37a198030f354249e3c4d5496b8e2153_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37a198030f354249e3c4d5496b8e2153_JaffaCakes118
Size

218KB
MD5

37a198030f354249e3c4d5496b8e2153
SHA1

43e2118776e6105bc015612bba7e1898eb032517
SHA256

6ac6b530b5ca92aab91a6e01defb488b483f4e1347efa2a8f92a54a1b48f8b76
SHA512

a09ae4c5e1ecd5ef5db7e9f68f5c2bf79ca6b3e15d7ecf534935a3ee130e829931190c2f277e58baf52877518c291b618ed5ab76788dfbab80aec402ec45cd2c
SSDEEP

6144:qhz9RgwtUjl5QSHItVx4hOl+kuCCEdzio4wempQKAi:m9Rgwt380A1kuOdzlempQKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a198030f354249e3c4d5496b8e2153_JaffaCakes118

Files

37a198030f354249e3c4d5496b8e2153_JaffaCakes118
.exe windows:1 windows x86 arch:x86

dabcd8d044a62866d28c94fa53a2c297

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UnhookWinEvent
RegisterWindowMessageW
GetSubMenu
wsprintfW
SendDlgItemMessageW
EndDialog
CharUpperW
SetWindowLongW
ScreenToClient
GetForegroundWindow
DispatchMessageW
GetDC
EnableWindow
GetClientRect
CheckMenuItem
GetMenuState
SetFocus
RegisterWindowMessageA
GetWindowLongW
LoadStringW
GetWindowPlacement
CloseClipboard
TranslateAcceleratorW
GetMessageW
CharNextW
PostQuitMessage
DrawTextA
IsDialogMessageW
DestroyIcon
UpdateWindow
GetCursorPos
TranslateMessage
LoadStringA
GetKeyboardLayout
GetSystemMenu
ShowWindow
SetWindowTextW
LoadAcceleratorsW
LoadIconW
MessageBeep
GetDesktopWindow
DrawFocusRect
GetParent
LoadCursorW
DialogBoxParamW
PtInRect
SetWindowPlacement
EnableMenuItem
SetDlgItemTextW
OpenClipboard
IsClipboardFormatAvailable
GetDlgCtrlID
SetScrollPos
RegisterClassA
MessageBoxW
RegisterClassExW
CharLowerW
UnregisterClassA
InvalidateRect
GetMenu
WinHelpW
SetTimer
PeekMessageW
MoveWindow
SetCursor
CreateDialogParamW
IsIconic
ReleaseDC
GetWindowTextW
SetActiveWindow
LoadImageW
SetWinEventHook
GetSystemMetrics
GetFocus
GetDlgItem
SendMessageW
DestroyWindow
DefWindowProcW
DrawTextExW
LoadMenuW
PostMessageW
ChildWindowFromPoint
SendMessageA
DestroyMenu
GetDlgItemTextW
EqualRect
CreateWindowExW

msvcrt

_amsg_exit
time
__set_app_type
_controlfp
wcschr
wcsncmp
_adjust_fdiv
__setusermatherr
_initterm
_XcptFilter
_CxxThrowException
_wtol
_acmdln
__p__commode
strncmp
malloc
localtime
_vsnwprintf
iswctype
_exit
_cexit
exit
__getmainargs
??1type_info@@UAE@XZ
realloc
__dllonexit
__p__fmode
_c_exit
fflush
wcsncpy
_snwprintf

kernel32

FindResourceW
GetProcAddress
GetVersionExW
GetEnvironmentStringsW
FindClose
LocalUnlock
GetModuleHandleA
LocalFree
HeapAlloc
GetFileAttributesW
ExitProcess
RaiseException
LocalReAlloc
lstrcmpiW
lstrcpyW
GetUserDefaultLCID
GetCurrentProcess
LCMapStringA
UnmapViewOfFile
FoldStringW
CreateDirectoryA
MulDiv
GetModuleFileNameW
GlobalLock
TerminateProcess
CreateFileMappingW
GlobalHandle
MultiByteToWideChar
SetHandleCount
GetStartupInfoA
lstrcpynW
GetCommandLineW
IsBadReadPtr
GetModuleHandleW
GlobalFree
TlsFree
GetCurrentProcessId
GlobalUnlock
LocalFileTimeToFileTime
GetStdHandle
Sleep
FindFirstFileW
GetLocalTime
LocalLock
GetVersionExA
LockFile
WritePrivateProfileStringA
FindResourceExW
IsBadWritePtr
lstrlenW
MapViewOfFile
CreateFileA
GetLocaleInfoW
GetThreadLocale
FindResourceA
FreeLibrary
InterlockedIncrement
GetDateFormatW
CreateFileW
GetSystemDirectoryA
WriteFile
ReadFile
lstrcatW
FreeEnvironmentStringsW
SetLastError
VirtualProtect
GlobalReAlloc
SetEvent
GetACP
CompareStringW
GetTickCount
CloseHandle
GetTimeFormatW
LocalSize
SetEndOfFile
GetUserDefaultUILanguage
QueryPerformanceCounter
FormatMessageW
DisableThreadLibraryCalls
DeleteFileW
HeapSize
GetOEMCP
EnterCriticalSection
InitializeCriticalSection
SetEnvironmentVariableA
TlsSetValue
InterlockedDecrement
UnhandledExceptionFilter
lstrcmpW
VirtualQuery
GetFileInformationByHandle
VirtualAlloc
LoadLibraryA
LocalAlloc
GetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
SetUnhandledExceptionFilter
WideCharToMultiByte
OpenProcess
MoveFileA
InterlockedExchange

gdi32

SetBkMode
SetViewportExtEx
SetMapMode
GetTextExtentPoint32W
StartDocW
GetDeviceCaps
EndDoc
DeleteObject
AbortDoc
SetWindowExtEx
CreateFontIndirectW
SelectObject
SetAbortProc
EndPage
StartPage
TextOutW
EnumFontsW
GetStockObject
GetTextFaceW
GetObjectW
GetTextMetricsW
CreateDCW
DeleteDC
LPtoDP

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
ShellAboutW

advapi32

RegSetValueExW
RegCloseKey
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
IsTextUnicode
RegCreateKeyW

comdlg32

ChooseFontW
FindTextW
GetOpenFileNameW
GetFileTitleW
PrintDlgExW
GetSaveFileNameW
PageSetupDlgW
CommDlgExtendedError
ReplaceTextW

comctl32

CreateStatusWindowW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dabcd8d044a62866d28c94fa53a2c297

Headers

File Characteristics

Imports

user32

msvcrt

kernel32

gdi32

winspool.drv

shell32

advapi32

comdlg32

comctl32

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 176KB - Virtual size: 176KB

.data Size: 33KB - Virtual size: 1.0MB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 176KB - Virtual size: 176KB

.data
Size: 33KB - Virtual size: 1.0MB

.rsrc
Size: 5KB - Virtual size: 5KB