40136852bca071917b0cac8bba3e24f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40136852bca071917b0cac8bba3e24f2_JaffaCakes118
Size

428KB
MD5

40136852bca071917b0cac8bba3e24f2
SHA1

7ed16425105261a59737c4c1d5163ff9389b905f
SHA256

c9f5daa192260b7b37fb3f8e645d8e037f5a079d36b76710ceda8e45cf34449f
SHA512

a794888e40c8f8fea6472d9b50fdcd1ee9ecc01772da5eb3b34cb6cbd4431ef9c272408a614e919847adebf4289c02f832f12c4d016401fd12aa3d6180ab0279
SSDEEP

6144:Ot/CAaDwisO6u9c0/2zU71C/b3PQl07cbeF1SkYOQmIPUr8KFGRMOtFWWY1GRdu7:rqfOLc0/2U7QDPsWcSPudKFhOtFk1G3Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40136852bca071917b0cac8bba3e24f2_JaffaCakes118

Files

40136852bca071917b0cac8bba3e24f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9036bee3787270c40860feb1f28548f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
SetFileTime
SetFileAttributesA
SetFileAttributesW
GetFileTime
HeapDestroy
GlobalSize
GetTickCount
IsBadWritePtr
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
FindFirstFileW
FindNextFileW
FindFirstFileA
FindNextFileA
FindClose
EnumSystemCodePagesW
SetFilePointer
GetFileSize
GetTimeFormatW
GetDateFormatW
GetTimeFormatA
GetDateFormatA
CreateProcessW
CreateProcessA
HeapFree
HeapAlloc
WriteFile
ReadFile
CreateFileW
CreateFileA
GetFullPathNameW
GetFullPathNameA
GetModuleFileNameW
GetModuleFileNameA
GetFileAttributesW
GetFileAttributesA
GetCommandLineW
GetCommandLineA
GetCurrentDirectoryW
GetCurrentDirectoryA
lstrcpyW
lstrcpyA
MultiByteToWideChar
lstrcmpW
lstrcmpA
GetProcessHeap
GetWindowsDirectoryW
GetACP
GetOEMCP
GetUserDefaultLangID
GetLocaleInfoA
GetModuleHandleA
WideCharToMultiByte
GetStartupInfoA
CreateMutexA
GetLastError
WaitForSingleObject
GetProcAddress
LoadLibraryA
GetLocaleInfoW
GetModuleHandleW
GetStartupInfoW
CreateMutexW
LoadLibraryW
FreeLibrary
ExitProcess
SearchPathW
SetCurrentDirectoryW
lstrcmpiW
MulDiv
SearchPathA
SetCurrentDirectoryA
ReleaseMutex
CloseHandle
lstrlenA
GlobalLock
GlobalUnlock
lstrlenW
Sleep
lstrcmpiA
lstrcatW
lstrcpynW
CompareFileTime
lstrcatA
lstrcpynA
GlobalFree
HeapCreate
GlobalAlloc

