3ab42071130828cb0a3dc3e0a907787b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3ab42071130828cb0a3dc3e0a907787b_JaffaCakes118
Size

841KB
MD5

3ab42071130828cb0a3dc3e0a907787b
SHA1

de6578eee7087008439bcc3311fefd077c657172
SHA256

327647f43a2165425b4b7d165561598944379de5a2466a2486e97a9cf2ae122c
SHA512

856e9774ba97505d30fda7e3331df19bdcb88b510b6b2f0bd203ebcf51a34fad3ed01e7ed194fc2d4c4f89c4a32af019b0e0448e19a27d98437f2fbb9141fdaf
SSDEEP

24576:2vhWFAFaXWxWjvlpOeLmeAT1ZQYYboHCeOxOd:2vkutuv+eLm316YYbmzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ab42071130828cb0a3dc3e0a907787b_JaffaCakes118

Files

3ab42071130828cb0a3dc3e0a907787b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0eb0b91f825c20e1ab60994e6aa05f51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceCounter
LocalFree
WriteConsoleW
TlsGetValue
GetCurrentProcess
LoadLibraryW
GetSystemInfo
FindClose
lstrcmpiW
InterlockedExchange
FormatMessageW
GetOEMCP
TlsSetValue
VirtualProtectEx
GetTimeZoneInformation
WaitForSingleObject
GetOverlappedResult
MulDiv
GetProcessHeap
GetNumberFormatW
GetModuleHandleW
SearchPathW
GetTempFileNameW
FreeEnvironmentStringsW
GetCurrentThread
GlobalAddAtomW
RtlUnwind
TerminateProcess
lstrlenW
InterlockedDecrement
CompareStringW
InitializeCriticalSectionAndSpinCount
FreeResource
CreateFileW
lstrcpyW
GetProcAddress
GetEnvironmentStringsW
GlobalFlags
GetTempPathW
HeapReAlloc
OpenEventW
LCMapStringW
SetLastError
GetModuleFileNameW
InterlockedIncrement
GlobalAlloc
SizeofResource
HeapSetInformation
VirtualAlloc
CopyFileW
GetFileSizeEx
SetHandleCount
FindResourceExW
ResumeThread
GetProfileIntW
SetFilePointer
GetSystemDirectoryW
IsValidCodePage
HeapCreate
Sleep
MultiByteToWideChar
GlobalHandle
TerminateThread
GetCurrentThreadId
InitializeCriticalSection
lstrcmpA
SetThreadPriority
WriteFile
GlobalFree
LockFile
GetConsoleCP
GetVersionExW
HeapQueryInformation
CreateEventW
GlobalUnlock
GlobalFindAtomW
SetEnvironmentVariableA
SetEndOfFile
CloseHandle
FreeLibrary
FlushFileBuffers
DuplicateHandle
GetStdHandle
GetLastError
UnlockFile
LocalReAlloc
CreateThread
UnhandledExceptionFilter
HeapDestroy
GlobalSize
FileTimeToSystemTime
CreateNamedPipeW
GetFullPathNameW
VirtualQuery
FindResourceW
HeapSize
LeaveCriticalSection
GetConsoleMode
GetCommandLineW
IsDebuggerPresent
lstrlenA
GetFileAttributesW
GlobalReAlloc
WaitForMultipleObjects
FileTimeToLocalFileTime
GetCurrentProcessId
GetVolumeInformationW
ReadFile
FindFirstFileW
IsProcessorFeaturePresent
LoadLibraryExW
HeapFree
ExitThread
GetCurrentDirectoryW
lstrcmpW
GetUserDefaultUILanguage
GetStartupInfoW
GlobalDeleteAtom
SetEvent
TlsAlloc
WideCharToMultiByte
GetCPInfo
CreateMutexW
InterlockedCompareExchange
SetUnhandledExceptionFilter
GetFileSize
GetFileAttributesExW
LockResource
HeapAlloc
DisconnectNamedPipe
GlobalLock
GetTickCount
GetSystemTimeAsFileTime
GetFileType
LocalAlloc
GetACP
LoadResource
RaiseException
TlsFree
GetFileTime
GlobalGetAtomNameW
EnterCriticalSection
DeleteCriticalSection
SetStdHandle
GetLocaleInfoW
GetStringTypeW

