2abfc300e4962125ac96e9b5ed844e37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2abfc300e4962125ac96e9b5ed844e37_JaffaCakes118
Size

2.3MB
MD5

2abfc300e4962125ac96e9b5ed844e37
SHA1

87bc9b83ed1ec40b7c1fbd185ea11497855a1261
SHA256

d04e1e19babdab3d4d36fdfc082444db0db2cb87cd096b1a5065cc3563b540d5
SHA512

332ae36472714615bacf232c620b1960308a5aff80fa9ea3f3ba04f065dacd28f3e2f6dba6c2c9437d67a59f627fed77018cec45a58422be52d1fe1b2e50a351
SSDEEP

49152:c1HL0UdNaT08eHqE/73aEAtODSC7ySTYpe:c1rkTQ7aISs4pe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2abfc300e4962125ac96e9b5ed844e37_JaffaCakes118

Files

2abfc300e4962125ac96e9b5ed844e37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41a8421ca9e04025de201b68b704c545

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gsio

InitDLL
DWG_SetPasswordCallbackFunc
?GetRenderType@CDwgExport@@QAE?AW4RenderType@@XZ
?GetIsDrawingRaster@CDwgExport@@QAE_NXZ
??0CDwgExport@@QAE@XZ
??1CDwgExport@@UAE@XZ
?SetExtendMode@CDwgExport@@UAEX_N@Z
?GetExtendMode@CDwgExport@@UAE_NXZ
?BeginEntityDraw@CDwgExport@@UAE_NPBD00K00PBN_JW4EntityMask@@@Z
?EndEntityDraw@CDwgExport@@UAEXXZ
?TextParam@CDwgExport@@UAEXPBD0NNNN@Z
?PushClipPolygon@CDwgExport@@UAEXHPAUPointStruct@@@Z
?PopClipPolygon@CDwgExport@@UAEXXZ
UninitDLL
DWG_SetAuditPrintErrorCallbackFunc
DWG_SetAuditPrintSummaryCallbackFunc
DWG_SetProgressCallBackFuns
?SaveRasterImage@@YAHPAUHBITMAP__@@HPBDJ@Z
?SetExportNoneDb@CDwgExport@@QAEX_N@Z
?GetExportNoneDb@CDwgExport@@QAE_NXZ
?SetOpt@CDwgExport@@QAEX_N@Z
?SetColorType@CDwgExport@@QAEXH@Z
?DeleteDrawing@CDrawing@@SAXPAV1@@Z
?CreateDrawing@CDrawing@@SAPAV1@W4CDRAWING_SERVER@@@Z
llpp
gs_A2U
DWG_SetBackgroundColor
DWG_SetFileAboutFunc
gs_U2A
g_U2A
ppll
lppp
ReleaseExportObject
ExportToExportObject
GetExportViewBox
CreateExportObject
?DWG_SetFindFileCallbackFunc@@YAXP6A_NPBDPAD@Z@Z
llppw
DWG_SetSearchDirectories
?endProgress@CDwgExport@@UAEXPBD@Z
?progress@CDwgExport@@UAEXPBDJ@Z
?beginProgress@CDwgExport@@UAEXPBDJJ@Z
?ExportOriginalScaleRaster@CDwgExport@@UAE_NXZ
?NeedRasterOutline@CDwgExport@@UAE_NXZ
?ExportAllObject@CDwgExport@@UAE_NXZ
?GetBkColor@CDwgExport@@UAEKXZ
?SetDevice2WorldMatrix@CDwgExport@@UAEXQAY03$$CBN@Z
?NeedActualCoordinate@CDwgExport@@UAE_NXZ
?CanDrawPolyPolygon@CDwgExport@@UAE_NXZ
?Raster@CDwgExport@@UAEXNNNNHHHHPAX0J0_NK@Z
?CanDrawRaster@CDwgExport@@UAE_NXZ
?CanDrawArc@CDwgExport@@UAE_NXZ

