31773342895cf4e20aa56414a2d2eada_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

31773342895cf4e20aa56414a2d2eada_JaffaCakes118
Size

264KB
MD5

31773342895cf4e20aa56414a2d2eada
SHA1

4be6b2a8f35cc821c35c66860746096a9737dfdd
SHA256

506e5494a3d7926d62be05a4ab37da93b73101c3f1bfc760b1589baeda477e8b
SHA512

9cfb226d5fbbc72be9c30ab979fbd38dde6c1b54a6202624d35096550bcd9a9e551b687e1d0e312fd9c880e7adc9a4d9f39402533ff7c0cf5c11447c2d29d281
SSDEEP

6144:Ozluu0mPz+cAtxygUiws2Pcj23uayqTXWw/LPNLm8Pi:NIP9gp2Pcj23KKLd5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31773342895cf4e20aa56414a2d2eada_JaffaCakes118

Files

31773342895cf4e20aa56414a2d2eada_JaffaCakes118
.exe windows:4 windows x86 arch:x86

293c5ae5fa0a9c2c16901c204c6e9237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA
ImageList_Draw
CreateToolbarEx
ImageList_Write

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

oleaut32

SysStringLen

gdi32

CreateFontIndirectA
TextOutA
GetMapMode
GetStockObject
GetPaletteEntries
ExtSelectClipRgn
RectVisible
GetTextExtentPointW
SetEnhMetaFileBits
Chord
GetLayout
StretchDIBits
EnumFontFamiliesA
CreatePenIndirect
StartDocW
RestoreDC
SelectObject
EnumFontFamiliesW
SetLayout
GetViewportExtEx
GetTextAlign
CreateCompatibleBitmap
PtVisible
PlayEnhMetaFile
IntersectClipRect
CreatePalette
SelectPalette
Arc
CreateDIBitmap
EnumMetaFile
SaveDC
SetROP2
GetTextExtentPoint32W
CreateDCA

shell32

SHCreateDirectoryExW
ShellExecuteExW
SHGetFileInfoW
ExtractIconExW
SHGetFolderLocation

kernel32

CreateFileMappingW
WriteConsoleW
FreeLibrary
GetPrivateProfileStringW
CreateEventA
CreateFileW
LCMapStringA
ExpandEnvironmentStringsA
GetSystemDefaultLCID
GetComputerNameW
CopyFileA
GetCurrentDirectoryW
GetPriorityClass
SetFilePointer
GlobalFlags
GetSystemDirectoryA
HeapSetInformation
GetModuleFileNameW
LoadLibraryW
ResumeThread
GetEnvironmentStrings
VirtualProtect
SetFileTime
ReadFile
GlobalAlloc
GetEnvironmentVariableA
GetNumberFormatW
GetVersionExA
GetLogicalDriveStringsA
IsBadWritePtr
GetLocaleInfoW
VirtualQueryEx
GetEnvironmentVariableW
CreateDirectoryW
FreeEnvironmentStringsW
GetTimeFormatA
GetStringTypeExA
GetCurrentThread
LeaveCriticalSection
LockFile
CreateSemaphoreW
WriteFile
FreeResource
GetProcessTimes
FileTimeToDosDateTime
TerminateProcess
ExitThread
SetThreadPriority
CreateToolhelp32Snapshot
GetExitCodeProcess
WritePrivateProfileSectionA
GetFileSize
FindResourceA
FindResourceExW
FreeEnvironmentStringsA
GetComputerNameA
GetConsoleCP
CreateNamedPipeA
RaiseException
MoveFileExW
GetSystemDefaultLangID
EnumResourceLanguagesW
SetCurrentDirectoryA
GetTempPathA
SetThreadLocale
OpenFile
GlobalHandle
WaitForSingleObject
GlobalAddAtomW
Process32FirstW
GetShortPathNameW
FindResourceExA
AddAtomA
LocalAlloc
GetTempPathW
QueryDosDeviceW
LocalFree
SetFileAttributesW
GetTimeZoneInformation
ReleaseSemaphore
OutputDebugStringA
UnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetThreadLocale
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
GetCurrentProcess
GetModuleFileNameA
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InterlockedDecrement
InterlockedIncrement
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringW
GlobalMemoryStatus
GlobalFindAtomA
LockResource
GetCommandLineA
VirtualAlloc
MoveFileA
GetProcAddress

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoW

shlwapi

PathFindFileNameA

ole32

CreateILockBytesOnHGlobal
OleCreateLinkFromData
CreateItemMoniker
OleCreateFromFile
StgCreateDocfileOnILockBytes
CoRevokeClassObject
GetHGlobalFromILockBytes
OleTranslateAccelerator

user32

SetScrollInfo
GetMessageW
LoadStringW
GetSystemMenu
GetDialogBaseUnits
CheckMenuRadioItem
SetLayeredWindowAttributes
InflateRect
AttachThreadInput
EqualRect
GetSysColorBrush
DdeFreeDataHandle
SendNotifyMessageA
GetClassLongW
GetAncestor
LoadImageA
DdeUninitialize
GetWindowRect
CharLowerA
DrawFocusRect
ChildWindowFromPoint
MessageBoxW
GetForegroundWindow
GetMenuItemInfoW
GetDlgItemTextA
RegisterWindowMessageW
InsertMenuW
EnableWindow
SetMenuItemBitmaps
ShowCursor
CheckDlgButton
IsWindowUnicode
DrawMenuBar
GetKeyboardLayout
CreateAcceleratorTableW
DrawTextExA
GetUpdateRect
MsgWaitForMultipleObjects
GetMenuState
SetWindowTextA
EndDeferWindowPos
IsCharAlphaW
DdeDisconnect
SetCursor
GetScrollRange
RegisterClipboardFormatW
ReleaseDC
GetMenuCheckMarkDimensions
GetTabbedTextExtentA
CreateWindowExW
GetUserObjectInformationW
VkKeyScanW
CharUpperW
IsWindowVisible
IsChild
DestroyCaret
CharNextA
EnumThreadWindows
LockWindowUpdate
FrameRect
DestroyAcceleratorTable
GetScrollInfo
DialogBoxIndirectParamW

advapi32

RegDeleteValueW
LookupAccountSidA
ReportEventA
GetUserNameA
SetEntriesInAclW
SetServiceStatus
SetNamedSecurityInfoW
RegQueryInfoKeyA
CryptAcquireContextW
OpenSCManagerA
ImpersonateLoggedOnUser
AddAce
MakeAbsoluteSD
CheckTokenMembership
SetSecurityDescriptorGroup
RegQueryValueW
CopySid
FreeSid

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

293c5ae5fa0a9c2c16901c204c6e9237

Headers

File Characteristics

Imports

comctl32

comdlg32

oleaut32

gdi32

shell32

kernel32

version

shlwapi

ole32

user32

advapi32

Sections

.text Size: 216KB - Virtual size: 213KB

.data Size: 40KB - Virtual size: 39KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 216KB - Virtual size: 213KB

.data
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 4KB - Virtual size: 1KB