4c48777532eec6664ed5984d1d2db718_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c48777532eec6664ed5984d1d2db718_JaffaCakes118
Size

2.3MB
MD5

4c48777532eec6664ed5984d1d2db718
SHA1

61b672f0783c0eb35db799836e19d022406bd235
SHA256

2d31f2abb844217659bb9dd5297e2fc341b54e7a6d3b54ae47b3aae2f29f4a3b
SHA512

1cb21013fdb7426249bc18adcce1c4d0bf1b6fdf4daf10e47e0eb14457c8c753a0ef66f98edd0baa5e34005bb371d76eed537a9a1326e6794b31b4711c47feb1
SSDEEP

49152:FBg3cb4/+8a7GgB1k+s4q9Q4qk9cbC8bmSlDbTBfYvUOYm3jASBU6dmYj3OOF:ENcbC8bXDbTBfYd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c48777532eec6664ed5984d1d2db718_JaffaCakes118

Files

4c48777532eec6664ed5984d1d2db718_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e2f65ce4b84f564cbf9b83a9e4e745e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceCtrlDispatcherA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExW
RegSetValueExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegQueryValueExW
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA

comctl32

InitCommonControlsEx
ord17

gdi32

DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
SetStretchBltMode
StretchBlt
DeleteDC
CreateDIBSection
StretchDIBits
GetObjectA
GetStockObject
CreateDCA
CreateCompatibleBitmap
SetBrushOrgEx
SetTextAlign
EnumFontsW
EnumFontsA
SelectPalette
RealizePalette
CreateBrushIndirect
CreateSolidBrush
SetBkMode
CreateRectRgn
CombineRgn
SelectClipRgn
GetEnhMetaFileA
ExcludeClipRect
SetMapMode
GetDeviceCaps
CreateFontW
CreateFontA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetPixel
SetPixelV
CreatePalette
GetEnhMetaFileHeader
EnumEnhMetaFile
DeleteEnhMetaFile
GetMetaFileA
DeleteMetaFile
SetViewportOrgEx
SetDIBitsToDevice
CreateDIBitmap
GetDIBits
GetSystemPaletteEntries
CreatePen
MoveToEx
LineTo
Polygon
SetTextColor
CreateMetaFileW
CreateMetaFileA
CreateEnhMetaFileW
CreateEnhMetaFileA
CloseMetaFile
CloseEnhMetaFile
GetTextMetricsW
StartPage
SetWindowExtEx
SetViewportExtEx
StartDocA
SetAbortProc
CreateICA
EndPage
EndDoc
CreateFontIndirectA
GetFontLanguageInfo
RoundRect
Ellipse
CreateBitmap
CreatePatternBrush
GetClipRgn
Rectangle
GetTextMetricsA

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GlobalSize
LoadLibraryA
GetProcAddress
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
_llseek
_lread
ExitProcess
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
GetModuleHandleW
GetModuleHandleA
GetTickCount
GetSystemTime
GetDateFormatA
GetTimeFormatA
FileTimeToSystemTime
SystemTimeToFileTime
CompareFileTime
GetVersion
ReadFile
WriteFile
CreateFileW
CreateFileA
SetFilePointer
CloseHandle
MulDiv
GetACP
InterlockedIncrement
InterlockedDecrement
GetCommProperties
CreateEventA
GetLastError
SetCommTimeouts
GetCommState
SetCommState
EscapeCommFunction
ClearCommError
ResetEvent
WaitForSingleObject
GetOverlappedResult
GetCommModemStatus
SetCommBreak
ClearCommBreak
WideCharToMultiByte
_lopen
_lclose
FindResourceA
LoadResource
LockResource
VirtualAlloc
OutputDebugStringA
GetUserDefaultLangID
CompareStringA
IsDBCSLeadByteEx
GetStringTypeExA
GetLocaleInfoA
CompareStringW
GetTempPathW
GetTempFileNameW
GetTempPathA
GetTempFileNameA
LoadLibraryW
DeleteFileW
DeleteFileA
FatalAppExitA
MultiByteToWideChar
GlobalReAlloc
FreeLibrary
GetVersionExA
GetCurrentDirectoryA
GetLocaleInfoW
FindFirstFileW
FindNextFileW
FindClose
FindFirstFileA
FindNextFileA
GetFileAttributesW
GetFileAttributesA
GetLogicalDriveStringsA
MoveFileW
MoveFileA
SetFileAttributesW
SetFileAttributesA
SetFileTime
GetWindowsDirectoryW
GetWindowsDirectoryA
GetSystemDirectoryW
GetSystemDirectoryA
RemoveDirectoryW
RemoveDirectoryA
SetCurrentDirectoryA
CopyFileW
CopyFileA
CreateDirectoryW
CreateDirectoryA
GetShortPathNameW
GetShortPathNameA
GetLogicalDrives
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
IsBadReadPtr
Sleep
IsValidCodePage
GetCommandLineW
GetCommandLineA
GetEnvironmentVariableA
GetEnvironmentVariableW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetFileSize
SetEndOfFile
FlushFileBuffers
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
VirtualFree
VirtualProtect
GetProcessHeap
HeapAlloc
HeapFree
lstrcpyA
GetStartupInfoA
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetCurrentProcess
DuplicateHandle
GetStdHandle
RtlUnwind
GetEnvironmentStrings
FreeEnvironmentStringsA

