257297ec2e028f4bc7c3b0bcbfd65c18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

257297ec2e028f4bc7c3b0bcbfd65c18_JaffaCakes118
Size

805KB
MD5

257297ec2e028f4bc7c3b0bcbfd65c18
SHA1

e41eaa22b70642412f178a69f60d7247a1bbdff1
SHA256

8c33e08ae6a13f45030ac74d65503f8bf5dc0698a1f614daadd304cea880c25c
SHA512

5e2b41abf4a96ed2371ba377f24bc31e3fda01cf34a3b980b9ddb5516416980eac526e905715e3d4fe6e358326f8aa1003f43ea40045c9f3043f9e2e170b4c44
SSDEEP

24576:8G9w3jN6sCyVBDh/l5volH6UNi2G+TfIN:8cAloNq+TfC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
257297ec2e028f4bc7c3b0bcbfd65c18_JaffaCakes118

Files

257297ec2e028f4bc7c3b0bcbfd65c18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d20839f56b9b7a7c75d7e40b9976caa7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW

comctl32

_TrackMouseEvent

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PrintDlgA

gdi32

Arc
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateFontA
CreatePalette
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
EndDoc
EndPage
EqualRgn
ExtCreatePen
GdiFlush
GetCharacterPlacementW
GetDIBits
GetDeviceCaps
GetGlyphOutlineW
GetRgnBox
GetStockObject
GetTextExtentPoint32W
GetTextMetricsA
LPtoDP
LineTo
ModifyWorldTransform
MoveToEx
Pie
PolyPolygon
Polygon
Polyline
RealizePalette
RectInRegion
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetBkMode
SetDIBitsToDevice
SetGraphicsMode
SetMapMode
SetPixel
SetTextAlign
SetTextColor
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocA
StartPage
StretchDIBits
TextOutW
UpdateColors

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileW
FindNextFileW
GetACP
GetComputerNameA
GetCurrentDirectoryA
GetCurrentThreadId
GetFileAttributesA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
SetCurrentDirectoryA
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__getmainargs
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_access
_cexit
_errno
_execvp
_iob
_mkdir
_onexit
_putenv
_setmode
_strdup
_stricmp
_waccess
_wchmod
_wfopen
_wgetcwd
_wgetenv
_wmkdir
_wopen
_wrename
_wrmdir
_wstat
_wunlink
abort
acos
atexit
atof
atoi
atol
calloc
ceil
cos
exit
fclose
fflush
fgets
fopen
fprintf
fputc
fputs
free
fwrite
getenv
isalnum
isalpha
isspace
isupper
isxdigit
localeconv
localtime
log
malloc
memcmp
memcpy
memmove
memset
pow
qsort
rand
realloc
setlocale
signal
sin
sprintf
sqrt
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strrchr
strtol
system
time
tolower
toupper
vfprintf
wcscpy
wcslen
wcstombs

ole32

CoCreateInstance
DoDragDrop
OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium

shell32

DragQueryFileW
SHBrowseForFolderA
SHGetMalloc
SHGetPathFromIDListA

user32

AdjustWindowRectEx
BringWindowToTop
ClientToScreen
CloseClipboard
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyWindow
DispatchMessageW
EmptyClipboard
FillRect
GetAsyncKeyState
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetParent
GetSysColor
GetSystemMetrics
GetUpdateRgn
GetWindowLongA
GetWindowRect
InvalidateRect
IsIconic
KillTimer
LoadCursorA
LoadIconA
MapWindowPoints
MessageBeep
MessageBoxA
MsgWaitForMultipleObjects
OpenClipboard
OpenIcon
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
PostThreadMessageA
RegisterClassExA
RegisterClassExW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetForegroundWindow
SetTimer
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoA
TranslateMessage
ValidateRgn
WindowFromPoint

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

libstdc++-6

_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZdaPv
_ZdlPv
_Znaj
_Znwj
__cxa_guard_acquire
__cxa_guard_release
__cxa_pure_virtual
__gxx_personality_v0

Sections

.text
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/87
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/134
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d20839f56b9b7a7c75d7e40b9976caa7

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

kernel32

msvcrt

ole32

shell32

user32

libgcc_s_dw2-1

libstdc++-6

Sections

.text Size: 282KB - Virtual size: 282KB

.data Size: 8KB - Virtual size: 8KB

.rdata Size: 47KB - Virtual size: 47KB

/4 Size: 56KB - Virtual size: 56KB

.bss Size: - Virtual size: 17KB

.idata Size: 8KB - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 1024B - Virtual size: 544B

/29 Size: 2KB - Virtual size: 1KB

/45 Size: 2KB - Virtual size: 2KB

/61 Size: 26KB - Virtual size: 26KB

/73 Size: 6KB - Virtual size: 5KB

/87 Size: 7KB - Virtual size: 7KB

/99 Size: 4KB - Virtual size: 3KB

/112 Size: 512B - Virtual size: 472B

/123 Size: 31KB - Virtual size: 31KB

/134 Size: 1024B - Virtual size: 856B

.text
Size: 282KB - Virtual size: 282KB

.data
Size: 8KB - Virtual size: 8KB

.rdata
Size: 47KB - Virtual size: 47KB

/4
Size: 56KB - Virtual size: 56KB

.bss
Size: - Virtual size: 17KB

.idata
Size: 8KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 1024B - Virtual size: 544B

/29
Size: 2KB - Virtual size: 1KB

/45
Size: 2KB - Virtual size: 2KB

/61
Size: 26KB - Virtual size: 26KB

/73
Size: 6KB - Virtual size: 5KB

/87
Size: 7KB - Virtual size: 7KB

/99
Size: 4KB - Virtual size: 3KB

/112
Size: 512B - Virtual size: 472B

/123
Size: 31KB - Virtual size: 31KB

/134
Size: 1024B - Virtual size: 856B