34e469c1c8e18008775c8cc326a1f815_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

34e469c1c8e18008775c8cc326a1f815_JaffaCakes118
Size

776KB
MD5

34e469c1c8e18008775c8cc326a1f815
SHA1

982adb3def947792cd13396296f9d6367ea96aad
SHA256

e79fa83b9f913bfcf794234497515bd4310b16f8321bd72f531e97b966978c58
SHA512

ce2958630789b729fb9519b264ee4b2c7079e10b067ab204960ba5e323205659539fb44e32fbbfe3738dd150d7482387ba05f30cecbb413ad8c0404063be990c
SSDEEP

24576:VvskI7z5cXNWg7amwqVLUBpWKg3y0LTy2:WjH5adwlNg3zLTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34e469c1c8e18008775c8cc326a1f815_JaffaCakes118

Files

34e469c1c8e18008775c8cc326a1f815_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1d8e72646bd5f35346e9ee21f6c725c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowLongA
GetPropA
ClientToScreen
CreateWindowExA
PeekMessageA
UnhookWindowsHookEx
RegisterClassExA
BeginPaint
DispatchMessageA
GetDlgCtrlID
UnregisterClassA
GetMenuCheckMarkDimensions
DialogBoxParamA
GetCursorPos
GetDlgItem
AppendMenuA
RemoveMenu
PostQuitMessage
ShowWindow
InvalidateRgn
TranslateMessage
GetWindow
SetPropA
UnpackDDElParam
SetDlgItemTextA
DestroyWindow
DefWindowProcA
IsChild
CharNextA
SetCursor
RegisterClassA
RegisterWindowMessageA
GetWindowPlacement
GetMenuStringA
GetSystemMetrics
GetMenuItemCount
ReleaseDC
LoadIconA
SetFocus
CreatePopupMenu
GetNextDlgTabItem
LoadAcceleratorsA
InsertMenuItemA
LoadStringA
ScreenToClient
EndPaint
GetParent
MapWindowPoints
LoadMenuA
InflateRect
GetWindowRect
DrawIcon
CheckMenuItem
PtInRect
GetClientRect
SetTimer
GetAsyncKeyState
LoadCursorA
MessageBoxA
ReleaseCapture
GetDesktopWindow

kernel32

VirtualFree
LocalFileTimeToFileTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsA
LocalFree
SetUnhandledExceptionFilter
IsBadWritePtr
GlobalHandle
HeapFree
LocalReAlloc
QueryPerformanceCounter
UnhandledExceptionFilter
GetCurrentProcess
GetTimeFormatA
TlsSetValue
GetModuleFileNameA
FlushFileBuffers
ReleaseMutex
FindClose
WaitForSingleObject
FileTimeToSystemTime
InterlockedIncrement
LeaveCriticalSection
GetSystemTimeAsFileTime
GetTempFileNameA
OpenMutexA
WriteFile
SuspendThread
LockResource
GlobalSize
lstrlenA
FreeEnvironmentStringsA
WriteConsoleA
lstrcmpA
SetStdHandle
WritePrivateProfileStringA
GetStringTypeA
GetCurrentProcessId
ExitProcess
lstrlenW
LoadLibraryA
FindFirstFileA
GetWindowsDirectoryA
FormatMessageA
GetLastError
TlsGetValue
InitializeCriticalSection
WideCharToMultiByte
SetLastError
CompareStringW
GetSystemTime
GlobalAlloc
CompareStringA
CopyFileA
SetCurrentDirectoryA
GlobalFlags
GetFileAttributesW
RtlUnwind
SetErrorMode
FreeEnvironmentStringsW
lstrcmpiA
GetProcessHeap
LoadResource
GetModuleHandleA
CreateFileMappingA
InterlockedDecrement
EnterCriticalSection
GetExitCodeProcess
GetSystemDirectoryA
GetDateFormatA
GetVolumeInformationA
GetCommandLineA
LocalAlloc
FindNextFileA
GetLocaleInfoA
GlobalDeleteAtom
GetDriveTypeA
GetStringTypeW
GlobalUnlock
GetFileSize
MapViewOfFile
FreeLibrary
GetACP
VirtualAlloc
CreateMutexA
SetFileTime
MultiByteToWideChar
SizeofResource
GetFullPathNameA
GetProcAddress
GlobalReAlloc
CreateDirectoryA
MoveFileA
CreateFileA
HeapAlloc
IsValidLocale
DuplicateHandle
lstrcmpW
GetTickCount
EnumSystemLocalesA
GetThreadLocale
GetUserDefaultLCID
GetFileType
SetEndOfFile
SetEnvironmentVariableA
UnmapViewOfFile
GlobalFree
DeleteFileA
GetFileAttributesA
SetHandleCount
GetStdHandle
LockFile
CreateEventA
SetFileAttributesA
GetStartupInfoA
FindNextFileW
SetEvent
GetTempPathA
HeapCreate
RaiseException
ReadFile
GetOEMCP
GetCurrentDirectoryA
CloseHandle
GetFileTime
GetLocalTime
GetCPInfo
CreateProcessA
LCMapStringW
GetCurrentThreadId
GetEnvironmentStringsW
DeleteCriticalSection
CreateThread
Sleep
IsValidCodePage
VirtualProtect
GetEnvironmentStrings
LoadLibraryExA
GlobalLock
GetSystemDefaultLangID
GetTimeZoneInformation
WinExec
GetLocaleInfoW
TlsAlloc
UnlockFile
ConvertDefaultLocale
InterlockedExchange
lstrcatA
GetSystemInfo
IsBadCodePtr
IsBadReadPtr
VirtualQuery
FindResourceA
ResetEvent
SystemTimeToFileTime
SetFilePointer
LCMapStringA
ExitThread
TerminateProcess
HeapSize
GetVersionExA
SetConsoleCtrlHandler
TlsFree
GetCurrentThread
CreateFileW
GetVersion
HeapReAlloc
FindFirstFileW
GlobalAddAtomA
HeapDestroy

