69241fc1667e07b6bef70b0d74048bfb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69241fc1667e07b6bef70b0d74048bfb_JaffaCakes118
Size

377KB
MD5

69241fc1667e07b6bef70b0d74048bfb
SHA1

f1bb66619c62607d9f976e3403da3e70a474c584
SHA256

e36c019d30bff37fb48554fb0490ccc8cf475752cf60a216cace6ae6dcd7b1fd
SHA512

cbe9a1c06df24fb6a1c5ea048826c42e0c317100d8f4de6daa1e702d4fae0500755d7d3e16b4bf78c5ab234a1f8e5f15e74b336db80de42db2254362594f1cd4
SSDEEP

6144:huWwQHbZf4RDbfQpFG2n5a9LMB+Il02z8XhnXx6VTkFCodf:LbZf4RDspFGoa9QB+azM6ydf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69241fc1667e07b6bef70b0d74048bfb_JaffaCakes118

Files

69241fc1667e07b6bef70b0d74048bfb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd820d10cb5f94e7df124a16dcf57992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

kernel32

InterlockedIncrement
LocalAlloc
GetCommandLineW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
WideCharToMultiByte
CreateFileA
GetFileSize
FormatMessageA
SetFilePointer
ReadFile
GetTempPathW
CreateFileW
CloseHandle
FormatMessageW
GetVersionExA
lstrlenA
VirtualQuery
lstrcpynA
FindResourceExW
FindResourceW
FreeLibrary
LoadResource
LoadLibraryExW
GetModuleHandleA
InterlockedDecrement
GetCurrentProcess
GlobalLock
GetModuleHandleW
GetTickCount
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
SizeofResource
GetVersionExW
LeaveCriticalSection
lstrcpynW
MulDiv
GetModuleFileNameW
lstrcmpW
MultiByteToWideChar
lstrlenW
GlobalUnlock
FlushInstructionCache
RaiseException
GetLastError
SetLastError
lstrcpyW
GetCurrentProcessId
DeleteFileW
GetCurrentThreadId
DeleteCriticalSection
VirtualProtect
lstrcmpiW
GetModuleFileNameA
LockResource
EnterCriticalSection
VirtualAlloc
GetProcAddress

user32

ScreenToClient
SetTimer
DestroyAcceleratorTable
GetDlgItemInt
SendMessageW
TranslateAcceleratorW
SetDlgItemTextW
IsWindowVisible
GetWindowTextLengthW
SetCursor
DestroyWindow
ClientToScreen
EndPaint
GetWindowRect
SetWindowTextW
SetMenuItemInfoW
GetDialogBaseUnits
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
CopyRect
GetWindow
GetSystemMetrics
ReleaseCapture
MessageBoxW
EqualRect
SetMenuDefaultItem
CreateWindowExW
RemoveMenu
MapDialogRect
EnableWindow
GetDlgCtrlID
MapWindowPoints
GetMessageW
MonitorFromPoint
PostQuitMessage
CharNextW
TrackPopupMenu
GetWindowDC
RegisterWindowMessageW
MoveWindow
UnregisterClassA
DispatchMessageW
FillRect
IsChild
LoadImageW
SetCapture
PostMessageW
DrawTextW
KillTimer
GetKeyState
LoadStringA
GetFocus
DialogBoxParamW
GetParent
InvalidateRgn
LoadCursorW
MessageBeep
GetClientRect
CreateAcceleratorTableW
SetFocus
DrawEdge
GetMenuItemInfoW
SetRectEmpty
BeginPaint
GetClassLongW
PtInRect
GetClassInfoExW
wsprintfW
GetDoubleClickTime
GetDC
GetCapture
DrawFocusRect
TranslateMessage
LoadAcceleratorsW
InflateRect
SetDlgItemInt
IsDialogMessageW
RegisterClassExW
OffsetRect
TrackPopupMenuEx
IntersectRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
SystemParametersInfoW
PeekMessageW
GetDCEx
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
RedrawWindow
DestroyCursor
GetDesktopWindow
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreatePopupMenu
GetSysColorBrush
CreateDialogParamW
GetMenuItemCount
IsWindow
DestroyMenu

gdi32

GetClipRgn
MoveToEx
SetWindowOrgEx
BitBlt
PatBlt
SetViewportOrgEx
LineTo
LPtoDP
SetTextColor
DeleteDC
Polygon
CreateFontIndirectW
GetDeviceCaps
SetBkColor
ExcludeClipRect
RemoveFontMemResourceEx
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
DPtoLP
CombineRgn
CreateCompatibleBitmap
ExtTextOutW
SaveDC
CreateFontW
GetObjectW
AddFontMemResourceEx
CreateRectRgn
Polyline
CreatePen
GetClipBox
IntersectClipRect
GetStockObject
RestoreDC
CreateSolidBrush

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

ole32

CoTaskMemFree
DoDragDrop
CreateItemMoniker
CoGetClassObject
CoTaskMemAlloc
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleLockRunning
OleInitialize
CoCreateInstance
GetRunningObjectTable
OleUninitialize

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
OleCreatePropertyFrame
VariantChangeType
SysAllocStringLen
VarBstrCmp
VariantInit
LoadTypeLi
VariantClear
DispCallFunc
SysAllocString

mkzlib

inflateEnd
inflateInit_
inflate
inflateReset

mkunicode

iso_getentry
Utf16ToUtf8

shlwapi

SHAutoComplete
StrCmpIW
UrlEscapeW

comctl32

ImageList_Draw
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_LoadImageW
_TrackMouseEvent

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xjbmcpe
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd820d10cb5f94e7df124a16dcf57992

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

rpcrt4

kernel32

user32

gdi32

advapi32

ole32

oleaut32

mkzlib

mkunicode

shlwapi

comctl32

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 37KB - Virtual size: 37KB

.reloc Size: 46KB - Virtual size: 47KB

xjbmcpe Size: - Virtual size: 4KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 37KB - Virtual size: 37KB

.reloc
Size: 46KB - Virtual size: 47KB

xjbmcpe
Size: - Virtual size: 4KB