3dff3b40702435f745bbebcb8a974168_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3dff3b40702435f745bbebcb8a974168_JaffaCakes118
Size

293KB
MD5

3dff3b40702435f745bbebcb8a974168
SHA1

64f26ebb703b968ec2f4202fae6b7e07d9641d6d
SHA256

df5ce936bbf328c0a8abeb10ef8d88b1702db4c5d6574eee6215400bfe285988
SHA512

6ac540b2ec8388844a3bc1daa9f1eb18cec6e5354ee106da859b2073d99077351e5a13c4e163054f03a4cc88571d40991314bc9c8fc7d7bd42d70e0eae8de06d
SSDEEP

6144:0I9TA8d7LuqvF0m1vx++S/C42zL2zeJAKUabp3qrNmag6:dTAl/+S/CdzL2zWAhal3A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dff3b40702435f745bbebcb8a974168_JaffaCakes118

Files

3dff3b40702435f745bbebcb8a974168_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3cb19d3e8d1f42566f68c9da4ebaca75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strncpy
wcsncpy
strrchr
strstr
_purecall
_wtoi
memmove
wcsncmp
_itow
wcslen
??3@YAXPAX@Z
free
malloc
wcscmp
strchr
ceil
strncat
time
calloc
wcsncat
wcstok
_wcsupr
iswalnum
_stricmp
_strlwr
_ftol
wcsrchr
swscanf
_errno
??2@YAPAXI@Z
_wcslwr
wcsstr
_wtol
strlen
strpbrk
iswalpha
iswdigit
wcspbrk
iswspace
_snwprintf
towupper
strcmp
wcschr
_wcsicmp
_wcsnicmp
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
_vsnprintf
_endthread
_beginthreadex
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_vsnwprintf

advapi32

RegSetValueExA
RegSetValueExW
RegQueryInfoKeyW
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegEnumValueW
RegEnumValueA
RegCreateKeyExW
RegCreateKeyExA
RegQueryValueExW
RegEnumKeyExA
RegEnumKeyExW
RegCloseKey
LookupPrivilegeValueA
LookupPrivilegeValueW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
InitiateSystemShutdownExW
CloseServiceHandle
QueryServiceStatus
EnumDependentServicesW
ControlService
OpenServiceW
OpenSCManagerW
StartServiceW
RegQueryValueExA

kernel32

SetCurrentDirectoryA
RemoveDirectoryW
RemoveDirectoryA
QueryDosDeviceW
QueryDosDeviceA
OpenEventW
OpenEventA
lstrlenA
GetACP
GetSystemDirectoryW
GetSystemDirectoryA
GetProfileStringW
GetProfileStringA
GetDriveTypeW
GetDriveTypeA
GetModuleHandleA
FormatMessageW
CreateProcessW
CreateProcessA
OpenMutexW
CreateMutexW
CreateMutexA
SetCurrentDirectoryW
WriteProfileStringA
WriteProfileStringW
WriteFile
GetFileSize
CompareStringW
GetDiskFreeSpaceA
GetShortPathNameW
GetShortPathNameA
GetWindowsDirectoryW
GlobalLock
GlobalAlloc
GetConsoleCP
PulseEvent
GlobalUnlock
CreateSemaphoreA
TlsFree
GlobalFree
GetLocaleInfoW
GetTimeZoneInformation
CreateFileMappingW
CreateFileMappingA
GetVersionExW
WritePrivateProfileStringW
WritePrivateProfileStringA
SetFileAttributesW
SetFileAttributesA
IsBadWritePtr
IsBadReadPtr
MoveFileW
MoveFileA
MoveFileExW
MoveFileExA
FindAtomA
LoadLibraryExW
LoadLibraryExA
LoadLibraryW
LoadLibraryA
GetTempPathW
GetTempPathA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetConsoleOutputCP
lstrcpynW
GetModuleHandleW
GetModuleFileNameW
GetFileAttributesW
LocalFree
GetFileAttributesA
GetCurrentDirectoryW
GetCurrentDirectoryA
FindNextFileW
FindNextFileA
FindFirstFileW
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
DeleteFileW
DeleteFileA
CreateFileW
CreateEventW
CreateEventA
OpenSemaphoreW
CreateDirectoryW
CreateDirectoryA
CompareStringA
CopyFileW
FindResourceW
CopyFileA
FindResourceExA
AreFileApisANSI
SetLastError
VirtualAlloc
GetWindowsDirectoryA
lstrlenW
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetEvent
EnterCriticalSection
GetStdHandle
GetSystemDefaultLCID
LeaveCriticalSection
ResetEvent
DeleteCriticalSection
CreateSemaphoreW
WaitForSingleObject
InitializeCriticalSection
ReleaseMutex
GetAtomNameA
GetModuleFileNameA
FindFirstFileA
FindClose
CreateFileA
OpenMutexA
GetLogicalDrives
ReadFile
GetTempFileNameA
OpenSemaphoreA
GetCommandLineW
GetProcAddress
FreeLibrary
InterlockedExchange
TlsSetValue
CloseHandle
GetLastError
FileTimeToSystemTime
GetFileTime
GetExitCodeProcess
WaitForMultipleObjects
GetSystemDefaultLangID
SetEndOfFile
SetFilePointer
UnmapViewOfFile
MapViewOfFile
Sleep
InterlockedIncrement
InterlockedDecrement
CreateThread
HeapFree
HeapAlloc
GetProcessHeap
DeviceIoControl
GetUserDefaultLangID
SetErrorMode
GetVersion
GetExitCodeThread
GetThreadLocale
GetLocaleInfoA
GetStartupInfoA

