3c5c81503f3d3e0c79d057b3b360ab88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c5c81503f3d3e0c79d057b3b360ab88_JaffaCakes118
Size

233KB
MD5

3c5c81503f3d3e0c79d057b3b360ab88
SHA1

e83264c45eaf7c8e46d2a38edd7649b75f2ec8a5
SHA256

8edfa8a4a66c5271ae90ec48f09717d15d79e450a48066840439d5f41c729033
SHA512

cf914edeb96ef43b829f37f72cb426cfc5fc66f5fccc8d257875b8e5679c0b3259940a06a7adc925770b942ed018f957e730040c7e7068e37223010a4f030aab
SSDEEP

6144:qLsh6Gx7rCh4fyfyU3yfebdIh0jEv1CE/TTcev/HvKDL4wO9l:qLIbXfyfyDebdIh0INCmTgev/HkJO9l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5c81503f3d3e0c79d057b3b360ab88_JaffaCakes118

Files

3c5c81503f3d3e0c79d057b3b360ab88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd94dd7df3cdc1173b3593d5eb9eebc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
EnumCalendarInfoW
GetCurrentThread
FatalAppExitW
AddAtomA
GetFileAttributesW
WaitForSingleObject
lstrlenW
Sleep
lstrcmpiA
lstrcmpiW
HeapCreate
GetModuleHandleW
GetModuleHandleA
EnumCalendarInfoA
GetSystemDirectoryW
lstrcpyW
IsDebuggerPresent
DeleteAtom
GetExpandedNameA
GetUserDefaultLangID
GetModuleHandleA
CompareStringW
GetTimeFormatA
GetModuleFileNameA
IsBadWritePtr
GetProcAddress
lstrcpy
BeginUpdateResourceW
RemoveDirectoryW
CreateEventW
ConnectNamedPipe
GetLogicalDriveStringsA
SetErrorMode
GetLocaleInfoW
lstrcatA
GlobalFindAtomA
GetModuleFileNameW
CreateSemaphoreA
GetExpandedNameW
ExpandEnvironmentStringsA
DuplicateHandle
GetCurrentProcess
OpenSemaphoreA
GetVersion
CreateDirectoryA
RaiseException
GetPriorityClass
GetTempFileNameA
GetDiskFreeSpaceW
SetThreadPriority
GetHandleInformation
GetSystemInfo
GetFullPathNameA

user32

GetWindowLongA
TrackPopupMenuEx
SetActiveWindow
CreateAcceleratorTableA
InsertMenuA
CreateDesktopW
GetWindowTextW
OpenClipboard
LoadCursorW
CallWindowProcW
SetDlgItemTextW
SetTimer
GetMessageA
IsIconic
AppendMenuW
GetClassInfoA
LoadImageA
GetClassNameW
SetWindowRgn
DialogBoxParamW
EnumWindowStationsW
LoadMenuIndirectW
SetWindowTextW
DefFrameProcW
MessageBoxIndirectW
DestroyIcon
MessageBeep
DrawTextW
CallWindowProcA
WinHelpA
PeekMessageW
PostMessageA
CharPrevA
GetDlgItemInt
GetDCEx
MoveWindow
wvsprintfA
GetMenuInfo
GetSysColor
CopyImage
mouse_event
CopyRect
CreatePopupMenu
WaitMessage
GetParent
SendMessageW
GetMenuItemInfoA
CharPrevW
GetIconInfo
GetWindowRect
GetClassInfoW
CharLowerW
FindWindowW
GetWindowRgn
CreateDesktopA
TrackPopupMenu
GetActiveWindow
SendDlgItemMessageW
SetCursorPos
GetMenuItemInfoW
DeleteMenu
DialogBoxIndirectParamW
GetWindowLongW
GetDC
RegisterClassExW
CheckRadioButton
EndMenu
GetMenu
MessageBoxIndirectA

gdi32

SetArcDirection
SetStretchBltMode
CreateRoundRectRgn
SetTextAlign
GetCharABCWidthsFloatA
GetTextCharacterExtra
GetObjectW
EnumICMProfilesA
MoveToEx
GetTextExtentPointA
SetMapperFlags
AddFontResourceW
StartDocA
SetICMProfileW
SelectPalette
CombineRgn
GetGlyphIndicesW
RemoveFontResourceW
RectInRegion
ExtEscape
GetTextExtentPointW
SetICMProfileA
GetEnhMetaFileHeader
GetOutlineTextMetricsW
SetDIBColorTable
CreateColorSpaceA
AnimatePalette

