3c71c4bc4253e212d438eb7665ffc0be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3c71c4bc4253e212d438eb7665ffc0be_JaffaCakes118
Size

29KB
MD5

3c71c4bc4253e212d438eb7665ffc0be
SHA1

866ae149c41fac2fd0190619172b4bc6123d6eaa
SHA256

c65b19e84c8810d68e40b4f7e959009ba4e7b980fc972b33c67b0e2e76c8480a
SHA512

946e250db4300db9828a35772a16960fc0a6706091e1d9b119724988ac2e05451795697beeb7d67c146ddc4d5cef927cd40d9bb5be93bb88267fec408c0f58f2
SSDEEP

768:DQNWWJC/4gVYPGjTecv1THE16ac/ON1McE5PHhBWulSQ3nC+neE:DiWWS4gVyoFHY6aL0R/hBWZQ3C+eE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c71c4bc4253e212d438eb7665ffc0be_JaffaCakes118

Files

3c71c4bc4253e212d438eb7665ffc0be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0c0bfe89d9549bdddcb965c6f76eae7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
SetTextColor
SelectObject
GetDeviceCaps
AddFontResourceW
GetTextExtentPointW
ExtTextOutW
RemoveFontResourceW
GetFontResourceInfoW
GetTextExtentPoint32W
SetBkColor
CreateFontIndirectW
GetStockObject

shlwapi

StrRChrW
StrChrW
PathCombineW
PathRemoveFileSpecW
wnsprintfW
PathFindFileNameW
StrDupW
PathAddBackslashW
SHRegGetUSValueW
PathFindExtensionW
StrCmpNIW
PathAppendW

setupapi

SetupFindNextLine
SetupOpenInfFileW
SetupFindFirstLineW
SetupGetLineTextW
SetupGetStringFieldW
SetupCloseInfFile

cmdial32

AutoDialFunc

kernel32

_lopen
InterlockedIncrement
FindNextChangeNotification
GetCurrentDirectoryW
LocalFree
SetFileAttributesW
QueryPerformanceCounter
GetCurrentProcess
ResetEvent
FreeLibrary
CloseHandle
GetPrivateProfileStringW
GetLastError
FindCloseChangeNotification
lstrlenW
DeleteCriticalSection
GetProcAddress
GetCurrentProcessId
lstrcmpiW
GlobalUnlock
UnhandledExceptionFilter
FindFirstFileW
GetSystemTimeAsFileTime
UnmapViewOfFile
SetFilePointer
GlobalAlloc
LocalUnlock
CreateThread
_llseek
GetProfileStringW
GetLocaleInfoW
WaitForSingleObject
lstrcpyA
lstrlenA
GetFullPathNameW
InitializeCriticalSection
GetWindowsDirectoryW
GlobalLock
WaitForMultipleObjects
_lclose
GlobalFree
CreateFileMappingW
FindClose
DeleteFileA
VirtualAlloc
LocalLock
CreateEventW
LocalReAlloc
Sleep
SetCurrentDirectoryW
GetTickCount
MultiByteToWideChar
GetUserDefaultLCID
lstrcpynW
GetModuleHandleA
GetSystemWindowsDirectoryW
DisableThreadLibraryCalls
EnterCriticalSection
FindNextFileW
ReadFile
SetThreadPriority
SetEvent
CreateFileW
SetLastError
ReleaseMutex
lstrcmpA
GetSystemDirectoryW
CreateMutexW
SetErrorMode
CreateFileMappingA
GetDriveTypeW
CopyFileW
TerminateProcess
GetAtomNameW
MulDiv
FindFirstChangeNotificationW
GetThreadLocale
DeleteAtom
LocalAlloc
GetFileSize
AddAtomW
WideCharToMultiByte
WriteProfileStringW
GetProfileIntW
CreateFileA
_lwrite
_lread
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
GetFileAttributesW
IsDBCSLeadByte
LoadLibraryW
LeaveCriticalSection
SetEndOfFile
SetUnhandledExceptionFilter
GetModuleHandleW
MapViewOfFile
lstrcmpW
GetModuleFileNameW
FormatMessageW
WriteFile
OpenFile
DeleteFileW
SearchPathW
GlobalSize