gdi32

GetPixel
CreateFontA
ExtCreatePen
GetTextFaceA
ExtTextOutW
CreateFontIndirectW
CreateFontIndirectA
CreatePen
SelectObject
PatBlt
GetTextMetricsW
SetPixel
GetTextMetricsA
GetObjectW
GetObjectType
DeleteObject
SetBkColor
SetBkMode
SetTextColor
CreateSolidBrush
GetDeviceCaps
GetStockObject
CreateCompatibleDC
SetMapMode
GetObjectA
DeleteDC

user32

SetWindowTextW
SendDlgItemMessageW
LoadIconW
GetCursor
SendMessageW
LoadIconA
LoadCursorW
LoadCursorA
IsDialogMessageW
IsDialogMessageA
GetWindowTextW
GetWindowTextA
GetWindowLongW
GetWindowLongA
GetMessageW
GetMessageA
GetClassNameA
GetClassLongA
GetProcessDefaultLayout
FindWindowW
RegisterClassExA
FindWindowA
DrawTextW
DrawTextA
DispatchMessageW
DispatchMessageA
DefWindowProcW
DefWindowProcA
CountClipboardFormats
CreateWindowExW
CreateWindowExA
CreateDialogParamW
CreateDialogParamA
RegisterWindowMessageA
GetInputState
UnregisterClassW
UnregisterClassA
RegisterClassW
RegisterClassA
PostThreadMessageW
PostThreadMessageA
PostMessageW
PostMessageA
PeekMessageW
LoadBitmapA
PeekMessageA
LoadImageW
LoadImageA
CallWindowProcW
CallWindowProcA
SendMessageA
SetWindowLongW
GetClipboardViewer
SetWindowLongA
FindWindowExA
FindWindowExW
CharNextA
MsgWaitForMultipleObjects
EnumWindows
GetClipboardSequenceNumber
GetDesktopWindow
MoveWindow
LoadMenuA
SetCursor
DestroyCursor
GetScrollInfo
SetScrollInfo
ScrollWindow
GetActiveWindow
TranslateMessage
UpdateWindow
GetClientRect
IsWindow
BeginPaint
EndPaint
PostQuitMessage
InvalidateRect
GetSystemMetrics
SetWindowTextA
CharNextW
DestroyWindow
ShowWindow
EnableWindow
ScreenToClient
SetWindowPos
GetParent
GetDlgItem
GetWindowRect
GetDC
MapWindowPoints
DrawFocusRect
GetClipboardOwner
ReleaseDC
SetFocus
MessageBoxW
MessageBoxA
LoadStringW
LoadStringA

ole32

CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoCreateInstance
CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx

shell32

ShellExecuteA
ShellExecuteW
SHGetPathFromIDListA
ShellExecuteExA
SHChangeNotify
SHGetSpecialFolderLocation
SHGetMalloc

wininet

InternetCrackUrlA
InternetCrackUrlW

setupapi

SetupFindNextLine
SetupGetBinaryField
SetupIterateCabinetA
SetupCloseInfFile

wintrust

WinVerifyTrust

mpr

WNetGetConnectionA
WNetCancelConnection2W
WNetAddConnection2W
WNetGetConnectionW

urlmon

ObtainUserAgentString
UrlMkSetSessionOption

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA

Sections

.text
Size: 69KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 214KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 84B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cb19d3e8d1f42566f68c9da4ebaca75

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

gdi32

user32

ole32

comctl32

shell32

wininet

setupapi

wintrust

mpr

urlmon

version

Sections

.text Size: 69KB - Virtual size: 70KB

.data Size: 214KB - Virtual size: 308KB

.bss Size: - Virtual size: 84B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 70KB

.data
Size: 214KB - Virtual size: 308KB

.bss
Size: - Virtual size: 84B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 3KB