oleaut32

OleLoadPicturePath
SysAllocString
SysFreeString
OleCreatePictureIndirect

shell32

DragQueryFileA
DragQueryFileW
DragAcceptFiles
DragFinish
ShellExecuteW
ShellExecuteA
SHGetPathFromIDListA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
Shell_NotifyIconA

user32

GetAsyncKeyState
WindowFromDC
GetSysColor
GetDC
ReleaseDC
SetRect
FillRect
GetSystemMetrics
DrawFocusRect
InvalidateRect
OffsetRect
DestroyCursor
LoadCursorA
CreateCursor
LoadImageA
SetCursor
wsprintfA
AdjustWindowRect
CreateWindowExW
CreateWindowExA
GetSystemMenu
EnableMenuItem
SetMenu
GetParent
SendMessageA
DestroyWindow
GetWindowRect
ScreenToClient
MoveWindow
IsWindowVisible
ShowWindow
GetTopWindow
GetWindow
GetForegroundWindow
GetActiveWindow
IsZoomed
BringWindowToTop
BeginPaint
EndPaint
GetClientRect
ClientToScreen
GetClassNameA
GetWindowLongA
SetWindowTextW
SetWindowTextA
IsIconic
SystemParametersInfoA
EnumWindows
EnumChildWindows
GetKeyState
GetMessageTime
GetMessagePos
LoadIconA
RegisterClassW
RegisterClassA
MessageBeep
SetFocus
GetCursorPos
ChildWindowFromPointEx
SetForegroundWindow
TrackPopupMenu
DrawFrameControl
OpenClipboard
EmptyClipboard
GetClipboardData
IsClipboardFormatAvailable
SetClipboardData
RegisterClipboardFormatA
GetSubMenu
GetMenuItemInfoA
GetMenuStringW
GetMenuStringA
SetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
EnableWindow
GetPropA
SendMessageW
SetWindowPos
RedrawWindow
GetWindowDC
InflateRect
DefWindowProcA
SetWindowLongA
GetSysColorBrush
GetScrollInfo
GetScrollPos
GetScrollRange
SetScrollPos
SetScrollRange
SetScrollInfo
KillTimer
SetTimer
PeekMessageA
TranslateMessage
DispatchMessageA
TranslateMDISysAccel
CreateMDIWindowW
CreateMDIWindowA
PostMessageA
GetDoubleClickTime
GetMenu
DrawMenuBar
GetFocus
GetMenuState
WindowFromPoint
GetMessageA
SetCapture
ReleaseCapture
CharUpperBuffA
CharLowerBuffA
MessageBoxW
MessageBoxA
FindWindowW
FindWindowA
ScrollWindow
InvalidateRgn
ValidateRect
DragDetect
UpdateWindow
SetParent
VkKeyScanA
TranslateAcceleratorA
DrawTextW
DrawTextA
LoadCursorFromFileA
GetIconInfo
DestroyIcon
GetMenuItemCount
CreateMenu
DestroyMenu
GetMenuItemInfoW
SetMenuItemInfoW
SetMenuItemInfoA
GetMenuItemID
DeleteMenu
CreatePopupMenu
InsertMenuW
InsertMenuA
CheckMenuItem
DrawIconEx
GetWindowLongW
SetWindowLongW
CallWindowProcW
CallWindowProcA
DefFrameProcW
DefFrameProcA
DefMDIChildProcW
DefMDIChildProcA
DefWindowProcW
CloseClipboard
MapVirtualKeyA
GetKeyNameTextW
GetKeyNameTextA
CreateIconIndirect
InvertRect
DrawIcon
ShowCursor
CreateIconFromResourceEx
CreateIconFromResource
FrameRect

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueW
VerQueryValueA

winmm

mciSendStringA
mciSendStringW
midiOutOpen
midiOutClose
midiOutShortMsg

comdlg32

ChooseColorA
GetOpenFileNameW
GetOpenFileNameA
GetSaveFileNameW
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

ole32

RegisterDragDrop
RevokeDragDrop
CoInitialize
CoCreateInstance
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoUninitialize
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
CoTaskMemFree
DoDragDrop

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.exc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2f65ce4b84f564cbf9b83a9e4e745e0

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

user32

version

winmm

comdlg32

ole32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 15KB - Virtual size: 15KB

.exc Size: 512B - Virtual size: 340B

.data Size: 666KB - Virtual size: 666KB

.CRT Size: 512B - Virtual size: 132B

.rsrc Size: 26KB - Virtual size: 26KB

.idata Size: 12KB - Virtual size: 11KB

.bss Size: - Virtual size: 120KB

.edata Size: 72KB - Virtual size: 72KB

.reloc Size: 109KB - Virtual size: 108KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 15KB - Virtual size: 15KB

.exc
Size: 512B - Virtual size: 340B

.data
Size: 666KB - Virtual size: 666KB

.CRT
Size: 512B - Virtual size: 132B

.rsrc
Size: 26KB - Virtual size: 26KB

.idata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 120KB

.edata
Size: 72KB - Virtual size: 72KB

.reloc
Size: 109KB - Virtual size: 108KB