637ede27e78cd5ed3d2c715806eef558_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

637ede27e78cd5ed3d2c715806eef558_JaffaCakes118
Size

271KB
MD5

637ede27e78cd5ed3d2c715806eef558
SHA1

1921f5e96a1ad2d0dfe6de153b51807973894e0d
SHA256

06923c2284e42cb4c8280c652ad6c3975489a8b1ad84ad327dafabf6da5ac033
SHA512

86e77459ac8ac5b739561e54fac81007923b0e9295415a4e156b81129175407d53d25f85d29887e0fefeedcb298f03e27f65486bbeae34ab7f3d5e19403bbf68
SSDEEP

6144:+TC+lme8mX3yogwtYMJn3Vf9SCpHpXo/dXdfoaj:+R8mXXgM13VfXpJUDj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
637ede27e78cd5ed3d2c715806eef558_JaffaCakes118

Files

637ede27e78cd5ed3d2c715806eef558_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b73874036c7bfd06d596703295dc3b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
RegisterTypeLib
LoadTypeLib
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges

user32

GetKeyboardType
MessageBoxA
CharNextW
CreateWindowExW
WaitMessage
WaitForInputIdle
UnregisterClassW
TrackPopupMenu
ShowWindow
SetWindowTextW
SetWindowPos
SetWindowLongW
SetTimer
SetParent
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
RemoveMenu
RegisterWindowMessageW
RegisterClassW
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
MessageBoxW
MessageBeep
LoadIconW
LoadCursorW
LoadBitmapW
IsWindow
IsIconic
IsChild
InvalidateRect
InsertMenuItemW
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetKeyboardLayout
GetKeyState
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetCursorPos
GetClassInfoW
GetCapture
GetActiveWindow
FindWindowW
EnumWindows
EnableWindow
EnableMenuItem
DestroyMenu
DestroyIcon
DestroyCursor
DefWindowProcW
CreatePopupMenu
CreateMenu
CheckMenuItem
CharLowerW
AppendMenuW
ActivateKeyboardLayout

kernel32

GetACP
GetSystemInfo
GetCurrentThreadId
SetCurrentDirectoryW
lstrlenW
lstrcpynW
GetThreadLocale
GetModuleHandleW
GetCurrentDirectoryW
FreeLibrary
RaiseException
LocalAlloc
lstrcpyW
lstrcmpW
WaitForSingleObject
SetErrorMode
RemoveDirectoryW
OpenMutexW
MulDiv
MoveFileW
LocalFree
LoadResource
GlobalFindAtomW
GlobalDeleteAtom
GetWindowsDirectoryW
GetUserDefaultLangID
GetSystemDirectoryW
GetShortPathNameW
GetLogicalDrives
GetLocalTime
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
FindResourceW
FileTimeToSystemTime
EnumCalendarInfoW
CreateNamedPipeW
CreateMutexW
CreateEventW
CreateDirectoryW
CompareFileTime
GetProcessHeap
GetProcAddress

msimg32

AlphaBlend

gdi32

RemoveFontResourceW
GetTextExtentPointW
GetStockObject
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePalette
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
CreateBrushIndirect
CreateBitmap
AddFontResourceW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetOpenEnumW
WNetGetUniversalNameW
WNetGetConnectionW
WNetEnumResourceW
WNetCloseEnum

ole32

OleUninitialize
OleInitialize
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize
CoDisconnectObject

comctl32

InitializeFlatSB
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

ShellExecuteExW
ShellExecuteW
ExtractIconW
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

samlib

SamOpenAlias
SamCloseHandle
SamLookupIdsInDomain
SamDeleteUser
SamDeleteGroup
SamConnectWithCreds
SamQueryInformationGroup
SamTestPrivateFunctionsUser
SamOpenDomain

shdocvw

SHAddSubscribeFavorite
DoAddToFavDlg
HlinkFindFrame

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gyfS
Size: 3KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.LwQXi
Size: 4KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e
Size: 4KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MLY
Size: 93KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nER
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ore
Size: 119KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Iw
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b73874036c7bfd06d596703295dc3b4

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

mpr

ole32

comctl32

shell32

comdlg32

samlib

shdocvw

Sections

.text Size: 17KB - Virtual size: 17KB

.gyfS Size: 3KB - Virtual size: 223KB

.LwQXi Size: 4KB - Virtual size: 640KB

.rdata Size: 6KB - Virtual size: 21KB

.e Size: 4KB - Virtual size: 395KB

.MLY Size: 93KB - Virtual size: 162KB

.nER Size: 4KB - Virtual size: 1.0MB

.data Size: 6KB - Virtual size: 219KB

.ore Size: 119KB - Virtual size: 187KB

.Iw Size: 1024B - Virtual size: 9KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 17KB

.gyfS
Size: 3KB - Virtual size: 223KB

.LwQXi
Size: 4KB - Virtual size: 640KB

.rdata
Size: 6KB - Virtual size: 21KB

.e
Size: 4KB - Virtual size: 395KB

.MLY
Size: 93KB - Virtual size: 162KB

.nER
Size: 4KB - Virtual size: 1.0MB

.data
Size: 6KB - Virtual size: 219KB

.ore
Size: 119KB - Virtual size: 187KB

.Iw
Size: 1024B - Virtual size: 9KB

.rsrc
Size: 10KB - Virtual size: 10KB