2631bae5dad15026b36fea9ec48a7355_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2631bae5dad15026b36fea9ec48a7355_JaffaCakes118
Size

475KB
MD5

2631bae5dad15026b36fea9ec48a7355
SHA1

1c954a20f5325409494854db2e2c8a3a6bea675f
SHA256

2a4973bf1b0fba54aaa8a7d3948387f77dd6738b2075214b22b7ef22e14602a2
SHA512

863dad243fbe17a3900fd55fecb510976cede89f80d9cb53e8be589f9abd62554567b9dcb92b9b9737581094008efeb9c8c47ed05f4dc21b077a7e54a55f13ef
SSDEEP

6144:l0KCJyiHB+nqJ0FpIlsUuDnhqK1xOuSSlv/iU0D/itfa7Ddk1Vh6guN:udn0FpIGUwwUxfiifgDuhX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2631bae5dad15026b36fea9ec48a7355_JaffaCakes118

Files

2631bae5dad15026b36fea9ec48a7355_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f7ccf4f7cc5b778c8262faf213af7c3e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW

comctl32

InitCommonControlsEx

kernel32

ReadFile
GetProcessHeap
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
LoadLibraryA
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
SetStdHandle
GetFileAttributesA
CloseHandle
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RaiseException
HeapAlloc
ExitProcess
HeapSize
Sleep
GetModuleFileNameA
GetStdHandle
WriteFile
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
HeapFree
DeleteFileA
MoveFileA
GetLastError
GetStartupInfoA
GetCommandLineA
RtlUnwind
MultiByteToWideChar
GetVersionExW
FreeLibrary
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
MulDiv
WideCharToMultiByte
GetModuleHandleW
GetProcAddress
GetModuleFileNameW

user32

DestroyCursor
SendMessageW
SendDlgItemMessageW
EndDialog
CreateDialogParamW
DialogBoxParamW
CreateWindowExW
SetMenuDefaultItem
CheckMenuItem
GetClipboardOwner
OpenClipboard
CloseClipboard
RegisterClipboardFormatW
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
TrackPopupMenu
LoadMenuW
LoadBitmapW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSubMenu
GetMenuStringW
ModifyMenuW
GetSystemMetrics
DestroyMenu
SetWindowsHookExW
LoadIconW
MessageBoxA
FindWindowW
BringWindowToTop
MessageBeep
GetMessageW
IsWindow
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnhookWindowsHookEx
RegisterClassExW
RegisterWindowMessageW
GetCursorPos
SetForegroundWindow
PostMessageW
GetMenuDefaultItem
PostQuitMessage
UpdateWindow
SetCursor
GetSysColor
SetFocus
MessageBoxW
GetFocus
GetDlgCtrlID
DestroyWindow
GetSystemMenu
LoadStringW
AppendMenuW
EnableWindow
GetDesktopWindow
GetWindowRect
IntersectRect
IsWindowVisible
ScreenToClient
SetWindowPos
ShowWindow
SetWindowTextW
InflateRect
DrawFrameControl
GetWindowTextW
DrawStateW
DrawFocusRect
GetClientRect
DestroyIcon
InvalidateRect
CallWindowProcW
SetWindowLongW
DefWindowProcW
GetWindowLongW
GetDC
GetTopWindow
GetWindow
ReleaseDC
GetDlgItem
LoadImageW

gdi32

GetDeviceCaps
SetBkColor
ExtTextOutW
CreateCompatibleDC
BitBlt
DeleteDC
SetBkMode
CreateSolidBrush
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
SelectObject
Rectangle
GetTextExtentPoint32W
SetTextColor
GetStockObject
DeleteObject

shell32

ShellExecuteW

ukhook40

VnConvert
?ModifyStatusIcon@@YAXXZ
?UkLoadKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@PAH@Z
?UkStoreKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@H@Z
?MsViMethodMapping@@3PAUUkKeyMapping@@A
?VIQRMethodMapping@@3PAUUkKeyMapping@@A
?VniMethodMapping@@3PAUUkKeyMapping@@A
?SimpleTelexMethodMapping@@3PAUUkKeyMapping@@A
?TelexMethodMapping@@3PAUUkKeyMapping@@A
?getText@CMacroTable@@QAEPBIH@Z
?getKey@CMacroTable@@QAEPBIH@Z
?getCount@CMacroTable@@QAEHXZ
?writeToFile@CMacroTable@@QAEHPBD@Z
?addItem@CMacroTable@@QAEHPBX0H@Z
?resetContent@CMacroTable@@QAEXXZ
?SetUnikeyOptions@@YAXPAU_UnikeyOptions@@H@Z
?SetOutputCharset@@YAHH@Z
?loadFromFile@CMacroTable@@QAEHPBD@Z
?init@CMacroTable@@QAEXXZ
?RecreateStatusIcon@@YAXXZ
?DeleteStatusIcon@@YAXXZ
?IsVietnamese@@YAHXZ
?SwitchMode@@YAXXZ
?GetVietHookDll@@YAPAUHINSTANCE__@@XZ
?SetUnikeyReady@@YAXXZ
?SetInputMethod@@YAHW4UkInputMethod@@@Z
?EnableUnikey@@YAXH@Z
?SetUnikeySysInfo@@YAXPAU_UnikeySysInfo@@@Z
?InitUkHook@@YAXXZ
?MyMouseHook@@YGJHIJ@Z
?MyKeyHook@@YGJHIJ@Z
?SetSwitchKey@@YAXH@Z
?UnikeyLoadMacro@@YAXPBD@Z
?UnikeyLoadUserKeyMap@@YAHPBD@Z
VnFileConvert
?VnConvSetOptions@@YAXPAU_VnConvOptions@@@Z
?VnConvResetOptions@@YAXPAU_VnConvOptions@@@Z
?VnConvGetOptions@@YAXPAU_VnConvOptions@@@Z
?genConvert@@YAHAAVVnCharset@@0AAVByteInStream@@AAVByteOutStream@@@Z
?getVnCharset@CVnCharsetLib@@QAEPAVVnCharset@@H@Z
?VnCharsetLibObj@@3VCVnCharsetLib@@A

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f7ccf4f7cc5b778c8262faf213af7c3e

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

advapi32

comctl32

kernel32

user32

gdi32

shell32

ukhook40

Sections

.text Size: 142KB - Virtual size: 141KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 18KB - Virtual size: 199KB

.rsrc Size: 61KB - Virtual size: 60KB

.trdata Size: 76KB - Virtual size: 76KB

.text
Size: 142KB - Virtual size: 141KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 18KB - Virtual size: 199KB

.rsrc
Size: 61KB - Virtual size: 60KB

.trdata
Size: 76KB - Virtual size: 76KB