advapi32

RegQueryValueExW
RegOpenKeyA
RegSaveKeyA
RegQueryValueA
RegCreateKeyExA
RegOpenKeyW
RegEnumKeyW
RegQueryMultipleValuesW
RegReplaceKeyA
RegSetValueW
RegEnumKeyExW
RegEnumKeyA
RegEnumKeyExA

shlwapi

UrlIsA

comdlg32

GetSaveFileNameW
GetFileTitleW
ChooseFontW
ReplaceTextW
PageSetupDlgA
FindTextA
GetSaveFileNameA

ole32

CoUninitialize
OleInitialize
CoFreeLibrary
OleUninitialize
StringFromCLSID
CreateFileMoniker
CoCreateGuid
CoDosDateTimeToFileTime
CoDeactivateObject
CoGetClassObject

oleaut32

VarI4FromI1
VarUI8FromI8
VarR8FromDate
VarAbs
VarDateFromI4
VarR8FromStr
VarDecFromUI4
VarDecFromR4
VarXor

ws2_32

WSASendTo
WSAGetLastError
recvfrom
inet_addr
setsockopt
WSAEnumNetworkEvents
WSAConnect

wininet

GetUrlCacheEntryInfoExA
FindFirstUrlCacheEntryExA
InternetEnumPerSiteCookieDecisionW
FindNextUrlCacheGroup
InternetCloseHandle
HttpQueryInfoW
InternetEnumPerSiteCookieDecisionA
GopherGetLocatorTypeA
FindFirstUrlCacheEntryExW
InternetFindNextFileA
SetUrlCacheEntryInfoA

urlmon

DllRegisterServerEx
RevokeFormatEnumerator
FindMediaType
UrlMkBuildVersion
CoInternetGetProtocolFlags
RegisterFormatEnumerator
CoInternetGetSecurityUrl
IsValidURL
CopyStgMedium
CDLGetLongPathNameW

winmm

timeSetEvent
mxd32Message
joyGetNumDevs
mciSendCommandW
SendDriverMessage
midiOutCachePatches
midiConnect
mixerGetDevCapsW

winspool.drv

StartDocDlgA
SpoolerDevQueryPrintW
DeviceCapabilitiesW
SetFormW
DeletePortA
GetDefaultPrinterW
GetJobW
AddPrinterDriverW
ScheduleJob
EnumPortsA
EnumPrinterKeyW

inetcomm

HrAthGetFileNameW
MimeOleGetPropW
MimeOleSetBodyPropW
MimeOleGetCharsetInfo
MimeOleSMimeCapAddCert
MimeOleSetCompatMode
MimeOleGenerateCID
MimeOleSetDefaultCharset
MimeOleClearDirtyTree
MimeOleParseRfc822Address

oledlg

OleUIUpdateLinksA
OleUIInsertObjectW
OleUIChangeIconW
OleUIObjectPropertiesW
OleUIAddVerbMenuA
OleUIAddVerbMenuW

crypt32

CryptVerifyMessageSignature
CryptFormatObject
I_CryptInsertLruEntry
CryptEncryptMessage
CertVerifyValidityNesting
CertSetStoreProperty
RegCreateKeyExU
CertGetStoreProperty
I_CryptEnableLruOfEntries
CryptInitOIDFunctionSet

Sections

.O
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mijw
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Um
Size: 185KB - Virtual size: 337KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd94dd7df3cdc1173b3593d5eb9eebc7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comdlg32

ole32

oleaut32

ws2_32

wininet

urlmon

winmm

winspool.drv

inetcomm

oledlg

crypt32

Sections

.O Size: 9KB - Virtual size: 9KB

.mijw Size: 16KB - Virtual size: 15KB

.rdata Size: 7KB - Virtual size: 7KB

.Um Size: 185KB - Virtual size: 337KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 16KB

.O
Size: 9KB - Virtual size: 9KB

.mijw
Size: 16KB - Virtual size: 15KB

.rdata
Size: 7KB - Virtual size: 7KB

.Um
Size: 185KB - Virtual size: 337KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 16KB