295dec6639124cd96642307a5ca0611a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

295dec6639124cd96642307a5ca0611a_JaffaCakes118
Size

2.7MB
MD5

295dec6639124cd96642307a5ca0611a
SHA1

abb8c48ff29a143997c6a6deb9309e8e234924e4
SHA256

12ddeac919e96510dc507cedc40d40dbcd9adcd0bf4d1fb131e59e49348e04f2
SHA512

e5c630c209704cec024c6de6807b5cc41523aeb281a01b6530ae5726c189eb2b6757fd50bb281ac3eb490f2983137e3948a34a005eb765799e2bf5a8a203a028
SSDEEP

24576:d/cnDnkFYu+4lz9irq5or0btq93FqvuHPImumaQJedOyJh2L0OV0+d0n/A4VM4jh:dckBz8O5UaQJfnD0XXjqXk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295dec6639124cd96642307a5ca0611a_JaffaCakes118

Files

295dec6639124cd96642307a5ca0611a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de085ccbf7c9b337c63cdd18b9b1a618

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\NMC\Alt\WZ90SR1\WinZip\Src\NTSHARE\winzip32.pdb

Imports

kernel32

WritePrivateProfileStringA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
CreateProcessA
ExitThread
WaitForSingleObject
CreateThread
WinExec
GetVolumeInformationA
_lread
SetErrorMode
GlobalHandle
LoadLibraryA
GetPrivateProfileIntA
GetPrivateProfileStringA
MulDiv
CompareStringW
CompareStringA
ExitProcess
Sleep
_lopen
FindFirstFileA
FindNextFileA
GetShortPathNameA
GetFullPathNameA
FindClose
FileTimeToLocalFileTime
WideCharToMultiByte
GetModuleHandleA
GetFileInformationByHandle
GetFileSize
SetEndOfFile
lstrcmpA
lstrcmpiA
GetLocaleInfoW
FlushFileBuffers
IsBadCodePtr
GetOEMCP
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetCPInfo
SetUnhandledExceptionFilter
HeapSize
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetSystemTimeAsFileTime
SetStdHandle
SetEnvironmentVariableA
RemoveDirectoryA
HeapReAlloc
HeapFree
HeapAlloc
GetCurrentProcess
TerminateProcess
GetFileAttributesA
RaiseException
RtlUnwind
GetStartupInfoA
lstrcatA
lstrcpyA
IsDBCSLeadByte
GlobalFindAtomA
GlobalAddAtomA
MoveFileExA
GetVersion
GetCommandLineA
lstrcpynA
GetTimeFormatA
GetDateFormatA
FileTimeToDosDateTime
SystemTimeToFileTime
FileTimeToSystemTime
GetLocalTime
DeleteFileA
GetEnvironmentVariableA
GetWindowsDirectoryA
GlobalSize
FindResourceA
LoadResource
SizeofResource
FreeResource
LockResource
GlobalAlloc
GlobalLock
GlobalFree
GlobalUnlock
IsBadReadPtr
IsBadWritePtr
_lclose
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
SetFileAttributesA
SetLastError
_lcreat
GetFileType
GetLastError
FormatMessageA
LocalFree
CreateDirectoryA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
lstrlenA
ExpandEnvironmentStringsA
GetTempPathA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetModuleFileNameA
GlobalMemoryStatus
GetLocaleInfoA
GetACP
GetVersionExA
GetSystemDirectoryA
MultiByteToWideChar
GetProcAddress
FreeLibrary
PeekNamedPipe
GetTickCount
GetProfileStringA
GetDriveTypeA

advapi32

RegCloseKey
RegSetValueA
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegEnumValueA
RegOpenKeyA