gsapp

?release@Document@GsApp@@SAXPAV12@@Z
?create@Document@GsApp@@SAPAV12@XZ

iow

FileDialogUnicode

gsui

initGsUI
InitLanguageDLL
ReadLanguageTextDLL
drawWaterMarkToDC
drawWaterMark
beginExportObject
releaseWaterMarkSetting
createWaterMarkSetting
showNeededResource
hasNeededResource
showResetPageDlg
getResetPageName
getResetPageCount
getResetPageUnit
getResetPageHeight
getResetPageWidth
releaseAdvancedExportParam
createAdvancedExportParam
releaseGsUI

kernel32

GlobalFlags
GetCurrentDirectoryA
InterlockedIncrement
LocalAlloc
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
FindResourceExA
GetFileAttributesA
GetFileTime
RtlUnwind
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
WritePrivateProfileStringA
GetTickCount
GlobalAddAtomA
FindNextFileA
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
SetErrorMode
CreateDirectoryW
CreateDirectoryA
GetTempPathA
GetTempFileNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
ResumeThread
SuspendThread
DeleteFileA
CopyFileA
FreeLibrary
IsDBCSLeadByteEx
lstrcpyA
FindFirstFileA
GlobalSize
WriteFile
CreateFileA
CloseHandle
GetFileSize
ReadFile
GlobalReAlloc
SetFilePointer
GlobalHandle
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetProcessHeap
HeapAlloc
HeapFree
GetSystemTime
GetLastError
lstrcmpiA
CompareStringA
CompareStringW
GetVersion
FindFirstFileW
FindNextFileW
FindClose
MultiByteToWideChar
lstrcpynA
GetTimeZoneInformation
MulDiv
RaiseException
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
lstrlenA
FreeResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetProcAddress
LoadLibraryA
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
VirtualProtect
FormatMessageA
LocalFree
SetLastError
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GetCurrentThread
InterlockedDecrement
GetCurrentProcess

user32

RegisterWindowMessageA
DefFrameProcA
DefMDIChildProcA
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorA
GetWindowDC
BeginPaint
EndPaint
SetMenu
SetRectEmpty
InsertMenuItemA
ReuseDDElParam
UnpackDDElParam
GetAsyncKeyState
GetTabbedTextExtentA
IsZoomed
SetParent
WindowFromPoint
GetSysColorBrush
CharNextA
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
GetPropA
RemovePropA
IsChild
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenuItemID
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
GetClassInfoA
RegisterClassA
SetWindowPlacement
DefWindowProcA
GetWindowPlacement
UnhookWindowsHookEx
RegisterClipboardFormatA
GetWindow
SetWindowContextHelpId
MapDialogRect
GetWindowTextLengthA
GetWindowTextA
SetFocus
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
EnableMenuItem
GetMenuCheckMarkDimensions
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
IsWindowVisible
GetKeyState
ValidateRect
GetLastActivePopup
ShowOwnedPopups
PostQuitMessage
GetDesktopWindow
WinHelpA
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
CheckMenuItem
CreatePopupMenu
TrackPopupMenu
wsprintfA
DestroyMenu
TrackMouseEvent
DrawFocusRect
DrawFrameControl
GetDlgCtrlID
SetWindowPos
SetDlgItemTextW
GetActiveWindow
MessageBoxA
SendMessageW
GetFocus
CallWindowProcA
GetCapture
InvalidateRect
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
IntersectRect
PtInRect
IsRectEmpty
GetCursorPos
GetDC
ReleaseDC
DestroyCursor
GetSystemMenu
AppendMenuA
DrawEdge
DrawStateA
FillRect
LoadBitmapA
OffsetRect
InflateRect
CopyRect
LoadImageA
MapVirtualKeyA
GetKeyNameTextA
SetMenuItemInfoA
CopyAcceleratorTableA
GetMenuItemInfoA
DestroyIcon
SystemParametersInfoA
CharUpperA
GetDoubleClickTime
SetForegroundWindow
IsIconic
PostThreadMessageA
DrawMenuBar
InsertMenuA
DeleteMenu
ClientToScreen
GetMenu
GetMenuState
GetMenuItemCount
PeekMessageA
DispatchMessageA
KillTimer
SetTimer
GetParent
SetCapture
ModifyMenuA
GetSubMenu
ReleaseCapture
SetWindowLongA
GetSystemMetrics
LoadCursorA
SetCursor
ScreenToClient
UnregisterClassA
GetClientRect
GetWindowRect
GetSysColor
SendMessageA
RedrawWindow
EnableWindow
UpdateWindow
LoadMenuA
LoadAcceleratorsA
LoadIconA
PostMessageA
IsWindow
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetActiveWindow
SetPropA
CreateMenu

