2e3b94c4f0d5587764381cdce20a4d75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e3b94c4f0d5587764381cdce20a4d75_JaffaCakes118
Size

1.1MB
MD5

2e3b94c4f0d5587764381cdce20a4d75
SHA1

109e659ca817dc663afdeabfcbe6fcd5a21e709c
SHA256

d7c8b38c9101d03015978c7d91701294a92558fa0e29ec64e510f6d46bc63766
SHA512

a28f9c0c43060715ce7a3bdb539fc924f276ef4453e60df67698a9668fe4b597515fb996433779d99491dc1e3763a92962abc7f89dfb8f75bef0335b1965f5ce
SSDEEP

24576:Qy8gjjuOkhena99/W2duRfJmCYK5aXHz:p83OkhLdul18X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e3b94c4f0d5587764381cdce20a4d75_JaffaCakes118

Files

2e3b94c4f0d5587764381cdce20a4d75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e39e29957544aadcbb8d502cf140b088

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

ICOpen
ICClose
ICGetInfo

msacm32

acmFormatTagDetailsA
acmDriverEnum
acmDriverDetailsA
acmDriverClose
acmDriverOpen

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

GetDriverModuleHandle
OpenDriver
CloseDriver

kernel32

lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
GlobalReAlloc
lstrcmpA
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
LocalAlloc
TlsGetValue
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
GetCPInfo
GetOEMCP
GetThreadLocale
GetFileTime
FlushFileBuffers
LockFile
UnlockFile
ResumeThread
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
RtlUnwind
HeapFree
HeapAlloc
ExitThread
RaiseException
GetSystemTimeAsFileTime
ExitProcess
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GetModuleFileNameW
GlobalFree
MulDiv
GetCurrentThread
GetACP
GetModuleHandleA
CreateThread
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteFileA
FindFirstFileA
FindClose
SearchPathA
FormatMessageA
LocalFree
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
IsBadWritePtr
OpenProcess
IsBadCodePtr
SetLastError
GetWindowsDirectoryA
FreeLibrary
lstrcatA
WinExec
CreateProcessA
GetCommandLineW
Sleep
GetUserDefaultLangID
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFilePointer
SetThreadPriority
GetLastError
GetOverlappedResult
VirtualAlloc
CreateFileW
VirtualFree
GetTickCount
GetFileAttributesA
GetVersionExA
GetCurrentProcessId
CreateEventA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
lstrlenA
GlobalAlloc
lstrcpyA
GlobalLock
GlobalUnlock
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
SetEndOfFile

user32

MoveWindow
ShowWindow
IsWindowEnabled
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
GetDesktopWindow
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
DestroyMenu
PostQuitMessage
GetWindowThreadProcessId
GetSysColorBrush
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
TrackPopupMenu
GetScrollRange
GetScrollPos
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
RegisterClassA
GetScrollInfo
SetScrollInfo
SetWindowPlacement
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
ValidateRect
UnhookWindowsHookEx
GetMenuState
SetWindowTextA
SetWindowRgn
IsZoomed
GetPropA
CallWindowProcA
IsMenu
AdjustWindowRectEx
GetMenu
GetClassNameA
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
GetWindowRgn
EqualRect
DispatchMessageA
RegisterWindowMessageA
PeekMessageA
DrawFocusRect
GetActiveWindow
UnregisterClassA
GetClassInfoA
DefWindowProcA
GetCapture
IsRectEmpty
CharUpperA
IsCharAlphaA
IsCharAlphaNumericA
SetLastErrorEx
WindowFromPoint
ClientToScreen
SetWindowLongA
LoadCursorA
CopyIcon
MessageBeep
ReleaseCapture
SetCapture
ReleaseDC
GetDC
GetWindowRect
InflateRect
PtInRect
SetCursor
DrawTextA
FillRect
GetKeyState
GetSystemMetrics
IsIconic
GetMenuItemID
EnableWindow
SendMessageA
GetCursorPos
LoadBitmapA
GetClientRect
GetSysColor
InvalidateRect
HideCaret
CloseClipboard
GetMenuItemCount
DrawIcon
TranslateAcceleratorA
MapDialogRect
GetSystemMenu
AppendMenuA
SetFocus
IsWindowVisible
GetDlgCtrlID
LoadStringA
LoadIconA
GetMessagePos
GetParent
LoadImageA
KillTimer
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuA
SendDlgItemMessageA
WinHelpA
GetClassLongA
SetPropA
GetWindowTextLengthA
OpenClipboard
SetClipboardData
EmptyClipboard
EnableMenuItem
GetSubMenu
LoadMenuA
ScreenToClient
PostMessageA
SetTimer
GetDlgItem
LoadAcceleratorsA
MessageBoxA
wsprintfA
CopyRect
GetFocus
IsWindow
GetWindowLongA
CheckMenuItem
RemovePropA

gdi32

GetObjectA
GetTextMetricsA
PatBlt
CreatePatternBrush
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
CreateFontIndirectA
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
CreateRectRgnIndirect
GetTextExtentPoint32A
GetDIBits
CreateSolidBrush
SelectObject
Rectangle
MoveToEx
LineTo
CreateDIBSection
DeleteObject
BitBlt
CreateCompatibleDC
ScaleViewportExtEx
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CombineRgn
DPtoLP
OffsetRgn
SetRectRgn
CreateRectRgn
GetTextExtentExPointA
GetCharWidthA
GetWindowOrgEx

comdlg32

GetSaveFileNameA
GetOpenFileNameW
GetFileTitleA
GetOpenFileNameA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyA
RegSetValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueA
RegDeleteValueA
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

shell32

SHChangeNotify
SHGetPathFromIDListA
SHBrowseForFolderA
CommandLineToArgvW
ShellExecuteW
ShellExecuteA
DragFinish
DragQueryFileA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CLSIDFromString
CoTaskMemFree
CoUninitialize
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoInitialize
CreateItemMoniker
GetRunningObjectTable
StringFromCLSID

oleaut32

VariantInit
VariantChangeType
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
SysFreeString

Sections

.text
Size: 444KB - Virtual size: 441KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 276KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.|�
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e39e29957544aadcbb8d502cf140b088

Headers

File Characteristics

Imports

msvfw32

msacm32

version

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 444KB - Virtual size: 441KB

.rdata Size: 112KB - Virtual size: 108KB

.data Size: 28KB - Virtual size: 47KB

.rsrc Size: 276KB - Virtual size: 274KB

.|� Size: 240KB - Virtual size: 240KB

.text
Size: 444KB - Virtual size: 441KB

.rdata
Size: 112KB - Virtual size: 108KB

.data
Size: 28KB - Virtual size: 47KB

.rsrc
Size: 276KB - Virtual size: 274KB

.|�
Size: 240KB - Virtual size: 240KB