user32

SetMenuDefaultItem
AppendMenuA
DefWindowProcA
MessageBeep
MessageBoxIndirectA
IsChild
IsDialogMessageA
GetMessageA
IsCharAlphaNumericA
GetWindowThreadProcessId
WaitMessage
WaitForInputIdle
CharNextA
IsCharUpperA
IsCharAlphaA
CharLowerA
CharToOemA
OemToCharA
SetWindowPlacement
PostQuitMessage
GetSystemMenu
IntersectRect
MapDialogRect
DestroyIcon
EnumChildWindows
GetFocus
SetForegroundWindow
ReleaseCapture
WindowFromPoint
DestroyCursor
CharUpperA
SetParent
GetAsyncKeyState
FlashWindow
ChildWindowFromPoint
GetDlgCtrlID
LoadMenuA
TrackPopupMenu
CreateDialogParamA
DialogBoxParamA
RegisterClipboardFormatA
GetClipboardFormatNameA
ClientToScreen
CreatePopupMenu
IsClipboardFormatAvailable
InsertMenuA
TrackPopupMenuEx
DestroyMenu
GetClassInfoA
CheckMenuItem
GetKeyState
GetActiveWindow
WinHelpA
TranslateAcceleratorA
TranslateMessage
SetPropA
RemovePropA
EnumWindows
GetPropA
SetActiveWindow
GetDlgItemInt
CreateDialogIndirectParamA
DialogBoxIndirectParamA
MessageBoxA
GetMessagePos
DeferWindowPos
SystemParametersInfoA
RedrawWindow
IsZoomed
GetWindowPlacement
CreateWindowExA
DestroyWindow
GetDlgItem
SetDlgItemTextA
HideCaret
MapWindowPoints
ShowCaret
SetCapture
ExcludeUpdateRgn
CallNextHookEx
GetWindowDC
GetMenuItemCount
GetMenuStringA
GetMenuState
CheckMenuRadioItem
EnableMenuItem
InvalidateRgn
SetWindowsHookA
LoadAcceleratorsA
RegisterClassA
GetMenu
DrawMenuBar
ModifyMenuA
BringWindowToTop
CheckRadioButton
FindWindowA
InflateRect
OffsetRect
SetWindowsHookExA
UnhookWindowsHookEx
wsprintfA
SetDlgItemInt
KillTimer
PostMessageA
CallWindowProcA
DrawFocusRect
IsRectEmpty
LoadCursorA
DrawFrameControl
BeginDeferWindowPos
EndDeferWindowPos
SetRectEmpty
GetWindowLongA
ValidateRect
SetRect
FillRect
GetForegroundWindow
GetSubMenu
DeleteMenu
GetDlgItemTextA
IsMenu
LoadStringA
RegisterWindowMessageA
CheckDlgButton
IsWindowEnabled
GetWindowTextLengthA
IsDlgButtonChecked
FindWindowExA
ScreenToClient
SetCursor
PeekMessageA
DispatchMessageA
IsIconic
GetDC
ReleaseDC
GetSystemMetrics
SetWindowTextA
GetWindow
GetClassNameA
SetWindowPos
ShowWindow
EnableWindow
IsWindow
GetDesktopWindow
EndDialog
GetLastActivePopup
IsWindowVisible
LoadIconA
SendDlgItemMessageA
SetTimer
MoveWindow
SetFocus
SetWindowLongA
LoadBitmapA
BeginPaint
EndPaint
GetParent
GetClientRect
GetCursorPos
GetWindowRect
PtInRect
InvalidateRect
UpdateWindow
GetSysColor
GetSysColorBrush
SendMessageA
GetWindowTextA
DrawTextA

gdi32

StartPage
EndPage
EndDoc
Escape
SetMapMode
SaveDC
CreatePatternBrush
SetViewportOrgEx
RealizePalette
RestoreDC
CreateBitmap
GetCharWidth32A
GetMapMode
CreatePalette
StartDocA
SetAbortProc
SelectPalette
TextOutA
DPtoLP
SetTextAlign
GetTextExtentPointA
ExtTextOutA
CreateDCA
GetDeviceCaps
GetTextMetricsA
CreateFontIndirectA
UpdateColors
CreateDIBitmap
SetTextColor
IntersectClipRect
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetBkColor
CreateSolidBrush
DeleteDC
GetTextExtentPoint32A
GetObjectA
CreatePen
SelectObject
GetStockObject
Rectangle
MoveToEx
LineTo
SetBkColor
PatBlt
DeleteObject

comdlg32

CommDlgExtendedError
GetSaveFileNameA
ChooseFontA
PrintDlgA
GetOpenFileNameA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

SHAddToRecentDocs
ShellExecuteExA
FindExecutableA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHChangeNotify
DragQueryPoint
DragQueryFileA
DragFinish
SHGetFileInfoA
SHGetDesktopFolder
DragAcceptFiles
SHFileOperationA

ole32

CoTaskMemFree
CoInitialize
DoDragDrop
CoGetMalloc
OleInitialize
OleUninitialize
CoUninitialize
StringFromGUID2
CoCreateInstance

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Draw
PropertySheetA
ImageList_Replace
ImageList_GetImageCount
ImageList_Create
ImageList_Remove
ImageList_Destroy
ImageList_SetBkColor
ord17
ImageList_GetIconSize
ImageList_AddMasked

Sections

.text
Size: 776KB - Virtual size: 772KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT_TEX
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de085ccbf7c9b337c63cdd18b9b1a618

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

user32

gdi32

comdlg32

version

shell32

ole32

comctl32

Sections

.text Size: 776KB - Virtual size: 772KB

INIT_TEX Size: 4KB - Virtual size: 1KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 20KB - Virtual size: 91KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 776KB - Virtual size: 772KB

INIT_TEX
Size: 4KB - Virtual size: 1KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 20KB - Virtual size: 91KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB