35a28451dd498cd4767beea58e8b2dbb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35a28451dd498cd4767beea58e8b2dbb_JaffaCakes118
Size

442KB
MD5

35a28451dd498cd4767beea58e8b2dbb
SHA1

f3bc014b914260aa678a51c2e45fb7ef7b0688b5
SHA256

439bd55724a51c1fa1414361f7b4e81b8bc81b693f70f0fca509f803b388b1e4
SHA512

d3d2369ec098805511c9fa149dbcbd9eef379ae8485271bfd841ec5fb5f52cf34504aded811fa0f2a16422481856b78fd8cfe0ea680791ee394f563e41d7b29a
SSDEEP

6144:WeVkBG8wlXQ/yxHWKMculJr6Ui4PdU1UsqCCEL:/WG8+XMyxH72Q4C116EL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a28451dd498cd4767beea58e8b2dbb_JaffaCakes118

Files

35a28451dd498cd4767beea58e8b2dbb_JaffaCakes118
.exe .js windows:4 windows x86 arch:x86 polyglot

7b5ea87e8345f616f59f3caa68883df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
WindowFromPoint
UpdateWindow
wsprintfA
TrackPopupMenu
ShowWindow
SetWindowTextA
SetWindowRgn
SetWindowLongA
SetTimer
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetDlgItemTextA
SetDlgItemInt
SetCursor
SetClassLongA
CheckMenuItem
SendDlgItemMessageA
SetWindowPos
ReleaseDC
ReleaseCapture
RegisterClassExA
PtInRect
PostQuitMessage
PostMessageA
PaintDesktop
MoveWindow
ModifyMenuA
MessageBoxA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsWindowVisible
IsMenu
InvalidateRect
GetWindowTextA
GetWindowRect
SendMessageA
GetWindowLongA
GetSystemMetrics
GetSysColor
GetSubMenu
GetParent
GetMessageA
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetMenu
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
FindWindowExA
FindWindowA
ExitWindowsEx
EnumWindows
EndPaint
EndDialog
EnableWindow
DispatchMessageA
DialogBoxParamA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
CreateDialogParamA
CallWindowProcA
CheckMenuRadioItem
BringWindowToTop
BeginPaint
AppendMenuA

kernel32

lstrlenA
lstrcpyA
_llseek
WritePrivateProfileStringA
WriteFile
WinExec
TerminateProcess
Sleep
SizeofResource
SetFileAttributesA
SetCurrentDirectoryA
RemoveDirectoryA
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
Module32Next
Module32First
LockResource
LoadResource
LoadLibraryA
GetWindowsDirectoryA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleHandleA
GetLocalTime
GetFileAttributesA
GetExitCodeProcess
GetCommandLineA
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateThread
CreateToolhelp32Snapshot
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FindResourceA

comctl32

ord17
InitCommonControlsEx

comdlg32

GetOpenFileNameA

gdi32

ExtFloodFill
GetPixel
CreatePatternBrush
DeleteDC
SelectObject
TextOutA
SetTextColor
SetBkMode
SetBkColor
CreateCompatibleDC
RoundRect
MoveToEx
LineTo
GetTextExtentPoint32A
GetObjectA
DeleteObject
CreateSolidBrush
CreateRoundRectRgn
CreatePen
CreateFontA

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

advapi32

RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

winmm

PlaySoundA

Sections

yxf_H
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

XM
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*sieye*
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Reject
Size: 1024B - Virtual size: 877B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

YXF
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.��
Size: 25KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ԫ
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b5ea87e8345f616f59f3caa68883df6

Headers

File Characteristics

Imports

user32

kernel32

comctl32

comdlg32

gdi32

ole32

shell32

advapi32

winmm

Sections

yxf_H Size: 7KB - Virtual size: 6KB

XM Size: 3KB - Virtual size: 3KB

�� Size: 12KB - Virtual size: 11KB

*sieye* Size: 3KB - Virtual size: 3KB

������ Size: 7KB - Virtual size: 6KB

.���� Size: 10KB - Virtual size: 10KB

Reject Size: 1024B - Virtual size: 877B

YXF Size: 2KB - Virtual size: 1KB

.������ Size: 25KB - Virtual size: 39KB

��ԫ Size: 4KB - Virtual size: 4KB

.rsrc Size: 364KB - Virtual size: 364KB

yxf_H
Size: 7KB - Virtual size: 6KB

XM
Size: 3KB - Virtual size: 3KB

��
Size: 12KB - Virtual size: 11KB

sieye
Size: 3KB - Virtual size: 3KB

��
Size: 7KB - Virtual size: 6KB

.��
Size: 10KB - Virtual size: 10KB

Reject
Size: 1024B - Virtual size: 877B

YXF
Size: 2KB - Virtual size: 1KB

.��
Size: 25KB - Virtual size: 39KB

��ԫ
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 364KB - Virtual size: 364KB