103c6f958d67c1ea94be22cbe9266630_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

103c6f958d67c1ea94be22cbe9266630_JaffaCakes118
Size

277KB
MD5

103c6f958d67c1ea94be22cbe9266630
SHA1

8c8cfee4c5e4e2a41f316ca931b78da5171691d1
SHA256

bae55455449f4bcdc2f618e7739e3e235f46a6b0dc4132eb213ac46641170427
SHA512

1490d26f6c4e020a1a81e0d0d3033c0e6f56972006fc84c39e91f14e3c1eac1ce9e9704f34a94541e7d6c1f2bb5dfe892db2988f29d65de3e437b7844b475cba
SSDEEP

6144:T1TnDzopfUxko17BX/ECry0Eya7dSYl0Od/P+9:T1TDeo59EgUgYl08+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
103c6f958d67c1ea94be22cbe9266630_JaffaCakes118

Files

103c6f958d67c1ea94be22cbe9266630_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c57f5dd0091bc33bcaddd2a624fbf86d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetClipRgn
TextOutW
GetObjectW
CreateSolidBrush
ExtTextOutW
Polygon
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentExPointW
GetObjectType
CreateRectRgnIndirect
GetStockObject
RoundRect
CreatePen
SetROP2
GetBkColor
PtInRegion
SetBkColor
ExtCreatePen
SelectClipRgn
BitBlt
SelectObject
CombineRgn
GetTextMetricsW
GetDeviceCaps
SetViewportOrgEx
SetTextColor
SetTextAlign
DeleteDC
CreateRectRgn
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject

shlwapi

PathSetDlgItemPathW
PathAppendW
StrChrW
StrRetToStrW
PathCompactPathExW
PathAddExtensionW
PathRemoveFileSpecW
ColorAdjustLuma

user32

GetSystemMetrics
TabbedTextOutW
SendMessageW
LoadImageW
DrawIconEx
SetCapture
EmptyClipboard
CharUpperBuffW
GetNextDlgTabItem
LoadCursorW
GetDC
RegisterWindowMessageW
IsWindow
GetTopWindow
MoveWindow
GetSysColor
SetCursor
GetTabbedTextExtentW
GetFocus
GetClassNameW
GetWindowTextLengthW
PostQuitMessage
InflateRect
SetWindowTextW
SetRectEmpty
ReleaseDC
IsDialogMessageW
GetSystemMenu
GetWindowThreadProcessId
InvalidateRect
GetClassInfoExW
GetWindowRect
ScreenToClient
LoadBitmapW
GetDlgCtrlID
SetForegroundWindow
IsRectEmpty
IsIconic
PostMessageW
MessageBoxW
SetMenuDefaultItem
PtInRect
ReleaseCapture
EndDialog
RedrawWindow
DefWindowProcW
DrawTextW
CallWindowProcW
UpdateWindow
SetFocus
ShowWindow
GetActiveWindow
AttachThreadInput
OpenClipboard
SetClipboardData
EndPaint
DispatchMessageW
DrawStateW
DestroyIcon
SystemParametersInfoW
GetWindowDC
SendInput
SetWindowsHookExW
GetClientRect
GetCursorPos
AppendMenuW
GetWindowTextW
RegisterClassW
IsWindowVisible
BeginPaint
GetClassInfoW
FlashWindow
GetGUIThreadInfo
IsWindowEnabled
DialogBoxParamW
GetForegroundWindow
CopyRect
CharNextW
MapWindowPoints
GetMessageW
PostThreadMessageW
SetWindowLongW
TranslateMessage
CloseClipboard
SetWindowPlacement
DestroyWindow
SetParent
GetDesktopWindow
KillTimer
SetTimer
EnableWindow
GetKeyState
GetWindowPlacement
SetWindowPos
GetWindow
GetParent
GetWindowLongW
UnhookWindowsHookEx
UnregisterClassA
CallNextHookEx
ExitWindowsEx
PeekMessageW
CreateWindowExW
GetCapture
MapDialogRect
SetDlgItemTextW
RegisterClassExW
FindWindowExW
CreateDialogParamW
GetDlgItem
IsCharAlphaNumericW
DrawFocusRect
OffsetRect

comctl32

ImageList_ReplaceIcon
ImageList_Create
ImageList_Draw
ImageList_GetIcon
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Destroy
_TrackMouseEvent