user32

SetCursor
LoadStringA
DefWindowProcW
SetWindowPos
DrawTextExW
ChangeClipboardChain
MessageBoxW
EnableMenuItem
MapWindowPoints
UnregisterClassW
GetDlgItemTextW
SetMenuItemInfoW
RegisterWindowMessageW
MsgWaitForMultipleObjects
TrackPopupMenu
SendMessageW
CopyIcon
LoadCursorW
LoadStringW
LoadAcceleratorsW
CheckMenuItem
SetWindowLongW
UpdateWindow
BeginPaint
DefDlgProcW
CheckDlgButton
DispatchMessageW
GetAsyncKeyState
GetClientRect
ScreenToClient
DestroyWindow
GetWindowLongW
SetClipboardData
EnableWindow
SetWindowTextW
TranslateMessage
GetForegroundWindow
InflateRect
CloseClipboard
GetParent
InvalidateRect
GetMenuItemCount
GetMenuItemInfoW
DialogBoxParamW
InsertMenuW
RegisterClassW
CreateDialogParamW
GetClipboardData
TranslateAcceleratorW
CreateMenu
EmptyClipboard
EndPaint
RegisterClipboardFormatW
GetClassInfoW
ShowWindow
SetForegroundWindow
EndDialog
GetMenuState
FrameRect
CharNextW
GetDialogBaseUnits
GetDlgCtrlID
WinHelpW
CheckMenuRadioItem
GetSystemMetrics
CharPrevW
IsWindowEnabled
TrackPopupMenuEx
PostMessageW
ClientToScreen
IsDlgButtonChecked
LoadMenuW
GetDlgItem
DeleteMenu
GetFocus
IsClipboardFormatAvailable
SetDlgItemTextW
GetKeyState
SetFocus
IsDialogMessageW
PeekMessageW
CreateWindowExW
DestroyMenu
SendDlgItemMessageW
GetDesktopWindow
GetSubMenu
MoveWindow
CharUpperW
ReleaseDC
OpenClipboard
GetWindowRect
MessageBoxA
GetSysColor
GetDC
DestroyIcon
LoadImageW
PtInRect

shell32

ExtractIconExW
SHGetPathFromIDListW
DragQueryFileW
ShellExecuteW
DragFinish
DragAcceptFiles
SHGetSpecialFolderPathA
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderPathW

advapi32

RegDeleteValueW
RegQueryValueExA
RegOpenKeyExW
RegCreateKeyExW
DeregisterEventSource
ReportEventA
RegQueryValueExW
RegQueryInfoKeyW
RegSetValueExW
RegisterEventSourceA
RegEnumValueW
RegOpenKeyExA
RegCloseKey

lz32

LZOpenFileW
LZSeek
LZClose
LZCopy
GetExpandedNameW
LZRead

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileW

ole32

CoGetClassVersion
SetErrorInfo

msvcrt

_onexit
wcscspn
qsort
strncpy
_itoa
wcsstr
realloc
_vsnwprintf
_vsnprintf
_adjust_fdiv
bsearch
free
_initterm
sprintf
strchr
_wcsnicmp
malloc
tolower
_strdup
_except_handler3
wcschr
strrchr
isdigit
_stricmp
atoi
_strlwr
__dllonexit
strstr
ispunct
_strcmpi
toupper
_purecall
_strnicmp
_strupr
memmove
isspace

Sections

.text
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0c0bfe89d9549bdddcb965c6f76eae7

Headers

File Characteristics

Imports

gdi32

shlwapi

setupapi

cmdial32

kernel32

user32

shell32

advapi32

lz32

version

ole32

msvcrt

Sections

.text Size: 512B - Virtual size: 420B

.rsrc Size: 13KB - Virtual size: 13KB

.idata Size: 8KB - Virtual size: 8KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: - Virtual size: 96KB

.text
Size: 512B - Virtual size: 420B

.rsrc
Size: 13KB - Virtual size: 13KB

.idata
Size: 8KB - Virtual size: 8KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: - Virtual size: 96KB