237a5948ffff03ab36268397a84722fb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

237a5948ffff03ab36268397a84722fb_JaffaCakes118
Size

412KB
MD5

237a5948ffff03ab36268397a84722fb
SHA1

4b39a0a451723d399621ed30856e2cad5dd4dc99
SHA256

26a01f10e5d6c8c93e446c4df8a5d4e68102508eb78ee52d798cc76a2ec6f123
SHA512

6acc66e0d492afa772c267cd8a28999db21ebc09bbde6f461332c27ed558255dda10b8217717c4a542740ad9b561642f1b800179846d960d5c50a999c28bd6db
SSDEEP

12288:Grqqg+uy95G/nD8mL2LZLLJqdhyNG4HJMr:M6kZJ8hTgM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
237a5948ffff03ab36268397a84722fb_JaffaCakes118

Files

237a5948ffff03ab36268397a84722fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30c7669e7b23ac0725f6b1e6e2617229

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
ExitProcess
GetStartupInfoW
GetModuleHandleA
GetCommandLineW
LocalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
FindNextFileW
GetVersion
CreateFileA
SetErrorMode
GetExitCodeThread
GetThreadPriority
SetThreadPriority
TerminateThread
PulseEvent
ResetEvent
LeaveCriticalSection
EnterCriticalSection
CreateProcessW
Sleep
GetLastError
GetLogicalDrives
GetDriveTypeW
DeviceIoControl
WriteFile
WaitForSingleObject
GetModuleFileNameW
ReleaseMutex
CloseHandle
GetVersionExA
CreateMutexW
MoveFileWithProgressW
MoveFileW
MoveFileExW
CopyFileExW
RemoveDirectoryW
GetExitCodeProcess
SetFileAttributesW
DeleteFileW
GetFileAttributesW
FindFirstFileW
FindClose
FreeLibrary
LoadLibraryW
GetModuleHandleW
GetProcAddress
GetTempPathW
WideCharToMultiByte
MultiByteToWideChar
GetLogicalDriveStringsW
GetCurrentProcessId
CreateFileW
FlushFileBuffers
GetComputerNameW
GetSystemDirectoryW
GetVolumeInformationW
FormatMessageW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
CreateEventW
SetEvent
GlobalMemoryStatus
GetSystemInfo
GetDateFormatW
GetTimeFormatW
LocalFileTimeToFileTime
SystemTimeToFileTime
CopyFileW
GetTimeZoneInformation
LoadLibraryExW
GetFileSize
SetFilePointer
SetFileTime
SetEndOfFile
ReadFile

user32

GetWindowThreadProcessId
SetWindowsHookExW
GetClassNameW
SetWindowLongW
SetPropW
CallNextHookEx
SetDlgItemTextW
CallWindowProcW
UnhookWindowsHookEx
EnumWindows
CharLowerBuffW
PostMessageW
SwitchToThisWindow
FindWindowW
MessageBoxW
PeekMessageW
MsgWaitForMultipleObjects
CreateWindowExW
IsIconic
SendMessageW
GetWindow
GetLastActivePopup
SetForegroundWindow
AttachThreadInput
RemovePropW
GetActiveWindow
EnableWindow
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
RegisterClassExW
GetMessageW
TranslateMessage
DispatchMessageW
DefWindowProcW
DestroyWindow
PostQuitMessage
LoadImageW
GetSystemMetrics
GetWindowLongW
SetWindowTextW
GetDesktopWindow
GetPropW

advapi32

RegEnumValueW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegEnumKeyExW

ole32

CoUninitialize
CoCreateGuid
CoInitialize
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CreateBindCtx

devdbacc

ord3
ord2
ord1
ord4
ord8

msvcp71

?_Nomemory@std@@YAXXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

shlwapi

SHDeleteKeyW
PathIsNetworkPathW
StrRetToStrW
PathStripToRootW
SHDeleteValueW
PathIsDirectoryW

msvcr71

_control87
_set_sbh_threshold
_get_heap_handle
_errno
_wmkdir
isalpha
_close
_wopen
_time64
ceil
floor
wcsftime
_wcsicoll
_mktime64
_wstat64
isleadbyte
wcsncmp
setlocale
_beginthreadex
_endthreadex
_wtoi
toupper
iswlower
wcstombs
islower
wcspbrk
localeconv
_wtof
wcsspn
_wtoi64
_callnewh
memset
??1type_info@@UAE@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
_c_exit
_exit
_XcptFilter
_cexit
exit
_wcmdln
_amsg_exit
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__security_error_handler
_controlfp
iswspace
_wcsnicmp
realloc
wcsstr
wcschr
calloc
_snwprintf
__RTDynamicCast
wcstok
atoi
memmove
_vsnwprintf
wcsrchr
_purecall
malloc
swprintf
wcscpy
wcslen
free
_except_handler3
wcscmp
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
_wcslwr
wcsncpy
__p___argc
__p___wargv
_wcsicmp
swscanf
towupper
_localtime64
__CxxFrameHandler

iphlpapi

GetAdaptersInfo

mfc71u

ord1079
ord6086
ord2366

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

SHGetMalloc
SHGetFolderLocation
SHGetSpecialFolderLocation
SHFileOperationW
SHGetDesktopFolder
SHGetPathFromIDListW

oleaut32

SysStringByteLen
SysAllocString
VariantChangeType
VariantInit
VariantClear
SysFreeString

Sections

.text
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c7669e7b23ac0725f6b1e6e2617229

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

devdbacc

msvcp71

shlwapi

msvcr71

iphlpapi

mfc71u

version

shell32

oleaut32

Sections

.text Size: 228KB - Virtual size: 227KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 8KB - Virtual size: 7KB

Size: 52KB - Virtual size: 51KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 228KB - Virtual size: 227KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 52KB - Virtual size: 51KB