3740c798df05a5168d7a6138a966b4c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3740c798df05a5168d7a6138a966b4c2_JaffaCakes118
Size

828KB
MD5

3740c798df05a5168d7a6138a966b4c2
SHA1

7e083bde4d6211b8d299f6dd3dde3006f1e4719f
SHA256

8954605bc7c440fda2534a4c25d3c5e2ee0338676bb63edb015035828e839698
SHA512

06283a6b408eeae828b4d066012e7a74c9f542f28c8bbcd94c6670674b82932b34d00d06434fb2c5225376beb79a09f597c9d0d82083afd4299067ff168ad763
SSDEEP

12288:zoEjQqAWM50XrvNNxuGdUPqS4aZFk0L4Fz4AIB2UZ3:z/jQEjPxunCSo0cFz4AI8c3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3740c798df05a5168d7a6138a966b4c2_JaffaCakes118

Files

3740c798df05a5168d7a6138a966b4c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aab98a472477f070e6e493e081ef998d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
CreateThread
ExitThread
HeapReAlloc
HeapSize
GetACP
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
GetLocalTime
TerminateProcess
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
SetStdHandle
GetLocaleInfoW
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetSystemTime
GetTimeZoneInformation
FindFirstFileA
FindNextFileA
FindClose
CreateDirectoryA
GetCurrentThread
GetLastError
GetVersionExA
CreateProcessA
FormatMessageA
LocalFree
GetStringTypeExA
WideCharToMultiByte
OutputDebugStringA
InterlockedDecrement
InterlockedIncrement
GetThreadLocale
CompareStringA
lstrcmpiA
lstrcmpA
WriteFile
CreateFileA
GetFileSize
ReadFile
FindResourceA
LoadResource
LockResource
FreeResource
lstrlenA
lstrcpynA
CreateEventA
SetEvent
CloseHandle
Sleep
DeleteFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
lstrcatA
GetShortPathNameA
lstrcpyA
GetProfileStringA
RtlUnwind
GetCommandLineA
GetStartupInfoA
LocalFileTimeToFileTime
GlobalSize
SystemTimeToFileTime
FileTimeToSystemTime
GetFileTime
FileTimeToLocalFileTime
SetEndOfFile
lstrlenW
GetFullPathNameA
FlushFileBuffers
UnlockFile
LockFile
GetCurrentDirectoryA
DuplicateHandle
SetErrorMode
GetOEMCP
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalReAlloc
GetCPInfo
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
GetProcessVersion
LocalAlloc
GlobalFlags
SuspendThread
FindResourceExA
SizeofResource
GetCurrentThreadId
GlobalAlloc
GetVersion
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalUnlock
GlobalDeleteAtom
GlobalLock
GetSystemDirectoryA
VirtualProtect
GlobalFree
CreateFileMappingA
GetVolumeInformationA
OpenSemaphoreA
ReleaseSemaphore
MapViewOfFile
UnmapViewOfFile
ResetEvent
OpenMutexA
CreateMutexA
LoadLibraryExA
WaitForSingleObject
GetModuleHandleA
GetTickCount
CompareFileTime
MultiByteToWideChar
GetTempPathA
OpenEventA
ExpandEnvironmentStringsA
CopyFileA
GetTempFileNameA
SetFileTime
HeapFree
SetThreadPriority
MulDiv
MoveFileA
RemoveDirectoryA
SetFilePointer
ResumeThread
GetWindowsDirectoryA
GetExitCodeProcess
WritePrivateProfileStringA
MoveFileExA
GetProcessHeap
SetLastError
GetCurrentProcess
GetFileAttributesA
HeapAlloc
SetFileAttributesA
HeapCreate
VirtualFree

