16723e985b05eb2203eb4ce184d58a99_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16723e985b05eb2203eb4ce184d58a99_JaffaCakes118
Size

289KB
MD5

16723e985b05eb2203eb4ce184d58a99
SHA1

38abe0d086f795b413658523b654d21faf8ae74c
SHA256

9e67f71838e00cd8a307e8451e2551182f41bfd404d79692abc5bc631e2309b4
SHA512

d042446f06ca750b478da9b05e0ecb5d305a4717f38f2b2090e0ccad2aa5cfe9aecc3edd9377fa4f2f25816e3610321a871212d24f6062f4f3ffea235462da0e
SSDEEP

6144:8E6PWPRrcshaZVUAQl8kjKON+HqlBp8uE7KD2d:8E6PKZlRdsqBp8uE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16723e985b05eb2203eb4ce184d58a99_JaffaCakes118

Files

16723e985b05eb2203eb4ce184d58a99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98b659ce28ee81d92de89f421c27c9ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PrintDlgW
GetFileTitleW

advapi32

RegEnumKeyW
RegQueryValueW
ConvertStringSDToSDRootDomainW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW

wininet

HttpOpenRequestW
InternetReadFile
InternetOpenW
InternetGetLastResponseInfoW
InternetConnectW
InternetCloseHandle

ole32

CoTaskMemAlloc
CoRevokeClassObject
CoTaskMemFree
CoInitializeEx
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CreateILockBytesOnHGlobal
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterChannelHook

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW

user32

SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
SetRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyAcceleratorTableW
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
SystemParametersInfoA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
ClientToScreen
CheckMenuItem
mouse_event
GetWindowRect
BeginPaint
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx

oledlg

OleUIBusyW

shell32

ShellExecuteW
SHGetFolderPathW

kernel32

lstrlenA
lstrcmpW
lstrcmpA
WritePrivateProfileStringW
WriteFile
WriteConsoleA
WideCharToMultiByte
VirtualQuery
VirtualFree
VirtualAlloc
UnlockFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetHandleCount
SetFilePointer
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
MulDiv
LockResource
LockFile
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsDebuggerPresent
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindFirstFileW
FindClose
FileTimeToSystemTime
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
CompareStringW
CloseHandle
CompareStringA

oleaut32

VariantCopy
SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
OleCreateFontIndirect
VariantClear
VariantChangeType

comctl32

InitCommonControlsEx

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

gdi32

StretchBlt
SetWindowExtEx
SetViewportOrgEx
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
ScaleWindowExtEx
ScaleViewportExtEx
SaveDC
TextOutW
RectVisible
PtVisible
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetRgnBox
GetObjectW
GetMapMode
GetDeviceCaps
GetClipBox
GetCharABCWidthsFloatW
GetBkColor
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateCompatibleDC
RestoreDC

Exports

Exports

DeleteConfigFiles

Sections

.text
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98b659ce28ee81d92de89f421c27c9ad

Headers

File Characteristics

Imports

comdlg32

advapi32

wininet

ole32

shlwapi

user32

oledlg

shell32

kernel32

oleaut32

comctl32

winspool.drv

gdi32

Exports

Exports

Sections

.text Size: 102KB - Virtual size: 104KB

.rdata Size: 141KB - Virtual size: 144KB

.data Size: 13KB - Virtual size: 108KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 23KB - Virtual size: 24KB

.text
Size: 102KB - Virtual size: 104KB

.rdata
Size: 141KB - Virtual size: 144KB

.data
Size: 13KB - Virtual size: 108KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 23KB - Virtual size: 24KB