3132b8a6beddf4c1771ae57a9980f974_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3132b8a6beddf4c1771ae57a9980f974_JaffaCakes118
Size

500KB
MD5

3132b8a6beddf4c1771ae57a9980f974
SHA1

cbf456148a6eaee898c967235619fe5f52ebc77c
SHA256

01db9c1a1b8044d0bef6041b5990d54f626c200daad4d38cf9facf419c231f80
SHA512

0d30654ce17c16acdc73c1931e9f850b1d42ece957109db06f408fc888d9ece9162ed8d0def2fc528ad8f222514d170c6bf352a5f1c8427b126a3e59360541f0
SSDEEP

12288:D3x72A+5bn+GJ5ALPel6z7t0fHg2MJrT1it3R1vrqGpRFqf0CxQ:D3Zkbn+VhN0HsJrIt7vvDFqfvq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3132b8a6beddf4c1771ae57a9980f974_JaffaCakes118

Files

3132b8a6beddf4c1771ae57a9980f974_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9eb5094c3cde743a50a1416cbba027aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\fep\gzxjoblklq\xeir.pdb

Imports

shell32

DragFinish
ExtractIconA
DragAcceptFiles
ord155

shlwapi

SHDeleteValueA
SHDeleteKeyA

winspool.drv

ClosePrinter
OpenPrinterA
ord204

gdi32

SaveDC
SetMapMode
Polyline
CreateDIBitmap
SetBkColor
SetWindowExtEx
SetTextColor
CopyMetaFileW
SetPixel
FillRgn
GetPixel
CreateCompatibleDC
RestoreDC
SetStretchBltMode
SelectClipRgn
LineTo
GetDeviceCaps
Rectangle
GetMapMode
OffsetViewportOrgEx
BitBlt
RoundRect
GetTextColor
DeleteObject
IntersectClipRect
CreateRoundRectRgn
SelectObject
RealizePalette
CreateSolidBrush
OffsetWindowOrgEx
MoveToEx
CreateFontW
SetPolyFillMode
GetTextMetricsW
SelectPalette
StretchDIBits

ole32

CreateILockBytesOnHGlobal
WriteClassStg
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
StringFromGUID2
StgOpenStorageOnILockBytes
OleUninitialize
OleInitialize

comctl32

ImageList_Draw
_TrackMouseEvent
ImageList_AddMasked
ImageList_EndDrag
ImageList_GetImageCount
ord17
ImageList_Remove
ImageList_Destroy
ImageList_DragMove
ImageList_DragLeave
ImageList_ReplaceIcon
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_Create
ImageList_GetImageInfo

kernel32

GetConsoleMode
SetFilePointer
UnhandledExceptionFilter
GetStartupInfoW
GetStringTypeA
LCMapStringA
HeapFree
GetModuleHandleA
InterlockedDecrement
GetStartupInfoA
CreateMutexW
InterlockedExchange
ReadFile
IsValidCodePage
GetLastError
HeapAlloc
SetStdHandle
LocalFree
LoadLibraryW
GetTimeFormatA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetFileType
GetOEMCP
GetEnvironmentStringsW
EnterCriticalSection
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
GetCurrentProcess
IsDebuggerPresent
DeleteCriticalSection
WriteFile
TlsSetValue
TlsGetValue
GetProcAddress
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCPInfo
SetEnvironmentVariableA
GetCommandLineW
GetCurrentProcessId
QueryPerformanceCounter
Sleep
TlsAlloc
SetUnhandledExceptionFilter
GetLocaleInfoA
HeapReAlloc
InterlockedIncrement
WaitForSingleObject
CompareStringA
FlushFileBuffers
VirtualFree
GetDateFormatA
GetStdHandle
SetHandleCount
LoadLibraryA
InitializeCriticalSection
WriteConsoleA
VirtualAlloc
GetTickCount
ExitProcess
RaiseException
HeapCreate
TlsFree
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
HeapSize
CreateFileA
GetModuleHandleW
SetLastError
FreeEnvironmentStringsW
LCMapStringW
CloseHandle
GetStringTypeW
LeaveCriticalSection
GetModuleFileNameW
RtlUnwind
CompareStringW
VirtualQuery
GetACP
TerminateProcess

winmm

waveOutUnprepareHeader
waveInPrepareHeader
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetNumDevs
waveInGetNumDevs
waveInUnprepareHeader
waveInClose
timeKillEvent
timeSetEvent
timeBeginPeriod
timeEndPeriod
waveInStart
waveInAddBuffer
timeGetTime
waveInStop
mixerGetDevCapsA
waveInOpen
waveInReset
mixerGetLineInfoA

advapi32

CryptReleaseContext
RegSetValueExA
RegOpenKeyExA
RegEnumKeyA
CryptEncrypt
RegCreateKeyExA
CryptDecrypt
RegQueryValueA

user32

GetSubMenu
SetTimer
LoadImageW
BeginPaint
RegisterClassExW
KillTimer
AdjustWindowRectEx
LoadStringW
SystemParametersInfoA
SetFocus
PeekMessageW
TranslateMessage
BringWindowToTop
IsWindowVisible
GetSystemMetrics
GrayStringW
RegisterClassW
DrawEdge
TranslateAcceleratorW
IntersectRect
MessageBoxW
SetWindowPos
AppendMenuW
EndDialog
CallNextHookEx
GetClientRect
GetSysColor
WinHelpW
LoadAcceleratorsW
GetParent
LoadIconW
UnhookWindowsHookEx
IsZoomed
GetMessagePos
SetCursor
SetDlgItemTextW
DestroyMenu
GetSysColorBrush
ReleaseCapture
ModifyMenuW
LoadBitmapW
SetForegroundWindow
CallWindowProcW
GetKeyState
CopyRect
GetClassNameW
DefWindowProcW
GetNextDlgTabItem
DestroyWindow
CharUpperW
InsertMenuW
SetWindowTextW
LoadMenuW
ReleaseDC
DispatchMessageW
EndPaint
LoadCursorW
SetActiveWindow
GetCapture
PostMessageW
RegisterWindowMessageW
SystemParametersInfoW
SetWindowsHookExW
RedrawWindow
GetClassLongW
PostThreadMessageW
IsChild
PostQuitMessage
GetWindowThreadProcessId
GetFocus
DestroyIcon
GetWindowLongW
GetDC
GetCursorPos
TabbedTextOutW

Sections

.text
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9eb5094c3cde743a50a1416cbba027aa

Headers

File Characteristics

PDB Paths

Imports

shell32

shlwapi

winspool.drv

gdi32

ole32

comctl32

kernel32

winmm

advapi32

user32

Sections

.text Size: 112KB - Virtual size: 108KB

.rdata Size: 268KB - Virtual size: 267KB

.data Size: 76KB - Virtual size: 87KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 112KB - Virtual size: 108KB

.rdata
Size: 268KB - Virtual size: 267KB

.data
Size: 76KB - Virtual size: 87KB

.rsrc
Size: 40KB - Virtual size: 39KB