gdi32

Ellipse
PatBlt
GetMapMode
PtVisible
RectVisible
Polygon
TextOutA
ExtTextOutA
Escape
CreateBrushIndirect
SetPixel
EnumFontFamiliesExA
CreateBitmap
GetTextMetricsA
GetObjectA
CreateFontIndirectA
CreatePatternBrush
GetStockObject
CreateDIBitmap
EnumFontFamiliesA
GetTextExtentPoint32A
Rectangle
Arc
CreateDIBSection
CreateHalftonePalette
GetDIBColorTable
CreateDCA
StretchDIBits
SetBkColor
DPtoLP
SetPaletteEntries
ResizePalette
SetSystemPaletteUse
GetNearestPaletteIndex
SetBkMode
GetCurrentObject
SetTextColor
CreateHatchBrush
GetWinMetaFileBits
LineTo
MoveToEx
PolyPolygon
CreateRectRgn
EndPath
BeginPath
CreatePen
RestoreDC
ExtSelectClipRgn
CreateRectRgnIndirect
GetClipBox
ExcludeClipRect
SelectClipRgn
GetViewportExtEx
GetPixel
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetStretchBltMode
ScaleWindowExtEx
GetCurrentPositionEx
SetRectRgn
CombineRgn
GetTextAlign
CloseMetaFile
DeleteMetaFile
GetCharWidthA
CreateFontA
GetBkColor
GetTextColor
GetRgnBox
CreateCompatibleBitmap
StretchBlt
BitBlt
CreateSolidBrush
SetROP2
SelectObject
SelectClipPath
DeleteObject
GdiFlush
SelectPalette
GetSystemPaletteEntries
RealizePalette
GetPaletteEntries
GetDIBits
StartDocA
StartPage
EndPage
EndDoc
DeleteDC
CloseEnhMetaFile
CreateEnhMetaFileA
CreateCompatibleDC
GetDeviceCaps
IntersectClipRect
DeleteEnhMetaFile
SetMapMode
GetWindowExtEx
SetWindowExtEx
SaveDC
SetWindowOrgEx
CreatePalette
SetDIBColorTable

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
ShellExecuteExA
ShellExecuteA
DragQueryFileA
DragAcceptFiles
SHGetPathFromIDListW
SHGetPathFromIDListA
SHBrowseForFolderA
DragFinish
SHGetSpecialFolderLocation

comctl32

ord17
ImageList_AddMasked
ImageList_GetIcon
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy
ImageList_Add
ImageList_GetImageCount
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MyShareM
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 756KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nricarr
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

41a8421ca9e04025de201b68b704c545

Headers

File Characteristics

Imports

gsio

gsapp

iow

gsui

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 36KB - Virtual size: 77KB

MyShareM Size: 8KB - Virtual size: 4KB

.rsrc Size: 756KB - Virtual size: 756KB

nricarr Size: - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 36KB - Virtual size: 77KB

MyShareM
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 756KB - Virtual size: 756KB

nricarr
Size: - Virtual size: 4KB