42150775d201a85ebc379d21aa253f85_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

42150775d201a85ebc379d21aa253f85_JaffaCakes118
Size

485KB
MD5

42150775d201a85ebc379d21aa253f85
SHA1

fccd7df34e16abaf8d55935016cdb15df8041e06
SHA256

00206ccef9ee8da111cc547c698b7e61736b328de48ac5c307d05f2921ef0b9c
SHA512

4ff3c587a8d88e319acb028829c75ecb3e11c16a62ba9c2090720613c51c6555af698ba8ff75672b405602f196ed1b99dbeb9395bae62aac2140fa31600b36e0
SSDEEP

6144:dWc62phwLKiTNcINLs1W+Q7TDBAT6IaEmhCy/wVeMoHLcXrOd6GpN:IZ2LwrNcINYW+ipyvaEUSXa/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42150775d201a85ebc379d21aa253f85_JaffaCakes118

Files

42150775d201a85ebc379d21aa253f85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

99a4d178b6a1723841d98e9f64e965c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAddBackslashW
PathRemoveFileSpecW
PathFindFileNameW
PathRemoveExtensionW

comctl32

CreateStatusWindowW
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_Replace
ImageList_AddMasked
ImageList_Destroy
ImageList_Create
InitCommonControlsEx

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW

kernel32

lstrcpynA
lstrlenA
GlobalFree
GlobalUnlock
MulDiv
lstrcpyW
GetCurrentProcessId
CloseHandle
CreateFileW
ReadFile
SetFilePointer
WriteFile
WaitForSingleObject
GetFileSize
FindClose
GetFullPathNameW
FindFirstFileW
FindNextFileW
GetSystemTimeAsFileTime
HeapFree
HeapReAlloc
HeapAlloc
ExitThread
CreateThread
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
ExitProcess
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
GetTimeZoneInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
LoadLibraryA
GetLocaleInfoA
RtlUnwind
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
FlushFileBuffers
GetProcessHeap
InterlockedCompareExchange
IsProcessorFeaturePresent
GetModuleHandleA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
GetModuleFileNameW
GetModuleHandleW
LoadLibraryExW
lstrcmpiW
LoadLibraryW
GetLastError
GetProcAddress
FreeLibrary
GetVersionExW
lstrcpynW
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocaleInfoW
lstrcmpW
lstrlenW
GetUserDefaultLangID
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
FreeResource
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatW
WideCharToMultiByte
GetDateFormatW
MultiByteToWideChar
LockResource
RaiseException
SizeofResource
LoadResource
FindResourceW
FindResourceExW
Sleep
VirtualQuery

user32

DestroyWindow
LoadStringW
IsMenu
GetMenuItemCount
InvalidateRect
UpdateWindow
RegisterClassExW
GetClassInfoExW
LoadCursorW
DialogBoxIndirectParamW
EndDialog
ReleaseDC
GetSystemMetrics
MoveWindow
InflateRect
LoadImageW
wvsprintfW
LoadStringA
PostQuitMessage
SetRectEmpty
IsWindowVisible
GetWindowDC
SetScrollInfo
DestroyCursor
SetRect
BeginPaint
EndPaint
GetCapture
GetDlgCtrlID
PtInRect
ScreenToClient
CreatePopupMenu
AppendMenuW
IsWindowEnabled
EnableMenuItem
TrackPopupMenu
CopyRect
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetMessagePos
WindowFromPoint
ScrollWindowEx
GetScrollInfo
SetScrollPos
MessageBeep
TrackPopupMenuEx
MonitorFromPoint
OffsetRect
DrawTextW
DrawFocusRect
DrawEdge
SystemParametersInfoW
RemoveMenu
DrawFrameControl
CreateDialogIndirectParamW
GetFocus
FrameRect
UnhookWindowsHookEx
CallNextHookEx
GetClassNameW
SetWindowsHookExW
CharLowerW
GetKeyState
RegisterWindowMessageW
GetSubMenu
GetWindowThreadProcessId
UnregisterClassA
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadMenuW
CharNextW
IsWindow
GetWindowPlacement
PostMessageW
SetWindowPlacement
GetActiveWindow
CreateWindowExW
LoadIconW
GetDC
SetMenu
ModifyMenuW
DestroyMenu
GetMenu
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW
SetFocus
ShowWindow
ReleaseCapture
GetCursorPos
SetCapture
SetCursor
FillRect
GetWindowTextLengthW
GetWindowTextW
SendMessageW
EnableWindow
GetDlgItem
MessageBoxW
GetDlgItemTextW
DefWindowProcW
GetWindow
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetClientRect
MapWindowPoints
SetWindowTextW
SetDlgItemTextW
DestroyCaret
GetSysColorBrush
GetWindowLongW
GetKeyNameTextW
MapVirtualKeyW
CharUpperW
GetSysColor
SetWindowPos
SetWindowLongW
CallWindowProcW

gdi32

CreateBitmap
PatBlt
CreatePen
CreateFontIndirectW
GetDeviceCaps
CreateCompatibleBitmap
BitBlt
CreatePatternBrush
CreateDIBitmap
SetTextColor
SetBkMode
SelectObject
CreateCompatibleDC
CreateDIBSection
LineTo
MoveToEx
DeleteDC
DeleteObject
SetBrushOrgEx
SetBkColor
GetTextExtentPoint32W
CreateFontW
GetStockObject
GetObjectW
SetViewportOrgEx

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize

oleaut32

VarUI4FromStr
VariantClear

Sections

.text
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99a4d178b6a1723841d98e9f64e965c9

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

comctl32

shell32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 285KB - Virtual size: 284KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 34KB - Virtual size: 44KB

.rsrc Size: 108KB - Virtual size: 107KB

.text
Size: 285KB - Virtual size: 284KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 34KB - Virtual size: 44KB

.rsrc
Size: 108KB - Virtual size: 107KB