user32

EnableMenuItem
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
LoadIconA
UpdateWindow
SendDlgItemMessageA
GetSysColor
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetDlgCtrlID
GetKeyState
SetWindowsHookExA
MoveWindow
IsDialogMessageA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
MapDialogRect
ShowWindow
GetCapture
LoadBitmapA
GetMenuState
GetFocus
SetFocus
IsWindowEnabled
OffsetRect
SystemParametersInfoA
GetSystemMetrics
SetWindowPos
AdjustWindowRectEx
GetDlgItem
DestroyWindow
CreateWindowExA
RegisterClassA
CallWindowProcA
DefWindowProcA
DrawTextA
TranslateMessage
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetClassLongA
CallNextHookEx
GetMenuCheckMarkDimensions
DispatchMessageA
wsprintfA
WaitForInputIdle
GetAsyncKeyState
GetCursorPos
ScreenToClient
PtInRect
CreateCursor
SetCursor
LoadCursorA
DestroyCursor
LoadStringA
OemToCharA
CharToOemA
CharLowerA
CharUpperA
CharNextA
WindowFromDC
ReleaseDC
BeginPaint
SetRect
EndPaint
InvalidateRect
IsWindow
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindowRect
GetWindowLongA
SetWindowLongA
GetClassNameA
IsRectEmpty
InflateRect
FillRect
SendMessageA
GetDC
MessageBoxA
SetRectEmpty
GetClientRect
MapWindowPoints
EnableWindow
PostMessageA
EnumChildWindows
GetParent
ClientToScreen
GetWindowDC
TabbedTextOutA
ValidateRect
PeekMessageA
GrayStringA
wvsprintfA
DestroyIcon
PostThreadMessageA
RemoveMenu
AppendMenuA
RegisterClipboardFormatA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
GetMenuStringA
DeleteMenu
InsertMenuA
WindowFromPoint
GetWindowThreadProcessId
WaitMessage
ReleaseCapture
SetCapture
DestroyMenu
GetDesktopWindow
GetSysColorBrush
GetDialogBaseUnits
SetWindowContextHelpId
GetMessageA
ShowOwnedPopups
PostQuitMessage
GetActiveWindow
SetActiveWindow
GetSubMenu
SetDlgItemInt
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
UnregisterClassA

gdi32

GetDeviceCaps
GetStockObject
ExtTextOutA
CreatePen
SetBkMode
SelectObject
GetTextExtentPoint32A
CreatePalette
CreateDIBitmap
SetTextColor
SelectPalette
DeleteDC
RealizePalette
SetBkColor
CreateBitmap
CreateCompatibleDC
StretchBlt
SetStretchBltMode
CreateCompatibleBitmap
GetObjectType
GetDCOrgEx
GetDIBits
StartDocA
SaveDC
GetClipBox
SetPolyFillMode
SetROP2
RestoreDC
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
OffsetWindowOrgEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
CreateFontIndirectA
OffsetClipRgn
SetTextAlign
SetTextJustification
LineTo
SetMapperFlags
GetCurrentPositionEx
SetTextCharacterExtra
SetArcDirection
PolyDraw
ArcTo
SetColorAdjustment
PolyBezierTo
PolylineTo
CreateRectRgn
SelectClipPath
GetClipRgn
PlayMetaFileRecord
EnumMetaFile
ExtSelectClipRgn
GetViewportExtEx
GetWindowExtEx
PlayMetaFile
CreateSolidBrush
CreateHatchBrush
ExtCreatePen
CreateDIBPatternBrushPt
PtVisible
CreatePatternBrush
TextOutA
Escape
RectVisible
PatBlt
SetRectRgn
GetMapMode
CreateRectRgnIndirect
DPtoLP
CombineRgn
EnumFontFamiliesExA
GetTextColor
GetTextMetricsA
LPtoDP
CopyMetaFileA
GetBkColor
GetTextExtentPointA
CreateDCA
GetObjectA
BitBlt
DeleteObject

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegGetKeySecurity
RegDeleteKeyA
RegCloseKey
RegEnumValueA
RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
FreeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
GetAce
GetAclInformation
AddAccessAllowedAce
RevertToSelf
AreAllAccessesGranted
AccessCheck
OpenThreadToken
ImpersonateSelf
RegCreateKeyExA
RegDeleteValueA
AddAce
RegQueryInfoKeyA
RegSetKeySecurity
CopySid
GetTokenInformation
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
RegSetValueExA
RegCreateKeyA
RegEnumKeyExA
RegOpenKeyA
RegSetValueA
RegQueryValueA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17

oledlg

ord8

ole32

OleUninitialize
CreateBindCtx
CoDisconnectObject
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
OleDuplicateData
OleInitialize
OleRun
CoGetClassObject
CoRegisterClassObject
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
ReadClassStg
StringFromCLSID
CoTreatAsClass
ReleaseStgMedium
CoRegisterMessageFilter
CLSIDFromProgID
CoRevokeClassObject
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes

olepro32

ord253

oleaut32

VariantClear
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VarBstrFromCy
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysAllocStringByteLen
SysStringByteLen
VarCyFromStr
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysStringLen
LoadTypeLi

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA

Sections

.text
Size: 352KB - Virtual size: 350KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aab98a472477f070e6e493e081ef998d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

version

shell32

Sections

.text Size: 352KB - Virtual size: 350KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 28KB - Virtual size: 46KB

.rsrc Size: 372KB - Virtual size: 368KB

.text
Size: 352KB - Virtual size: 350KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 28KB - Virtual size: 46KB

.rsrc
Size: 372KB - Virtual size: 368KB