4147f303b81d2d9e9a78963195fd8fc4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4147f303b81d2d9e9a78963195fd8fc4_JaffaCakes118
Size

890KB
MD5

4147f303b81d2d9e9a78963195fd8fc4
SHA1

eff742fcedbfaa6f5b9f38f982f26878397322d8
SHA256

7c578e281fc76b792655834c10daaf09daa816836e2b64a1a3f1e05c6eecdc88
SHA512

40a1eadbe88eb363e2c3f49f0adce03b018e749f12c365a05750ac5c9a7ed899d50e68d79a7dcfa207012aa0d18a4a283f603d2463cb04caa8d1b90e0d070032
SSDEEP

12288:Z71OWlHy7HAml9uz6n/gwgsdvA8Ur2EAfofgRUU6apQnAPnQz:p1PHsbl9uz6n6EA8U3INpQAPQz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4147f303b81d2d9e9a78963195fd8fc4_JaffaCakes118

Files

4147f303b81d2d9e9a78963195fd8fc4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

acc474331ff5fb649d3d0a968a9b1425

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\IJUtility\RmSetUp\lib\sdutil.pdb

Imports

imm32

ImmAssociateContext

kernel32

GetFileTime
GetVersionExW
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
SetErrorMode
GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
GetSystemTimeAsFileTime
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
HeapReAlloc
HeapSize
VirtualProtect
VirtualAlloc
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetLastError
Sleep
CloseHandle
ReleaseMutex
CreateMutexW
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemDefaultLangID
GetModuleFileNameW
CreateFileW
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GetDiskFreeSpaceExW
LoadLibraryW
GetACP
GlobalUnlock
GlobalLock
SetThreadExecutionState
WaitForSingleObject
GetModuleHandleW
GetProcAddress
GetPrivateProfileStringW
CreateThread
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
OpenMutexW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
GetTickCount
GetCommandLineW
GetFileAttributesW
LocalFree
SetFileAttributesW
WritePrivateProfileStringW
FreeLibrary
ReadFile
WriteFile
GlobalFindAtomW
CompareStringW
FreeResource
GetCurrentProcessId
GlobalAddAtomW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
InterlockedDecrement
FormatMessageW
MulDiv
GetModuleHandleA
lstrcmpA
GetOverlappedResult
SetFilePointer
CreateEventA
CreateFileA
OpenFileMappingA
CreateMutexA
CreateFileMappingA
lstrlenW
UnmapViewOfFile
MapViewOfFile
GetVersionExA
LoadLibraryA
GetSystemDirectoryA
lstrcpynA
lstrlenA
GlobalFree
GlobalAlloc
GetSystemInfo
DeleteFileW
GetFileSize

user32

CharNextW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
RegisterClipboardFormatW
PostThreadMessageW
TabbedTextOutW
ReleaseDC
GetDC
MoveWindow
SetWindowTextW
IsDialogMessageW
CheckRadioButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
EqualRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
DestroyMenu
GetWindow
SetWindowContextHelpId
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
IsWindowEnabled
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetActiveWindow
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
CheckMenuItem
PostQuitMessage
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
SetWindowLongW
EnumWindows
GetSystemMetrics
GetWindowLongW
GetWindowTextW
GetKeyState
SystemParametersInfoW
PeekMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
SetCursor
GetSysColor
FillRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
LoadIconW
InvalidateRect
UpdateWindow
GetClientRect
ReleaseCapture
SetCapture
UnregisterClassW
GetSysColorBrush
WindowFromPoint
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
AdjustWindowRectEx
DrawTextW
GetSystemMenu
AppendMenuW
DrawIcon
GetScrollBarInfo
CopyRect
PtInRect
MessageBeep
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
MessageBoxW
EnumChildWindows
GetParent
IsWindowVisible
ScreenToClient
LoadAcceleratorsW
TranslateAcceleratorW
EnableWindow
SendMessageW
GetFocus
GetWindowRect
PostMessageW
LoadMenuW
GetSubMenu
EnableMenuItem
FindWindowW
IsIconic
ShowWindow
GetLastActivePopup
SetForegroundWindow
MapDialogRect
UnregisterClassA

gdi32

SetBkColor
CreateRectRgnIndirect
SaveDC
RestoreDC
SetMapMode
DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
Escape
SetTextColor
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
GetRgnBox
GetMapMode
SetViewportOrgEx
GetClipBox
ExtTextOutW
GetObjectW
CreateBitmap
GetDeviceCaps
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
ExcludeClipRect

comdlg32

GetFileTitleW

winspool.drv

EnumPrintersW
DocumentPropertiesW
GetPrinterW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
RegQueryValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ord165
ShellExecuteW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetSpecialFolderPathW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathAddBackslashW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
OleFlushClipboard

oleaut32

SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysFreeString
SysStringLen

Sections

.text
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.lrdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acc474331ff5fb649d3d0a968a9b1425

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 362KB - Virtual size: 361KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 13KB - Virtual size: 28KB

.rsrc Size: 296KB - Virtual size: 296KB

.reloc Size: 42KB - Virtual size: 41KB

.lrdata Size: 80KB - Virtual size: 80KB

.text
Size: 362KB - Virtual size: 361KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 13KB - Virtual size: 28KB

.rsrc
Size: 296KB - Virtual size: 296KB

.reloc
Size: 42KB - Virtual size: 41KB

.lrdata
Size: 80KB - Virtual size: 80KB