user32

DialogBoxParamW
GetCapture
DestroyCursor
CreateWindowExW
BeginDeferWindowPos
CreatePopupMenu
InflateRect
KillTimer
MonitorFromPoint
GetMenuItemID
SetRect
DrawFrameControl
MapDialogRect
GrayStringW
GetDoubleClickTime
UnpackDDElParam
EqualRect
TranslateAcceleratorW
SetCursorPos
GetForegroundWindow
GetIconInfo
GetSystemMenu
GetSysColor
FillRect
PtInRect
GetMonitorInfoW
GetKeyNameTextW
ShowScrollBar
DestroyWindow
WinHelpW
PostMessageW
GetMessageTime
MapWindowPoints
OpenClipboard
DeferWindowPos
GetMenuItemCount
TranslateMDISysAccel
CallWindowProcW
LoadMenuW
CopyRect
UpdateWindow
CallNextHookEx
GetPropW
SetMenuDefaultItem
GetWindowRgn
DrawEdge
ScreenToClient
GetClassInfoExW
GetLastActivePopup
DrawIcon
EnableScrollBar
DrawStateW
SetWindowTextW
FrameRect
UnionRect
GetWindow
SetScrollPos
ReleaseDC
EnableWindow
GetKeyboardLayout
LockWindowUpdate
PeekMessageW
CreateMenu
GetMessagePos
CopyAcceleratorTableW
SetParent
IsMenu
SetFocus
EnumDisplayMonitors
IsIconic
IsWindowEnabled
GetDlgCtrlID
SetActiveWindow
EndDeferWindowPos
DrawMenuBar
ValidateRect
ScrollWindow
GetMenuItemInfoW
AppendMenuW
SetClassLongW
DestroyAcceleratorTable
RegisterWindowMessageW
HideCaret
DispatchMessageW
SetRectEmpty
SetTimer
GetClassInfoW
LoadIconW
SetWindowRgn
LoadCursorW
InsertMenuW
ClientToScreen
ShowWindow
GetMenuCheckMarkDimensions
ModifyMenuW
SystemParametersInfoW
NotifyWinEvent
ReuseDDElParam
CharUpperW
InsertMenuItemW
SetScrollRange
MessageBeep
MapVirtualKeyExW
RegisterClassW
DestroyMenu
GetParent
DeleteMenu
CheckMenuItem
SendDlgItemMessageW
GetFocus
DrawTextW
MessageBoxW
GetMenuStringW
ToUnicodeEx
SetWindowsHookExW
GetAsyncKeyState
SetMenuItemBitmaps
DefMDIChildProcW
GetCursorPos
BeginPaint
DefFrameProcW
IsRectEmpty
GetScrollPos
GetKeyboardState
CloseClipboard
DestroyIcon
PostQuitMessage
SubtractRect
SetWindowPos
GetActiveWindow
CopyIcon
GetMessageW
CreateAcceleratorTableW
GetNextDlgGroupItem
GetScrollRange
SetMenu
GetWindowRect
GetDesktopWindow
GetDlgItem
InvertRect
IsClipboardFormatAvailable
AdjustWindowRectEx
CreateDialogIndirectParamW
TranslateMessage
IsChild
MonitorFromWindow
ReleaseCapture
RegisterClipboardFormatW
GetWindowThreadProcessId
GetNextDlgTabItem
WindowFromPoint
SetForegroundWindow
IsWindowVisible
SetLayeredWindowAttributes
InvalidateRect
DrawTextExW
LoadBitmapW
GetUpdateRect
GetWindowTextW
LoadAcceleratorsW
WaitMessage
GetWindowDC
UnhookWindowsHookEx
OffsetRect
SendMessageW
DrawIconEx
SetScrollInfo
SetPropW
GetTopWindow
RemoveMenu
GetMenuState
LoadImageW
RedrawWindow
GetMenu
CheckDlgButton
GetDC
CopyImage
GetSysColorBrush
SetCapture
CharUpperBuffW
SetWindowLongW
EnumWindows
SetWindowPlacement
ShowOwnedPopups
IsWindow
DefWindowProcW
EmptyClipboard
GetClassLongW
DrawFocusRect
TrackPopupMenu
SetClipboardData
SendDlgItemMessageA
GetClassNameW
GetScrollInfo
GetSubMenu
GetWindowPlacement
TabbedTextOutW
RemovePropW
GetMenuDefaultItem
GetClientRect
EnableMenuItem
GetWindowLongW
GetKeyState
MoveWindow
BringWindowToTop
IsDialogMessageW
IntersectRect
PostThreadMessageW
GetSystemMetrics
IsZoomed
MapVirtualKeyW
GetWindowTextLengthW
EndDialog
EndPaint
SetCursor
UpdateLayeredWindow
IsCharLowerW
RealChildWindowFromPoint