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
SHGetMalloc
SHGetDesktopFolder

msimg32

AlphaBlend
TransparentBlt
GradientFill

userenv

UnloadUserProfile

oleaut32

VariantCopyInd
VariantTimeToSystemTime
VariantClear
VarBstrCmp
LoadRegTypeLi
SafeArrayGetLBound
SafeArrayUnaccessData
GetErrorInfo
LoadTypeLi
SysStringByteLen
SystemTimeToVariantTime
SysStringLen
DispCallFunc
VariantInit
SafeArrayCopy
SafeArrayUnlock
SafeArrayAccessData
SysAllocStringByteLen
SysAllocString
SafeArrayRedim
SafeArrayCreate
SysFreeString
SafeArrayLock
SafeArrayGetDim
SysAllocStringLen
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayDestroy

advapi32

RegQueryValueExW
RegOpenKeyExA
RegOpenKeyExW
AdjustTokenPrivileges
RegCreateKeyExW
RegNotifyChangeKeyValue
RegCloseKey
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegQueryValueExA

kernel32

GetNumberFormatW
HeapSize
HeapFree
SizeofResource
RaiseException
LocalAlloc
GetCurrentThreadId
WaitForSingleObject
GlobalUnlock
TerminateThread
LeaveCriticalSection
DeleteFileW
lstrcpyW
VirtualAlloc
EnterCriticalSection
IsDebuggerPresent
OpenEventW
GetDateFormatW
DeleteCriticalSection
WaitForMultipleObjects
FindResourceW
FindResourceExW
SetLastError
lstrcpynW
GetDriveTypeW
LoadResource
LocalFree
lstrcmpW
GlobalAlloc
UnhandledExceptionFilter
CloseHandle
FindFirstFileW
GlobalFree
GetCommandLineW
FreeLibrary
GetUserDefaultLangID
HeapReAlloc
FlushInstructionCache
CreateWaitableTimerW
SetUnhandledExceptionFilter
CreateThread
ResumeThread
GetThreadLocale
GetACP
GetProcessHeap
FormatMessageW
LoadLibraryExW
ExpandEnvironmentStringsA
HeapDestroy
CreateEventW
lstrlenW
IsProcessorFeaturePresent
MulDiv
lstrlenA
FatalAppExitW
LockResource
GetSystemTimeAsFileTime
SetWaitableTimer
FindClose
GetTimeFormatW
WideCharToMultiByte
FindNextFileW
GetUserDefaultLCID
VirtualFree
lstrcmpiW
HeapAlloc
GetModuleHandleW
GlobalLock
GetTimeFormatA
GetModuleHandleA

ole32

CLSIDFromString
CoInitialize
CreateStreamOnHGlobal
CoRegisterClassObject
OleRun
CoUninitialize
CoResumeClassObjects
CLSIDFromProgID
CoCreateInstance
CoRevokeClassObject
StringFromGUID2
CoInitializeSecurity

dbghelp

ImageRvaToSection
GetTimestampForLoadedLibrary
SymGetModuleInfo64
ImageNtHeader
SymLoadModuleEx
FindFileInPath
SymGetModuleInfo
SymInitialize

iedkcs32

CloseRASConnections

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Uklks
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XYoPb
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KDSy
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NJacjN
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.TeiWDy
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eKJTS
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yqEN
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.koVO
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zXrek
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c57f5dd0091bc33bcaddd2a624fbf86d

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shlwapi

user32

comctl32

shell32

msimg32

userenv

oleaut32

advapi32

kernel32

ole32

dbghelp

iedkcs32

Sections

.text Size: 89KB - Virtual size: 89KB

.Uklks Size: 3KB - Virtual size: 2KB

.XYoPb Size: 4KB - Virtual size: 4KB

.KDSy Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 156KB

.rdata Size: 140KB - Virtual size: 140KB

.NJacjN Size: 2KB - Virtual size: 2KB

.TeiWDy Size: 4KB - Virtual size: 4KB

.rsrc Size: 17KB - Virtual size: 17KB

.eKJTS Size: 1KB - Virtual size: 1KB

.yqEN Size: 512B - Virtual size: 428B

.koVO Size: 512B - Virtual size: 502B

.zXrek Size: 2KB - Virtual size: 1KB

.text
Size: 89KB - Virtual size: 89KB

.Uklks
Size: 3KB - Virtual size: 2KB

.XYoPb
Size: 4KB - Virtual size: 4KB

.KDSy
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 156KB

.rdata
Size: 140KB - Virtual size: 140KB

.NJacjN
Size: 2KB - Virtual size: 2KB

.TeiWDy
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 17KB - Virtual size: 17KB

.eKJTS
Size: 1KB - Virtual size: 1KB

.yqEN
Size: 512B - Virtual size: 428B

.koVO
Size: 512B - Virtual size: 502B

.zXrek
Size: 2KB - Virtual size: 1KB