3509c193861f036be9bd995937c6a476_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3509c193861f036be9bd995937c6a476_JaffaCakes118
Size

316KB
MD5

3509c193861f036be9bd995937c6a476
SHA1

0d74262dcc5d27d8d5f94f64c845d91a3878fc8c
SHA256

32f8884e6af0cccdf15c0e11f4a260749b0990578f39738fd4527dffde0810b6
SHA512

df4017a9430d78042a710076929c65c8603a3a6c13f01bc7140bf46d16141329671382a7014488f18ec12a391cf9644c9f3ee5d5ac571e7cc756d0651c317eff
SSDEEP

3072:p1G6qbnJSZLKy0Nl8/HG9QOsk9Wo2vhLczJuLoOdv0PJKJSMjkByGBAvaLj7aj:p1GVdy+nNlyG6ljxGu/mFByGBAAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3509c193861f036be9bd995937c6a476_JaffaCakes118

Files

3509c193861f036be9bd995937c6a476_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b7959cf81b5010434b13a18640d2598

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA

kernel32

HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
GlobalFindAtomA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
TerminateProcess
GetProcessVersion
TlsSetValue
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GetCurrentThreadId
RaiseException
HeapFree
HeapAlloc
GetStartupInfoA
ExitProcess
GetCommandLineA
RtlUnwind
GetSystemTimeAsFileTime
GetTimeZoneInformation
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetFileAttributesA
GetFileTime
GetFileSize
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
LockFile
SetEndOfFile
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
GetCPInfo
DuplicateHandle
GetOEMCP
IsBadWritePtr
LocalReAlloc
TlsGetValue
GlobalGetAtomNameA
lstrcmpiA
GlobalReAlloc
TlsFree
GlobalAddAtomA
GlobalHandle
TlsAlloc
GlobalFlags
GetModuleFileNameA
GlobalAlloc
GetCurrentThread
lstrcmpA
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
GetLastError
WaitForSingleObject
CloseHandle
MulDiv
SetLastError
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FormatMessageA
IsBadReadPtr
LCMapStringA
GlobalDeleteAtom
GlobalFree
LoadResource
FindResourceA
LockResource
lstrcpyA
GlobalUnlock
GlobalLock
GetProcAddress
GetModuleHandleA

user32

PostQuitMessage
wvsprintfA
ReleaseCapture
GetCursorPos
GetDesktopWindow
WindowFromPoint
TranslateMessage
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ReleaseDC
GetDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
GetMenuCheckMarkDimensions
ShowOwnedPopups
GetClassNameA
GetSysColorBrush
CharUpperA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetTopWindow
GetCapture
WinHelpA
wsprintfA
RegisterClassA
GetMenu
GetMenuItemCount
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
ClientToScreen
GetWindowRect
PtInRect
LoadIconA
UpdateWindow
RegisterWindowMessageA
MessageBoxA
LoadCursorA
SetActiveWindow
KillTimer
SetTimer
InvalidateRect
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckMenuItem
EnableMenuItem
LoadBitmapA
SetCursor
GetSystemMetrics
SendMessageA
EnableWindow
GetClassInfoA
GetMenuItemID
GetSubMenu
UnregisterClassA

gdi32

CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
PatBlt
BitBlt
SelectObject
GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragFinish
FindExecutableA
ShellExecuteA
DragQueryFileA

comctl32

ord17
ImageList_Create
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Destroy
ImageList_AddMasked
ImageList_Draw
ImageList_BeginDrag
ImageList_EndDrag

wsock32

sendto
recvfrom
socket
inet_ntoa
connect
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
ioctlsocket
accept
getsockname
ntohs
inet_addr
WSASetLastError
WSAStartup
WSACleanup
WSAGetLastError
bind

wininet

InternetCloseHandle
InternetOpenUrlA
InternetGetLastResponseInfoA
InternetReadFile
InternetCanonicalizeUrlA
InternetQueryDataAvailable
InternetCrackUrlA
InternetQueryOptionA
InternetOpenA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback

Sections

.text
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ani
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0b7959cf81b5010434b13a18640d2598

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

wininet

Sections

.text Size: 152KB - Virtual size: 149KB

.rdata Size: 36KB - Virtual size: 33KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 84KB - Virtual size: 83KB

.ani Size: 28KB - Virtual size: 28KB

.text
Size: 152KB - Virtual size: 149KB

.rdata
Size: 36KB - Virtual size: 33KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 84KB - Virtual size: 83KB

.ani
Size: 28KB - Virtual size: 28KB