3e585a6b29364983b9234aedaa4402d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e585a6b29364983b9234aedaa4402d3_JaffaCakes118
Size

504KB
MD5

3e585a6b29364983b9234aedaa4402d3
SHA1

bcf8d5d1daf3405240141be0143f87e3781048f0
SHA256

c80fdc67047d6ac215726614a457b49c785293859abeb8e509cad36da754990d
SHA512

8d1bbbd0dce54dd641714f78607280c88b5e5d41378a6e3f0b2648e9292da9279d660307b88c38ed20ceb38677c9b7ffda2222733be7de418509335133c68c99
SSDEEP

12288:D47NTxj2hrOjRMeSc4M3qpd2RD9FxphJNQzjoc:ToRMZcMd2RDzhJNQzjD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e585a6b29364983b9234aedaa4402d3_JaffaCakes118

Files

3e585a6b29364983b9234aedaa4402d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88116e84150a0ce132ff13f5173e0bc1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
GetTickCount
RtlUnwind
ExitProcess
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
CreateThread
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
HeapSize
GetACP
IsValidCodePage
LCMapStringW
GetStdHandle
Sleep
SetHandleCount
GetFileType
VirtualFree
HeapDestroy
HeapCreate
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetErrorMode
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GetThreadLocale
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
SuspendThread
SetThreadPriority
InterlockedDecrement
GetModuleFileNameW
GetCurrentProcessId
GetModuleFileNameA
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetModuleHandleA
GetVersionExA
CompareStringW
CompareStringA
GetLastError
InterlockedExchange
GetProcessHeap
HeapAlloc
GlobalFree
CreateEventA
ResumeThread
SetEvent
lstrlenA
MultiByteToWideChar
MulDiv
DeleteFileA
lstrcpyA
CreateProcessA
LoadLibraryA
GetProcAddress
FreeLibrary
WaitForSingleObject
GetWindowsDirectoryA
GetPrivateProfileStringA
GetVersion
CreateFileA
GetFileSize
GlobalAlloc
GlobalLock
ReadFile
GlobalUnlock
CloseHandle
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetCurrentDirectoryA
SetCurrentDirectoryA
SetLastError
FindFirstFileA
FindClose
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
LCMapStringA
CreateDirectoryA

user32

CharNextA
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
ReuseDDElParam
LoadMenuA
DestroyMenu
ReleaseCapture
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
SetMenu
TranslateAcceleratorA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
SetCursor
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetCursorPos
ValidateRect
GetWindowThreadProcessId
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
GetWindowPlacement
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
CharUpperA
FindWindowA
EndDialog
SetFocus
GetWindowTextA
MessageBeep
UnregisterClassA
GetMenuItemInfoA
GetSysColorBrush
LoadCursorA
SetCapture
SetRect
InflateRect
GetClassNameA
UnpackDDElParam
GetDlgItem
SetWindowTextA
ShowWindow
ScreenToClient
CreateWindowExA
SetWindowLongA
FillRect
GetDC
ReleaseDC
DrawStateA
DrawEdge
CopyRect
PostQuitMessage
MsgWaitForMultipleObjects
PeekMessageA
IsWindowUnicode
GetMessageW
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
GetClientRect
IsIconic
SystemParametersInfoA
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
InvalidateRect
GetWindowRect
SendMessageA
GetSysColor
EnableWindow
GetTopWindow

gdi32

CreateRectRgn
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
CreatePen
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
GetTextExtentPoint32A
GetBkColor
GetTextColor
GetRgnBox
SelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
GetObjectA
SetMapMode
SetStretchBltMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
BitBlt
RealizePalette
CreateCompatibleBitmap
GetDeviceCaps
CreateFontIndirectA
GetStockObject
DeleteDC
StretchBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle

shell32

DragQueryFileA
ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHFileOperationA
DragFinish

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA

oledlg

ord8

ole32

CreateStreamOnHGlobal
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemFree

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysFreeString
SysStringLen
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
OleLoadPicturePath
OleLoadPicture

ws2_32

WSASetLastError
WSACleanup
WSAStartup

Sections

.text
Size: 320KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88116e84150a0ce132ff13f5173e0bc1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 320KB - Virtual size: 317KB

.rdata Size: 84KB - Virtual size: 80KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 84KB - Virtual size: 82KB

.text
Size: 320KB - Virtual size: 317KB

.rdata
Size: 84KB - Virtual size: 80KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 84KB - Virtual size: 82KB