38cb5c8ee063e55bd732e37af8285b5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38cb5c8ee063e55bd732e37af8285b5f_JaffaCakes118
Size

508KB
MD5

38cb5c8ee063e55bd732e37af8285b5f
SHA1

091e8a601f6a6fd5db15a716a3c1a6a83bdf59fd
SHA256

ca84677ad7a058978f23c91e8ab99ce57e59ec2e1ce6898df6fc4c4bd0f39fee
SHA512

5ff8432ecba2149ed62914fa476af219ba414122d0c8e08997762922125931159448a86f7fb1ec54a9398c5c02ec9b6a00a991be161e39ef59db2fe0453311f1
SSDEEP

12288:uKTEGEHfoFAoCp7EMry8J0mf3yPOoAysORvi:unnEMr7GmXoAy7vi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38cb5c8ee063e55bd732e37af8285b5f_JaffaCakes118

Files

38cb5c8ee063e55bd732e37af8285b5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6b1673c6050daa7037915ab9be42a8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

waveOutGetDevCapsA
waveOutGetNumDevs

msvfw32

ICClose
ICGetInfo
ICInfo
ICOpen

msacm32

acmDriverEnum
acmDriverDetailsA

kernel32

GetFileTime
GetFileSize
RtlUnwind
HeapFree
HeapAlloc
GetStartupInfoA
ExitProcess
RaiseException
GetTimeZoneInformation
GetACP
TerminateProcess
CreateThread
GetTickCount
GetFileAttributesA
HeapSize
GetEnvironmentVariableA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
GetProcessVersion
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
SetErrorMode
GetThreadLocale
FindResourceExA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
VirtualAlloc
VirtualFree
TlsGetValue
WideCharToMultiByte
GetCommandLineA
GlobalMemoryStatus
CreatePipe
GetCurrentProcess
DuplicateHandle
ReadFile
FreeConsole
AllocConsole
SetConsoleTitleA
Sleep
CreateProcessA
GetModuleHandleA
GetVersion
InterlockedDecrement
InterlockedIncrement
GetCurrentProcessId
lstrcmpiA
QueryDosDeviceA
GetLastError
CreateEventA
ResetEvent
WaitForSingleObject
CloseHandle
FreeLibrary
GetLogicalDrives
CreateFileA
GetDriveTypeA
DeviceIoControl
LoadLibraryA
GetProcAddress
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetProfileStringA
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SizeofResource
GlobalFlags
MulDiv
VirtualProtect
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
lstrcmpA
GetCurrentThread
ReleaseMutex
CreateMutexA
GetModuleFileNameA
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenA
FindNextFileA
FindFirstFileA
SetLastError
FindClose
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcpynA
SetStdHandle
ExitThread
HeapReAlloc
IsBadCodePtr

user32

CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
PtInRect
GetClassNameA
WindowFromPoint
DestroyMenu
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
SetWindowContextHelpId
MapDialogRect
GetAsyncKeyState
TranslateMessage
ValidateRect
GetCursorPos
PostQuitMessage
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
WinHelpA
GetClassInfoA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetCapture
AdjustWindowRectEx
SetFocus
RegisterClassA
ClipCursor
SetCapture
GetMessageA
DispatchMessageA
ReleaseCapture
SetWindowLongA
ScreenToClient
GetDC
FillRect
ReleaseDC
GetFocus
DrawEdge
RegisterWindowMessageA
GrayStringA
DrawTextA
TabbedTextOutA
InflateRect
SetCursor
UpdateWindow
RedrawWindow
GetSysColor
InvalidateRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
GetWindowRect
LoadIconA
GetDesktopWindow
LockWindowUpdate
FindWindowA
ShowWindow
SendMessageA
wsprintfA
EnableWindow
LoadCursorA
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
DefDlgProcA
ExcludeUpdateRgn
IsWindowUnicode

gdi32

GetObjectA
GetTextExtentPointA
GetStockObject
CreateSolidBrush
DeleteObject
EndDoc
CreateDIBitmap
TextOutA
LineTo
MoveToEx
SelectObject
GetTextExtentPoint32A
StartPage
CreateFontIndirectA
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
CreatePen
CreatePatternBrush
SetViewportExtEx
OffsetViewportOrgEx
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
EnumFontFamiliesExA
GetTextColor
LPtoDP
SetViewportOrgEx
SetBkMode
RestoreDC
SaveDC
DeleteDC
PatBlt
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateRectRgn
Escape
ExtTextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetBkColor
GetCurrentObject
GetDeviceCaps
SetMapMode
StartDocA
CreateFontA
SetTextAlign
EndPage
ScaleViewportExtEx
SetWindowOrgEx
CreateRectRgnIndirect

comdlg32

GetSaveFileNameA
PrintDlgA
GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegQueryValueExA
CloseServiceHandle
RegCreateKeyExA
RegEnumKeyA
OpenSCManagerA
EnumServicesStatusA
OpenServiceA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_DrawIndirect
ImageList_LoadImageA
ImageList_Destroy
DestroyPropertySheetPage
ImageList_SetBkColor
PropertySheetA
ord17
CreatePropertySheetPageA

oledlg

ord8

ole32

CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoTaskMemAlloc
OleInitialize
CoCreateGuid
StringFromIID
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize
CoRevokeClassObject
CoRegisterMessageFilter
CLSIDFromString
CLSIDFromProgID
CoInitialize

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysAllocStringLen
SysFreeString
VariantInit
VariantClear
SysStringLen

Sections

.text
Size: 288KB - Virtual size: 285KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 96KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6b1673c6050daa7037915ab9be42a8f

Headers

File Characteristics

Imports

version

winmm

msvfw32

msacm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 288KB - Virtual size: 285KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 96KB - Virtual size: 115KB

.rsrc Size: 60KB - Virtual size: 64KB

.text
Size: 288KB - Virtual size: 285KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 96KB - Virtual size: 115KB

.rsrc
Size: 60KB - Virtual size: 64KB