2b2a944736c448510ae2fe3c7a8b183f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b2a944736c448510ae2fe3c7a8b183f_JaffaCakes118
Size

472KB
MD5

2b2a944736c448510ae2fe3c7a8b183f
SHA1

c5a6ff1fd15d8e28a85f6ea5af9f7da1af81e1d4
SHA256

8d31074606cd10ece30c09cdd9a3f28e46570b54b69eec3fcd76fc0a2d6ab54f
SHA512

c60820f0de45772eb92f33e4b2155c341f741c4a1b0f961abe534760ae73aa16d775c8927fe98c78a2c96a0a3ec2ed98d580ec0be7b3e8c29e3a0f3dc7eed231
SSDEEP

12288:/9BzHf2KlqWZXQ/fbZEQBYuFjLvH16D9lFDZJv6hZUz99gSIdII:Pf2NHbZrRb4JJ4baySIKI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ResEdit-win32/ResEdit.exe

Files

2b2a944736c448510ae2fe3c7a8b183f_JaffaCakes118
.rar
ResEdit-win32/ResEdit.exe
.exe windows:5 windows x86 arch:x86

ec1fe376b40d00a652d1631b8136064b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
HeapCreate
GetStdHandle
HeapSize
Sleep
IsProcessorFeaturePresent
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineW
HeapFree
HeapAlloc
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
RtlUnwind
HeapReAlloc
GetStringTypeW
LCMapStringW
CreateFileA
GetProcessHeap
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetLocalTime
SetEndOfFile
CopyFileW
DeleteFileW
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleW
ExitProcess
GetLocaleInfoW
EnumSystemCodePagesW
GetCPInfoExW
GetTempPathW
GetTempFileNameW
GetSystemDefaultLangID
lstrcmpiW
GetModuleFileNameW
FindNextFileW
LoadLibraryW
GlobalSize
GetCurrentDirectoryW
FreeResource
CreateThread
MulDiv
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
SetCurrentDirectoryW
GetFileAttributesW
CloseHandle
CreateFileW
MultiByteToWideChar
GetFileSize
ReadFile
SetFilePointer
GetCurrentThreadId
LockResource
SizeofResource
LoadResource
FindResourceW
FindClose
FindFirstFileW
VirtualQuery
GetLastError
FormatMessageW
IsDebuggerPresent
WriteFile

user32

IsCharLowerW
GetScrollInfo
SetScrollInfo
SetWindowRgn
GetClassInfoExW
GetClassLongW
RemoveMenu
DrawMenuBar
InsertMenuW
DeleteMenu
SetTimer
KillTimer
CreateWindowExA
DrawFrameControl
IsCharUpperW
CharUpperBuffW
GetFocus
GetMessagePos
LockWindowUpdate
CreateDialogParamW
DrawIconEx
DestroyIcon
CreateIconFromResource
LoadImageW
GetWindowTextA
DestroyMenu
RegisterClassExW
FlashWindow
IsClipboardFormatAvailable
CheckMenuItem
GetMenuItemID
GetClipboardData
DrawIcon
AdjustWindowRectEx
CreateIconFromResourceEx
LoadBitmapW
AppendMenuW
SetForegroundWindow
LoadCursorW
ChildWindowFromPoint
SetFocus
CreateMenu
LoadIconW
ValidateRect
GetComboBoxInfo
TrackPopupMenu
DialogBoxIndirectParamW
EnumChildWindows
SetMenu
TrackPopupMenuEx
IntersectRect
UnionRect
GetCapture
EqualRect
ShowWindow
CreateDialogIndirectParamW
SetCursor
DestroyCursor
CreatePopupMenu
MessageBoxA
TranslateMessage
IsDialogMessageW
DispatchMessageW
IsChild
WindowFromPoint
GetMessageW
GetSubMenu
SetWindowPlacement
SetClassLongW
IsWindowVisible
IsDlgButtonChecked
GetDlgItemTextW
GetWindowTextLengthW
DrawFocusRect
MoveWindow
SetRect
RegisterClipboardFormatW
InsertMenuItemW
PostQuitMessage
GetWindowPlacement
GetMenuState
SetClipboardViewer
GetDesktopWindow
GetLastActivePopup
GetDCEx
GetDC
UpdateWindow
IsWindow
EnableMenuItem
MessageBeep
DefWindowProcW
MapWindowPoints
EndPaint
BeginPaint
SetParent
CreateWindowExW
InvalidateRect
EnableWindow
GetDlgItem
GetDlgItemInt
SetDlgItemInt
GetSystemMetrics
IsCharAlphaNumericW
IsCharAlphaW
OffsetRect
SetWindowTextA
MessageBoxW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowTextW
CopyRect
SetWindowPos
ClientToScreen
GetParent
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
SetPropW
GetClassNameW
GetForegroundWindow
GetMenuItemInfoW
GetMenuItemCount
RemovePropW
SetWindowLongW
ReleaseDC
InflateRect
GetWindowDC
FrameRect
GetPropW
DestroyWindow
SetCapture
GetWindowLongW
CallWindowProcW
ReleaseCapture
PtInRect
GetWindowLongA
GetClientRect
GetWindowRect
DrawTextW
GetSysColor
GetSysColorBrush
FillRect
SendMessageW
PostMessageW
ScreenToClient
GetCursorPos
GetAsyncKeyState
CharUpperW
DialogBoxParamW
SendDlgItemMessageW
EndDialog
CheckDlgButton
SetDlgItemTextW
SetWindowTextW
ShowScrollBar

