetDIBits
ExtCreatePen
RoundRect
GetTextColor
SelectPalette
CreatePolygonRgn
DeleteDC
CreatePen
Arc
EndDoc
PtInRegion
SetWindowOrgEx
SetWindowExtEx
GetTextExtentPoint32W
GetTextMetricsA
ExtSelectClipRgn
CreatePalette
SetViewportExtEx
CreateCompatibleDC
AbortDoc
LineTo
Polygon
SelectObject
DeleteObject
StretchDIBits
RealizePalette
Escape
CreateSolidBrush
SaveDC
CreateCompatibleBitmap
Rectangle
CombineRgn
SetMapMode
CreateFontIndirectW
GetBkColor

kernel32

LCMapStringW
GetLastError
LCMapStringA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
GetFileType
IsDebuggerPresent
VirtualFree
GetProcessHeap
GetStartupInfoW
GetCurrentProcessId
GetModuleFileNameW
WriteConsoleA
TlsSetValue
GetCommandLineW
GetCPInfo
HeapCreate
SetEnvironmentVariableA
InterlockedDecrement
ReadFile
GetModuleHandleA
GetTickCount
IsValidLocale
GetCommandLineA
TlsFree
TlsAlloc
EnterCriticalSection
WriteConsoleW
GetModuleHandleW
FreeEnvironmentStringsA
FreeLibrary
SetConsoleCtrlHandler
SetFilePointer
CloseHandle
CompareStringW
IsValidCodePage
CompareStringA
QueryPerformanceCounter
SetUnhandledExceptionFilter
InitializeCriticalSection
GetDateFormatA
SetStdHandle
RaiseException
GetVersionExA
MultiByteToWideChar
HeapSize
GetEnvironmentStrings
InterlockedIncrement
GetCurrentThreadId
GetStdHandle
VirtualAlloc
GetACP
GetTimeFormatA
ExitProcess
SetLastError
GetLocaleInfoW
GetConsoleOutputCP
TlsGetValue
WriteFile
GetConsoleCP
InterlockedExchange
GetTimeZoneInformation
LoadLibraryA
TerminateProcess
GetConsoleMode
GetModuleFileNameA
LeaveCriticalSection
GetCurrentThread
DeleteCriticalSection
FatalAppExitA
UnhandledExceptionFilter
CreateMutexW
GetOEMCP
VirtualQuery
CreateFileA
FlushFileBuffers
GetStringTypeA
RtlUnwind
HeapDestroy
GetSystemTimeAsFileTime
HeapAlloc
WideCharToMultiByte
HeapFree
HeapReAlloc
GetStartupInfoA
Sleep
GetStringTypeW
SetHandleCount
GetCurrentProcess
GetUserDefaultLCID
GetLocaleInfoA

comctl32

ImageList_DragMove
ord17
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_AddMasked

user32

PtInRect
UnhookWindowsHookEx
GetWindowThreadProcessId
CreatePopupMenu
SetWindowRgn
MessageBoxW
IntersectRect
SetCapture
SetWindowLongW
TranslateMDISysAccel
TrackPopupMenuEx
CheckMenuItem
SetForegroundWindow
SetWindowPos
GetClipboardData
FindWindowW
GetCursorPos
InflateRect
RegisterClassExW
IsChild
GetFocus
TranslateMessage
DefWindowProcW
CreateWindowExW
SetDlgItemInt
DrawEdge
SetWindowTextW
GetMenuItemCount
InvalidateRect
CloseClipboard
WindowFromPoint
LoadImageW
DestroyWindow
DispatchMessageW
MoveWindow
PostQuitMessage
ShowWindow
BringWindowToTop
RegisterClassW

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
SHChangeNotify

comdlg32

GetSaveFileNameW
PageSetupDlgA

advapi32

DuplicateTokenEx
SetTokenInformation
RegOpenKeyExA
RegDeleteKeyA
SetSecurityDescriptorDacl
GetSidLengthRequired
RegDeleteValueA
CreateProcessAsUserA
RegSetValueA
RegSetValueExA
RegQueryInfoKeyA
ConvertStringSidToSidA
RegCloseKey
RegEnumKeyExA
RegCreateKeyA
OpenProcessToken
RegCreateKeyExA
RegQueryValueExA

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

596acaed4520864a38207c4019435632

Headers

File Characteristics

Imports

ole32

oleaut32

gdi32

kernel32

comctl32

user32

shell32

comdlg32

advapi32

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 60KB - Virtual size: 77KB

.rsrc Size: 80KB - Virtual size: 77KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 60KB - Virtual size: 77KB

.rsrc
Size: 80KB - Virtual size: 77KB