3d74ba2773758c5116d272d97602fd90_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d74ba2773758c5116d272d97602fd90_JaffaCakes118
Size

932KB
MD5

3d74ba2773758c5116d272d97602fd90
SHA1

52082f4ed983a9085f5a2bf91be9d01dd67bd8a2
SHA256

976acdf2a6d787073a071793672b44904d5648bfeede80d56e4c8e37f504e31c
SHA512

6e65e4b4ed5d8e0c9932078c7f12ff226f449a15014b57ec18fa713c8dfe43268b2bfd5f847c581ff694f1f64f0e46bf0b9d6e3f1cac971e29c77f44cc965dbe
SSDEEP

24576:Mg5sN1+W/BXrAqjbm2CCaAdWvYI+hQ58k:MeABsqbmb2kYI58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d74ba2773758c5116d272d97602fd90_JaffaCakes118

Files

3d74ba2773758c5116d272d97602fd90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

13cb1b4c78d1946b93396b8f2ab37bce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\xnu\feae\smhukoxe\aooretxbyh.pdb

Imports

advapi32

RegQueryValueW
RegEnumKeyExW
SetSecurityDescriptorDacl
SetFileSecurityW
RegEnumKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
GetUserNameW
RegSetValueExW
RegEnumValueW
GetFileSecurityW
OpenProcessToken
RegOpenKeyW
RegCreateKeyW
RegCreateKeyExW
RegQueryValueExA
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyExA
RegCloseKey
InitializeSecurityDescriptor

user32

SetActiveWindow
SetWindowTextA
GetForegroundWindow
GetKeyNameTextA
ShowWindow
FrameRect
SetMenuItemInfoA
WindowFromPoint
ReleaseDC
GrayStringA
FillRect
SetCursorPos
MapWindowPoints
EnableMenuItem
LoadMenuA
ReleaseCapture
GetWindowTextLengthA
GetWindowRect
SetCapture
GetSystemMetrics
DeferWindowPos
GetCursorPos
CloseClipboard
EndPaint
GetNextDlgGroupItem
CopyRect
DefWindowProcA
LockWindowUpdate
GetSystemMenu
CopyAcceleratorTableA
GetMenu
SetClipboardData
SetFocus
RegisterClassA
TranslateMessage
PostMessageA
AdjustWindowRectEx
GetDlgCtrlID
ShowCaret
TabbedTextOutA
LoadAcceleratorsA
InsertMenuA
GetDC
SetWindowPlacement
GetCapture
SystemParametersInfoA
InvalidateRect
EndDeferWindowPos
HideCaret
CallWindowProcA
GetNextDlgTabItem
CreatePopupMenu
GetCursor
RemovePropA
GetMessageTime
GetDesktopWindow
KillTimer
GetDlgItem
ClientToScreen
DrawEdge
SetWindowPos
DestroyAcceleratorTable
DestroyWindow
EmptyClipboard
EqualRect
InvalidateRgn
SetMenuItemBitmaps
DrawMenuBar
SetForegroundWindow
GetMenuItemID
SetDlgItemTextA
SetTimer
SendMessageA
TrackPopupMenuEx
SetWindowLongA
IsMenu
LoadBitmapA
TranslateAcceleratorA
UnregisterClassA
IsWindow
DestroyCursor
CreateMenu
CopyIcon
PostQuitMessage
GetParent
DrawIcon
GetSubMenu
IsWindowVisible
EnableWindow
GetMessageA
GetClassLongA
GetClientRect
SetWindowsHookExA
RegisterWindowMessageA
GetClassNameA
GetSysColor
LoadCursorA
IsChild
EnumChildWindows
GetDCEx
OpenClipboard
SetRect
WinHelpA
BeginPaint
GetScrollPos
SetWindowRgn
ShowScrollBar
UnregisterHotKey
PostThreadMessageA
GetPropA
DrawIconEx
LoadIconA
TrackPopupMenu
InflateRect
GetMenuItemInfoA
GetWindowTextA
GetKeyboardLayout
SetRectEmpty
GetScrollInfo
GetActiveWindow
RegisterHotKey
SetScrollPos
GetWindow
RemoveMenu
SetMenu
IsWindowEnabled
GetFocus
DestroyIcon
ModifyMenuA
RegisterClassExA
IsRectEmpty
PtInRect
CharNextA
EndDialog
DrawTextA
CreateDialogIndirectParamA
BeginDeferWindowPos
UnionRect
GetWindowThreadProcessId
RegisterClipboardFormatA
SetPropA
wsprintfA
SendDlgItemMessageA
GetMenuItemCount
GetWindowLongA
PeekMessageA
GetSysColorBrush
UnhookWindowsHookEx
ValidateRect
IsIconic
GetScrollRange
SetCursor
MoveWindow
GetKeyState
MessageBoxA
SetMenuDefaultItem
GetWindowPlacement
BringWindowToTop
GetTopWindow
MessageBeep

