219a5578fc365a32294daaa8f014f1da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

219a5578fc365a32294daaa8f014f1da_JaffaCakes118
Size

420KB
MD5

219a5578fc365a32294daaa8f014f1da
SHA1

e32f286fe1f45049353d1d1c955b6ff57522b2ef
SHA256

98c6ea70f1dee89bf38b257230b596c2df3730f305507dd2d4afd0f56cb2c4b9
SHA512

317060f09cfb0803eefe40d58ee048aa8c75d89dc8852f9b61802dea0d2bee94e8cba6a0800511306091235e12a6aa2206cd107dcf40a86bd835c977673dc43f
SSDEEP

6144:a3rbF0lLvVf0dvn++hKBn2gI6WY/wBRx8uJN:a4LvVcv++hKBnM6mJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
219a5578fc365a32294daaa8f014f1da_JaffaCakes118

Files

219a5578fc365a32294daaa8f014f1da_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed15f2ad3931f6f4212bc8559f4ac663

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyW
CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
SetupDiDestroyDeviceInfoList

shlwapi

PathFindExtensionW
PathFindFileNameW

kernel32

GetVolumeInformationW
GetFullPathNameW
GetFileSize
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetStartupInfoW
ExitProcess
RtlUnwind
HeapFree
HeapAlloc
CreateThread
ExitThread
RaiseException
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
SetEndOfFile
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
UnlockFile
FindResourceA
GlobalAddAtomA
GetProfileStringA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
QueryDosDeviceW
GetDriveTypeW
GetLogicalDriveStringsW
lstrcmpW
CreateEventW
CloseHandle
ResetEvent
WaitForSingleObject
SetEvent
GetOverlappedResult
WaitForMultipleObjects
ReadDirectoryChangesW
CreateFileW
lstrcmpiW
FindClose
FindNextFileW
FindFirstFileW
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileSizeEx
DeleteFileW
SetFileAttributesW
SetFileTime
GetLastError
CopyFileExW
GetTempFileNameW
GetTempPathW
MoveFileW
MoveFileExW
Sleep
GetFileTime
WriteFile
ReadFile
GetCPInfo
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
GetThreadLocale
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
WritePrivateProfileStringW
GlobalAlloc
lstrcmpA
lstrcmpiA
GetCurrentThread
FormatMessageW
LocalFree
lstrcpynW
GlobalGetAtomNameW
WideCharToMultiByte
lstrlenW
InterlockedDecrement
InterlockedIncrement
GlobalFree
GlobalLock
GlobalUnlock
MulDiv
SetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
MultiByteToWideChar
GetVersion
lstrcatW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcpyW
GetModuleHandleW
GetProcAddress
GetCurrentProcess
GetVersionExW
CreateDirectoryW
CopyFileW
FindResourceW
SizeofResource
LoadResource
LockResource
CreateMutexW
GetModuleFileNameW
ReleaseMutex
ExpandEnvironmentStringsW

user32

GetSysColorBrush
PtInRect
GetClassNameW
MapDialogRect
SetWindowContextHelpId
ValidateRect
ShowOwnedPopups
PostQuitMessage
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorW
LoadAcceleratorsW
SetRectEmpty
EndDialog
GetActiveWindow
CreateDialogIndirectParamW
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
LoadStringW
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
InflateRect
SetMenuItemBitmaps
LoadCursorW
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
GetTopWindow
IsChild
GetParent
GetCapture
WinHelpW
wsprintfW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
CharNextW
CopyAcceleratorTableW
SetRect
RegisterClipboardFormatW
CharUpperW
MessageBeep
GetNextDlgGroupItem
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
DrawFocusRect
GetClassInfoA
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
EnableWindow
AppendMenuW
PostThreadMessageW
PostMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
SetTimer
SendMessageW
MessageBoxW
LoadImageW
KillTimer
SetForegroundWindow
GetCursorPos
DeleteMenu
EnableMenuItem
CheckMenuItem
ModifyMenuW
RemovePropW
DefWindowProcW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
OffsetRect
IntersectRect
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
UpdateWindow
LoadMenuW
GetSubMenu
ShowWindow

gdi32

ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetWindowExtEx
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
PatBlt
GetMapMode
DPtoLP
GetTextColor
GetBkColor
LPtoDP
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
GetTextExtentPointA
BitBlt
CreateCompatibleDC
DeleteDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateDIBitmap
ExtTextOutA

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
FreeSid
EqualSid
RegCloseKey
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid

shell32

DragQueryFileW
DragFinish
ShellExecuteW
SHLoadNonloadedIconOverlayIdentifiers
SHGetSpecialFolderPathW
Shell_NotifyIconW
SHChangeNotify

comctl32

ord17

oledlg

OleUIBusyW

ole32

CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
OleInitialize

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysStringLen

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed15f2ad3931f6f4212bc8559f4ac663

Headers

File Characteristics

Imports

setupapi

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 48KB - Virtual size: 44KB

.data Size: 20KB - Virtual size: 1.3MB

.rsrc Size: 156KB - Virtual size: 188KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 48KB - Virtual size: 44KB

.data
Size: 20KB - Virtual size: 1.3MB

.rsrc
Size: 156KB - Virtual size: 188KB