shell32

Shell_NotifyIconA
ShellExecuteA
ord155
SHAppBarMessage
SHChangeNotify
SHGetFileInfoA
DragQueryFileA

comctl32

InitCommonControlsEx
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Draw
ord17

comdlg32

GetOpenFileNameW
ChooseColorA

gdi32

SetBrushOrgEx
ScaleWindowExtEx
GetTextAlign
CreateFontA
Rectangle
MaskBlt
BitBlt
PolyPolygon
RealizePalette
GetTextExtentPoint32A
CreateEllipticRgn
SetViewportOrgEx
GetRegionData
CreateFontIndirectA
SetRectRgn
ExtSelectClipRgn
CreateRectRgnIndirect
GetNearestPaletteIndex
ExcludeClipRect
GetViewportOrgEx
OffsetRgn
SetBkColor
CreateEnhMetaFileA
Pie
Ellipse
CreateDIBitmap
SetTextColor
SetWindowExtEx
PolyBezier
GetTextExtentPoint32W
SetPolyFillMode
DeleteDC
GetObjectA
EndPath
GetTextMetricsA
AbortDoc
GetMapMode
GetTextFaceA
SetAbortProc
GetDIBits
EqualRgn
CloseEnhMetaFile
SelectClipRgn
RectVisible
LPtoDP
PatBlt
GetDCOrgEx
FillPath
GetFontData
GetBkMode
LineTo
StretchDIBits
BeginPath
CreateCompatibleDC
GetRgnBox
CreateCompatibleBitmap
SetTextJustification
OffsetViewportOrgEx
PtVisible
SetPaletteEntries
OffsetWindowOrgEx
StrokePath
CombineRgn
CreatePatternBrush
SetWindowOrgEx
PaintRgn
ExtCreatePen
ScaleViewportExtEx
GetClipBox
GetClipRgn
SelectObject
GetGlyphOutlineA
SetTextAlign
GetBkColor
GetStockObject
Polyline
SelectPalette
FillRgn
ExtTextOutA
CreateRectRgn
SetROP2
UnrealizeObject
IntersectClipRect
CreateSolidBrush
GetDeviceCaps
SetBkMode
GetCurrentPositionEx
CreateBitmap
GetTextColor
GetPaletteEntries
PlayEnhMetaFile
GetPixel
DeleteObject
GetNearestColor
MoveToEx
Polygon
PolyBezierTo
CreateRoundRectRgn
DPtoLP
CreateDCA
SetStretchBltMode
StretchBlt
SetViewportExtEx

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1d8e72646bd5f35346e9ee21f6c725c

Headers

File Characteristics

Imports

user32

kernel32

shell32

comctl32

comdlg32

gdi32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 476KB - Virtual size: 475KB

.data Size: 108KB - Virtual size: 122KB

.rsrc Size: 96KB - Virtual size: 93KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 476KB - Virtual size: 475KB

.data
Size: 108KB - Virtual size: 122KB

.rsrc
Size: 96KB - Virtual size: 93KB