gdi32

ExtFloodFill
ScaleWindowExtEx
GetTextExtentPoint32W
CreatePatternBrush
CombineRgn
StretchBlt
GetBitmapBits
GetViewportOrgEx
SetRectRgn
GetTextFaceW
GetBkColor
OffsetWindowOrgEx
CreateFontIndirectW
GetNearestPaletteIndex
GetObjectType
SetPaletteEntries
CreatePalette
SetWindowOrgEx
SetTextColor
CreateRoundRectRgn
DPtoLP
CreatePen
SelectPalette
GetTextCharsetInfo
GetStockObject
SetBkColor
GetRgnBox
GetWindowExtEx
PtVisible
CreateRectRgn
BitBlt
SelectObject
LineTo
LPtoDP
CreateCompatibleBitmap
DeleteDC
Rectangle
OffsetRgn
RectVisible
SetBkMode
CreateDIBitmap
SetViewportExtEx
Ellipse
GetObjectW
SelectClipRgn
CreateRectRgnIndirect
CreateDIBSection
CreateDCW
RestoreDC
CreatePolygonRgn
CopyMetaFileW
SetPixel
GetClipBox
ExtSelectClipRgn
RealizePalette
ExcludeClipRect
CreateBitmap
Polyline
FrameRgn
SetLayout
TextOutW
CreateSolidBrush
MoveToEx
SetPixelV
OffsetViewportOrgEx
FillRgn
GetDeviceCaps
GetWindowOrgEx
IntersectClipRect
EnumFontFamiliesW
GetLayout
Escape
GetBoundsRect
ScaleViewportExtEx
SetMapMode
SaveDC
CreateHatchBrush
CreateCompatibleDC
Polygon
GetPixel
SetPolyFillMode
SetROP2
GetTextColor
DeleteObject
SetTextAlign
GetTextMetricsW
SetViewportOrgEx
ExtTextOutW
SetDIBColorTable
CreateEllipticRgn
EnumFontFamiliesExW
GetSystemPaletteEntries
GetPaletteEntries
GetViewportExtEx
SetWindowExtEx
PtInRegion
PatBlt

comdlg32

GetOpenFileNameW
GetFileTitleW

advapi32

IsValidSid
RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
ConvertSidToStringSidW
RegOpenKeyExW
RegDeleteValueW
SetSecurityDescriptorSacl
GetSecurityDescriptorSacl
GetTokenInformation
RegSetValueExW
OpenThreadToken
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
OpenProcessToken
InitializeSecurityDescriptor
RegQueryValueExW

shell32

SHGetFileInfoW
DragQueryFileW
SHGetDesktopFolder
DragFinish
ShellExecuteW
SHBrowseForFolderW
SHGetFolderLocation
SHGetPathFromIDListW
SHAppBarMessage
ShellExecuteExW
SHGetSpecialFolderLocation

ole32

CoInitialize
ReleaseStgMedium
RevokeDragDrop
CoTaskMemAlloc
OleGetClipboard
OleDestroyMenuDescriptor
OleLockRunning
CoLockObjectExternal
OleCreateMenuDescriptor
OleTranslateAccelerator
CoInitializeEx
CoCreateInstance
IsAccelerator
CoUninitialize
RegisterDragDrop
DoDragDrop
CLSIDFromString
CoTaskMemFree
CreateStreamOnHGlobal
OleDuplicateData

oleaut32

VarBstrFromDate
SystemTimeToVariantTime
SysFreeString
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantInit
SysStringByteLen
VariantChangeType
SysStringLen

comctl32

ImageList_GetIconSize

shlwapi

SHDeleteValueW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW
ord345

winmm

PlaySoundW

msimg32

TransparentBlt
AlphaBlend

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

gdiplus

GdipDrawImageI
GdipGetImagePixelFormat
GdipGetImagePalette
GdipSetInterpolationMode
GdipGetImageHeight
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipBitmapLockBits
GdipCloneImage
GdipDrawImageRectI
GdipAlloc
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipBitmapUnlockBits
GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipFree

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

Exports

Exports

MyCopyMemory

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kupo2
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kpo
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kupo
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kop
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eb0b91f825c20e1ab60994e6aa05f51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

winmm

msimg32

imm32

gdiplus

oleacc

Exports

Exports

Sections

.text Size: 209KB - Virtual size: 209KB

.kupo2 Size: 512B - Virtual size: 154B

.kpo Size: - Virtual size: 5.3MB

.rdata Size: 15KB - Virtual size: 14KB

.data Size: 142KB - Virtual size: 142KB

.kupo Size: 286KB - Virtual size: 285KB

.kop Size: 139KB - Virtual size: 138KB

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 209KB - Virtual size: 209KB

.kupo2
Size: 512B - Virtual size: 154B

.kpo
Size: - Virtual size: 5.3MB

.rdata
Size: 15KB - Virtual size: 14KB

.data
Size: 142KB - Virtual size: 142KB

.kupo
Size: 286KB - Virtual size: 285KB

.kop
Size: 139KB - Virtual size: 138KB

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 14KB - Virtual size: 13KB