comctl32

InitCommonControlsEx
ImageList_Create
ord17
ImageList_LoadImageA

shell32

SHChangeNotify
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteW
SHFileOperationW
DragFinish
SHGetMalloc

kernel32

GetCurrentProcess
VirtualFree
OutputDebugStringW
HeapFree
GetLastError
InterlockedDecrement
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
SetStdHandle
CreateFileA
UnhandledExceptionFilter
OutputDebugStringA
FreeEnvironmentStringsW
WriteFile
WriteConsoleA
GetTimeFormatA
ReadFile
GetACP
GetModuleHandleA
SetFilePointer
GetTickCount
GetDateFormatA
GetFileType
QueryPerformanceCounter
GetTimeZoneInformation
IsBadReadPtr
GetConsoleOutputCP
LeaveCriticalSection
ExitProcess
GetProcAddress
LCMapStringW
DeleteCriticalSection
IsValidCodePage
SetHandleCount
GetSystemTimeAsFileTime
FlushFileBuffers
GetVersionExA
HeapDestroy
CompareStringA
IsDebuggerPresent
TerminateProcess
CreateMutexA
SetConsoleCtrlHandler
LoadLibraryA
CloseHandle
HeapCreate
InterlockedExchange
GetStdHandle
InitializeCriticalSection
WriteConsoleW
RtlUnwind
GetStartupInfoA
InterlockedIncrement
SetUnhandledExceptionFilter
MultiByteToWideChar
GetModuleFileNameA
HeapReAlloc
TlsSetValue
LoadLibraryW
FreeEnvironmentStringsA
HeapAlloc
TlsGetValue
VirtualQuery
GetEnvironmentStringsW
EnterCriticalSection
DebugBreak
GetCPInfo
GetEnvironmentStrings
SetLastError
HeapValidate
CompareStringW
GetCurrentThreadId
SetEnvironmentVariableA
GetConsoleMode
GetCommandLineA
RaiseException
LCMapStringA
VirtualAlloc
GetCurrentProcessId
WideCharToMultiByte
GetModuleFileNameW
GetConsoleCP
TlsAlloc
GetOEMCP
GetProcessHeap
TlsFree

gdi32

GetRegionData
CreateBitmap
CreateSolidBrush
PolyPolyline
CreateRectRgn
GetCharABCWidthsA
CloseMetaFile
StretchBlt
ScaleViewportExtEx
OffsetClipRgn
GetTextExtentPointA
GetPath
SetBitmapBits
CreateBitmapIndirect
GetPixel
StartDocA
GetTextCharacterExtra
OffsetWindowOrgEx
CreateEllipticRgn
CreateMetaFileA
Escape
GetTextAlign
RoundRect
SelectPalette
CreateHalftonePalette
GetClipBox
SetTextAlign
SetViewportExtEx
RestoreDC
ExtCreatePen
OffsetRgn
CreateRectRgnIndirect
CreateICA
ResetDCA
BeginPath
StrokePath
PolyPolygon
GetBitmapDimensionEx
SetROP2
GetDeviceCaps
FillRgn
CloseFigure
CreatePenIndirect
CloseEnhMetaFile
CreateFontA
FillPath
GetBkColor
SetBkMode
GetBitmapBits
MoveToEx
CombineRgn
GetPaletteEntries
GetCurrentPositionEx
ExtSelectClipRgn
CreateCompatibleDC
SetWindowOrgEx
PolyBezierTo
PlayEnhMetaFile
GetBkMode
DPtoLP
GetStockObject
GetBoundsRect
StretchDIBits
SetTextColor
SetTextJustification
FlattenPath
SelectClipPath
RectInRegion
GetTextFaceA
SelectObject
GetRgnBox
ExtTextOutA
GetNearestPaletteIndex
CreateDCA
DeleteObject
ScaleWindowExtEx
PatBlt
ExtFloodFill
SaveDC
GetCharWidthA
CreatePalette
CreateFontIndirectA
CreateEnhMetaFileA
SelectClipRgn
GetObjectA
SetViewportOrgEx
SetRectRgn
AbortDoc
Arc
Polyline
StrokeAndFillPath
SetBitmapDimensionEx
InvertRgn
LineTo
SetPolyFillMode
EndPath
FloodFill
CreateBrushIndirect

Sections

.text
Size: 224KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 504KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13cb1b4c78d1946b93396b8f2ab37bce

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

comctl32

shell32

kernel32

gdi32

Sections

.text Size: 224KB - Virtual size: 222KB

.rdata Size: 504KB - Virtual size: 503KB

.data Size: 104KB - Virtual size: 122KB

.rsrc Size: 96KB - Virtual size: 92KB

.text
Size: 224KB - Virtual size: 222KB

.rdata
Size: 504KB - Virtual size: 503KB

.data
Size: 104KB - Virtual size: 122KB

.rsrc
Size: 96KB - Virtual size: 92KB