user32

SendMessageW
TranslateAcceleratorA
InsertMenuA
ModifyMenuW
InsertMenuW
CallNextHookEx
GetKeyNameTextA
MapVirtualKeyA
GetKeyNameTextW
MapVirtualKeyW
IsChild
MoveWindow
IsDialogMessageA
IsDialogMessageW
UnhookWindowsHookEx
GetWindowTextA
GetWindowTextW
EndDialog
SetDlgItemTextA
SetDlgItemTextW
MessageBeep
SetForegroundWindow
SetActiveWindow
GetActiveWindow
SystemParametersInfoA
GetDlgItem
LoadMenuA
LoadMenuW
LoadAcceleratorsA
LoadAcceleratorsW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadStringA
LoadStringW
CreateDialogParamA
CreateDialogParamW
DialogBoxParamA
DialogBoxParamW
EnumThreadWindows
WaitForInputIdle
EnableWindow
DrawTextA
DrawTextW
GetWindowTextLengthA
GetWindowTextLengthW
CloseClipboard
GetClipboardData
OpenClipboard
SetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
CharLowerBuffA
CharLowerBuffW
GetDlgItemInt
EndPaint
DrawFrameControl
BeginPaint
ShowCaret
HideCaret
IsCharLowerA
CharLowerA
CharUpperBuffA
IsCharLowerW
CharLowerW
CharUpperBuffW
FrameRect
FillRect
SetWindowsHookExA
FindWindowExA
FindWindowExW
IsClipboardFormatAvailable
SetCaretPos
SetClipboardData
EmptyClipboard
CreateCaret
GetScrollInfo
UnregisterClassA
UnregisterClassW
ScrollWindow
GetUpdateRect
GetKeyboardLayout
GetDoubleClickTime
GetMessageTime
SetTimer
KillTimer
ShowScrollBar
IntersectRect
RegisterClipboardFormatA
RegisterClipboardFormatW
LoadCursorW
FindWindowW
RegisterClassW
GetMessageW
TranslateAcceleratorW
GetClassLongW
SetClassLongW
GetMenuStringW
DefFrameProcW
GetSubMenu
DeleteMenu
DrawMenuBar
GetClassLongA
SetClassLongA
GetSystemMetrics
GetSysColor
CheckMenuRadioItem
GetKeyboardState
GetQueueStatus
CheckMenuItem
GetMenuStringA
DestroyCursor
DestroyIcon
DestroyAcceleratorTable
DestroyMenu
PostQuitMessage
DefFrameProcA
DefWindowProcW
DefWindowProcA
GetKeyState
CreateWindowExA
CreateWindowExW
GetFocus
GetDC
GetClientRect
ReleaseDC
IsWindowUnicode
GetDlgCtrlID
PtInRect
ScreenToClient
GetSystemMenu
CallWindowProcW
CreateMDIWindowW
CallWindowProcA
CreateMDIWindowA
SetCursor
ReleaseCapture
SetCapture
SetWindowLongW
DefMDIChildProcW
SetWindowLongA
InvalidateRect
DefMDIChildProcA
GetWindowLongW
MessageBoxW
wsprintfW
SetWindowTextW
PeekMessageW
DispatchMessageW
SetFocus
SendMessageA
PostMessageA
GetWindowLongA
ClientToScreen
SetScrollInfo
SetWindowPos
GetClassNameW
GetClassNameA
FindWindowA
LoadCursorA
RegisterClassA
DestroyCaret
GetMessageA
GetWindowRect
GetCursorPos
EnableMenuItem
TrackPopupMenu
MessageBoxA
wsprintfA
GetParent
SetWindowTextA
ShowWindow
PeekMessageA
TranslateMessage
DispatchMessageA
UpdateWindow
DestroyWindow
CharUpperW
CharUpperA
ModifyMenuA

gdi32

CreateCompatibleDC
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateDIBSection
GetTextExtentPoint32W
GetBkMode
ExtTextOutA
CreateCompatibleBitmap
TextOutA
TextOutW
SetBkMode
SetBkColor
SetTextColor
GetTextMetricsA
GetTextMetricsW
CreateRectRgn
CreateSolidBrush
PlayEnhMetaFile
BitBlt
StartDocW
StartDocA
GetDeviceCaps
StartPage
EndPage
EndDoc
CreateBitmap
CreatePatternBrush
PatBlt
CreateFontIndirectW
CreateFontIndirectA
DeleteDC
CreateDCW
CreateDCA
GetObjectA
GetObjectW
GetStockObject
CreatePen
SelectObject
MoveToEx
LineTo
ExtTextOutW
DeleteObject

advapi32

RegEnumValueW
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegDeleteValueW
RegDeleteValueA
RegEnumValueA
RegOpenKeyExW
RegCreateKeyExW

shell32

SHChangeNotify
DragAcceptFiles
DragQueryFileW
DragQueryFileA
DragFinish
ShellExecuteW
ShellExecuteA
SHGetMalloc

comctl32

ImageList_Destroy
ImageList_SetBkColor
ImageList_Create
ord17
PropertySheetA
ImageList_ReplaceIcon
PropertySheetW

comdlg32

GetSaveFileNameA
GetSaveFileNameW
ChooseFontA
ChooseFontW
GetOpenFileNameA
PageSetupDlgW
PageSetupDlgA
ChooseColorW
ChooseColorA
PrintDlgW
PrintDlgA
GetOpenFileNameW

ole32

DoDragDrop
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
ReleaseStgMedium
OleInitialize
OleUninitialize

imm32

ImmSetCompositionFontA
ImmSetCompositionFontW
ImmGetCompositionStringW
ImmEscapeW
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.drdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e9036bee3787270c40860feb1f28548f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

comdlg32

ole32

imm32

version

Sections

.text Size: 294KB - Virtual size: 294KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 6KB - Virtual size: 58KB

.rsrc Size: 37KB - Virtual size: 36KB

.drdata Size: 72KB - Virtual size: 72KB

.text
Size: 294KB - Virtual size: 294KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 6KB - Virtual size: 58KB

.rsrc
Size: 37KB - Virtual size: 36KB

.drdata
Size: 72KB - Virtual size: 72KB