gdi32

GetObjectW
SetWindowOrgEx
SetBkColor
CreatePen
MaskBlt
CreateDIBitmap
LineDDA
MoveToEx
LineTo
TextOutW
CreateRectRgn
CombineRgn
FillRgn
SetDIBitsToDevice
StretchBlt
SetDIBits
Polyline
PatBlt
SetROP2
GetStockObject
Polygon
CreateFontW
CreateBitmap
CreatePatternBrush
GetTextColor
GetDeviceCaps
GetDIBits
GetTextExtentPoint32A
CreateFontIndirectW
SetStretchBltMode
SelectClipRgn
GetTextExtentPoint32W
ExcludeClipRect
SetPixel
SaveDC
GetClipBox
CreateRectRgnIndirect
ExtSelectClipRgn
RestoreDC
CreateDIBSection
DeleteDC
BitBlt
GetNearestColor
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPointW
SelectObject
DeleteObject
CreateSolidBrush
CreateRoundRectRgn
SetBkMode
SetTextColor

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
ChooseColorW

advapi32

RegCreateKeyW
RegSetValueW
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCreateKeyExW
RegOpenKeyW

shell32

SHChangeNotify
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteExW
ShellExecuteW
SHAddToRecentDocs
SHBrowseForFolderW
DragQueryFileW
ShellExecuteA

comctl32

ord410
ImageList_Create
ImageList_Add
ImageList_GetImageCount
ord413
InitCommonControlsEx

shlwapi

PathCanonicalizeW
PathIsRelativeW
StrCmpIW
PathCombineW
PathRelativePathToW
StrCmpNW

urlmon

URLOpenStreamW

Sections

.text
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ResEdit-win32/ResEdit.xml
ResEdit-win32/languages/Chinese.txt
ResEdit-win32/languages/French.txt
ResEdit-win32/languages/German.txt
ResEdit-win32/languages/Italian.txt
ResEdit-win32/languages/Japanese.txt
ResEdit-win32/languages/Korean.txt
ResEdit-win32/languages/Russian.txt
ResEdit-win32/languages/Spanish.txt
ResEdit-win32/languages/Valencian.txt
ResEdit-win32/templates/README

Sharing

General

Malware Config

Signatures

Files

ec1fe376b40d00a652d1631b8136064b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

shlwapi

urlmon

Sections

.text Size: 665KB - Virtual size: 664KB

.rdata Size: 174KB - Virtual size: 174KB

.data Size: 12KB - Virtual size: 98KB

.rsrc Size: 87KB - Virtual size: 87KB

.text
Size: 665KB - Virtual size: 664KB

.rdata
Size: 174KB - Virtual size: 174KB

.data
Size: 12KB - Virtual size: 98KB

.rsrc
Size: 87KB - Virtual size: 87KB