49860673328199fa105992b3b5bc6589_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

49860673328199fa105992b3b5bc6589_JaffaCakes118
Size

122KB
MD5

49860673328199fa105992b3b5bc6589
SHA1

24c2689cf0e860a5657da8c974f2fb1d07e71c3e
SHA256

d071eecff321ccc3ef7eac23f2230a6dfd1784c4b52dccb6d3d206667ddc6f80
SHA512

1105126a5563a62b25f94d0533c9b91dc1685895a5af4e5cd6ba4b3ba1491425341519c335ca1c9c90ce5c0f13bfb74fa6dd3b71ad4cd59709f5cdacb3814233
SSDEEP

1536:vjhZN44MXrESBlCUH6ka+JWuTUnfKis6g10ZDyYgOiFJOaVEHolY7MlB:vjZKXrPBlFakaRrgVwEOaSHYY7gB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49860673328199fa105992b3b5bc6589_JaffaCakes118

Files

49860673328199fa105992b3b5bc6589_JaffaCakes118
.exe windows:4 windows x86 arch:x86

708982bc88d87d5bfb97461a23731ecc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
SetLastError
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
OutputDebugStringA
SetCurrentDirectoryW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcmpW
lstrcmpiW
lstrlenW
OpenEventW
MultiByteToWideChar
ResetEvent
RemoveDirectoryW
ReleaseSemaphore
ReleaseMutex
ReadFile
RaiseException
UnhandledExceptionFilter
QueryPerformanceCounter
MulDiv
MoveFileW
MoveFileExW
LockResource
LocalReAlloc
LocalFree
CloseHandle
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryExW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
IsValidLocale
IsProcessorFeaturePresent
IsDebuggerPresent
IsDBCSLeadByte
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalFree
GlobalAlloc
GetVersionExW
GetVersionExA
GetVersion
GetUserDefaultLangID
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetTempPathW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemTime
GetSystemDirectoryW
GetSystemDefaultLangID
GetProcessHeap
GetProcAddress
GetNumberFormatW
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLongPathNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFileTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetDriveTypeW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetCurrencyFormatW
GetCalendarInfoW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushInstructionCache
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumSystemLocalesW
EnumDateFormatsExW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateThread
CreateSemaphoreW
CreateMutexW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CompareFileTime
TlsSetValue

user32

MoveWindow
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharLowerA
CharNextW
CharUpperA
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyAcceleratorTable
DestroyIcon
DestroyWindow
DispatchMessageW
DrawFocusRect
DrawFrameControl
EmptyClipboard
EnableScrollBar
EnableWindow
EndPaint
EnumClipboardFormats
EqualRect
FillRect
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassNameW
GetClientRect
GetClipboardData
GetComboBoxInfo
GetCursor
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
WindowFromPoint
VkKeyScanW
UpdateWindow
UnregisterClassW
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
SystemParametersInfoW
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowRgn
SetWindowPos
SetWindowLongW
SetTimer
SetRectEmpty
SetRect
SetKeyboardState
SetFocus
SetCursor
SetClipboardData
SetCapture
SetActiveWindow
SendInput
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterWindowMessageA
RegisterClipboardFormatW
RegisterClassW
RegisterClassExW
RegisterClassA
RedrawWindow
PtInRect
PostThreadMessageW
PostMessageW
OpenClipboard
OffsetRect
SendMessageW
MonitorFromRect
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadImageW
LoadIconW
LoadCursorW
KillTimer
IsZoomed
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsClipboardFormatAvailable
IsChild
InvertRect
InvalidateRgn
InvalidateRect
IntersectRect
InflateRect
HideCaret
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetParent
GetMonitorInfoW
GetMessageW
GetMessageExtraInfo
GetKeyboardState
GetKeyboardLayout
GetKeyState
GetForegroundWindow
GetFocus

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoFileTimeNow
CoFreeUnusedLibraries
CoGetClassObject
CoGetInterfaceAndReleaseStream
CoGetMalloc
CoInitialize
CoMarshalInterThreadInterfaceInStream
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
CreateILockBytesOnHGlobal
CreateOleAdviseHolder
CreateStreamOnHGlobal
GetHGlobalFromILockBytes
GetHGlobalFromStream
OleGetClipboard
OleInitialize
OleLockRunning
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
OleRun
OleSaveToStream
OleUninitialize
WriteClassStm
StringFromGUID2
StringFromCLSID
StgCreateDocfileOnILockBytes
ReadClassStm
ProgIDFromCLSID

oleaut32

SysReAllocStringLen
DispCallFunc
GetErrorInfo
VariantTimeToSystemTime
VariantInit
VariantCopyInd
VariantCopy
VariantClear
VariantChangeTypeEx
VariantChangeType
VarUI4FromStr
VarR8FromStr
VarParseNumFromStr
VarNumFromParseNum
VarDecMul
VarDecFromStr
VarDecDiv
VarDecCmpR8
VarCmp
VarBstrFromR8
VarBstrFromDec
VarBoolFromStr
UnRegisterTypeLi
SystemTimeToVariantTime
SysStringLen
SysStringByteLen
CreateErrorInfo
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SysAllocString
SetErrorInfo
SafeArrayUnlock
SafeArrayUnaccessData
SafeArrayRedim
SafeArrayLock
SafeArrayGetVartype
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroy
SafeArrayCreateVector
SafeArrayCreate
SafeArrayCopy
SafeArrayAccessData
RegisterTypeLi
OleLoadPicturePath
OleCreatePropertyFrame
OleCreatePictureIndirect
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi

gdi32

SetBkColor
SetBkMode
SetLayout
SetMapMode
SetROP2
SetTextAlign
SelectPalette
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
SelectObject
SelectClipRgn
SaveDC
RestoreDC
Rectangle
RealizePalette
PlayEnhMetaFile
PatBlt
MoveToEx
LineTo
LPtoDP
GetTextMetricsW
GetStockObject
GetObjectW
GetNearestColor
GetMetaFileBitsEx
GetLayout
GetEnhMetaFileHeader
GetDeviceCaps
GetCurrentObject
ExtTextOutW
ExtCreatePen
EnumFontFamiliesExW
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePen
CreateMetaFileW
CreateICW
CreateFontIndirectW
CloseMetaFile
CreateEnhMetaFileW
CreateDCW
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
SetTextColor
CloseEnhMetaFile
BitBlt
CopyEnhMetaFileW

advapi32

RegQueryValueExW
TraceEvent
ReportEventW
RegisterTraceGuidsA
RegisterEventSourceW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupAccountSidW
LookupAccountNameW
IsValidSid
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetTokenInformation
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
EqualSid
DeregisterEventSource
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptGenKey
CryptDestroyKey
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CopySid
ConvertStringSidToSidW
ConvertSidToStringSidW

imm32

ImmGetCompositionFontW
ImmGetContext
ImmGetOpenStatus
ImmNotifyIME
ImmReleaseContext
ImmSetCompositionFontW
ImmGetCompositionStringW

shell32

SHGetFolderPathW
ShellExecuteExW

Exports

Exports

TokenizerInit
TokenizerTerminate
TokenizerTokenize

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

708982bc88d87d5bfb97461a23731ecc

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

gdi32

advapi32

imm32

shell32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 34KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 16KB

.idata Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 34KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 16KB

.idata
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB