691fbfa171bd8193905c91d302521af7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

691fbfa171bd8193905c91d302521af7_JaffaCakes118
Size

197KB
MD5

691fbfa171bd8193905c91d302521af7
SHA1

06f1d9d99564dffa0d46748f318ecf5f84863c09
SHA256

b1687b639d79244a0fa0ab60daa8cfce091dc258b286a2e14033a58a9c3edcf0
SHA512

2bc652494ed4f2ef0210e207752de3265e4241496d579dab1a3a722ee42aba71a16ee119bef8348ea02213b04b47b4bad9735344a4903e974f44b13af5504cda
SSDEEP

3072:I6WKzgPV8thHfU2IOkjFbl9bVwtGA+pGUjgzC642d9xZALawVMJBP4f2YhEpeE8X:yyaV8MXOkjFbl9auAU24ACa4AcIzyH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
691fbfa171bd8193905c91d302521af7_JaffaCakes118

Files

691fbfa171bd8193905c91d302521af7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aa1d4bf7af77ad9f8b9c911c3726da94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\sbxssxxxtk\eewrt\oaunceivp\aoukeun\stu\ohvyd.PDB

Imports

wininet

InternetQueryDataAvailable
InternetQueryOptionA
HttpSendRequestW
InternetReadFile
InternetGetConnectedState
InternetSetFilePointer

comctl32

InitCommonControlsEx
ImageList_ReplaceIcon
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Create

ole32

CLSIDFromProgID
RegisterDragDrop
DoDragDrop
CoUninitialize

user32

ClientToScreen
PtInRect
GetSubMenu
SetWindowPlacement
EndDeferWindowPos
InsertMenuW
DeferWindowPos
GetWindowTextW
GetKeyboardLayout
GetKeyState
IsWindowEnabled
GetTopWindow
EmptyClipboard
ShowWindow
LoadImageW
DispatchMessageW
GetMenuStringW
GetCursorPos
SetDlgItemTextW
RegisterClassW
SetScrollInfo
RegisterClassExW
IsRectEmpty
CloseClipboard
ReleaseDC
CreateDialogIndirectParamW
DeleteMenu
GetWindowRect
InvalidateRect
GetClientRect
SetMenuDefaultItem
IsClipboardFormatAvailable
GetDesktopWindow
GetDoubleClickTime
SetTimer
DestroyMenu
IsChild
MapWindowPoints
GetLastActivePopup
DestroyAcceleratorTable
PostMessageW
GetMenuItemID
GetSysColor
ModifyMenuW
SetDlgItemInt
LoadMenuW
EndDialog
ScreenToClient
WindowFromPoint
DestroyWindow
UnregisterClassA
InvalidateRgn
MessageBeep
EnableWindow
SetMenuItemBitmaps
DestroyIcon
AppendMenuW
GetSysColorBrush
EndPaint
GetNextDlgGroupItem
LoadBitmapW
GetMenuState
GetActiveWindow
SetWindowLongW
MoveWindow
CreateWindowExW
TrackPopupMenu
GetDlgItem
GetWindowThreadProcessId
EnableMenuItem
GetForegroundWindow
RegisterClipboardFormatW
MessageBoxW
GetMenuCheckMarkDimensions
OpenClipboard
SetForegroundWindow
LoadAcceleratorsW
SetCapture
SendDlgItemMessageA
GetWindowDC
CopyRect
SetParent
IsIconic
GetScrollInfo
IsWindowVisible
CreatePopupMenu
SystemParametersInfoW
GetDC
DragDetect
IsMenu
UpdateWindow
GetFocus
OffsetRect
GetDlgCtrlID
GetClassLongW
IsDlgButtonChecked
DestroyCursor
SetMenuItemInfoW
TranslateMessage
GetDlgItemTextW
GetMenuItemCount
SetScrollPos
PostQuitMessage
AdjustWindowRectEx
SetCursor
ReleaseCapture
SetMenu
TrackPopupMenuEx
SetFocus
GetWindow
SetClipboardData
KillTimer
FillRect
GetCapture
BeginPaint
SetRect
SetActiveWindow
BeginDeferWindowPos
DrawMenuBar
RemoveMenu
EqualRect
DrawEdge
CheckMenuItem
ScrollWindowEx
GetMessageTime
DrawFocusRect
CreateMenu
PeekMessageW
SetRectEmpty
CallNextHookEx
GetSystemMetrics
UnhookWindowsHookEx
GetParent
DefWindowProcW

advapi32

InitializeSecurityDescriptor
RegSetValueExA
OpenProcessToken
RegQueryValueA
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyA

kernel32

InitializeCriticalSection
GetTickCount
HeapReAlloc
GetCurrentProcessId
CompareStringW
GetVersion
FreeEnvironmentStringsA
GetStartupInfoA
CompareStringA
SetStdHandle
FlushFileBuffers
CloseHandle
SetEnvironmentVariableA
IsBadWritePtr
GetModuleHandleA
InterlockedDecrement
TlsFree
TlsSetValue
HeapDestroy
ExitProcess
GetStdHandle
GetCommandLineW
VirtualQuery
GetCPInfo
CreateMutexW
GetStringTypeA
FreeEnvironmentStringsW
InterlockedExchange
TlsGetValue
GetEnvironmentStringsW
SetHandleCount
HeapAlloc
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
GetProcAddress
VirtualFree
RtlUnwind
SetLastError
LCMapStringW
LCMapStringA
GetCurrentThread
InterlockedIncrement
WideCharToMultiByte
GetLocalTime
GetFileType
RaiseException
EnterCriticalSection
GetStringTypeW
IsBadCodePtr
GetCurrentThreadId
DeleteCriticalSection
TerminateProcess
TlsAlloc
GetEnvironmentStrings
QueryPerformanceCounter
GetTimeZoneInformation
LoadLibraryA
UnhandledExceptionFilter
SetFilePointer
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCommandLineA
GetModuleHandleW
ReadFile
LeaveCriticalSection
GetLastError
MultiByteToWideChar
IsBadReadPtr
HeapFree
WriteFile
VirtualAlloc
GetCurrentProcess
FatalAppExitA
GetSystemTime
GetModuleFileNameA
GetStartupInfoW
HeapCreate

gdi32

CreatePalette
CreateDCW
CreateFontIndirectW
GetPixel
EnumFontFamiliesExW
StrokePath
SelectClipRgn
GetTextMetricsA
CreateCompatibleDC
AbortDoc
IntersectClipRect
Arc
Ellipse
TextOutW
GetTextExtentPoint32W
GetRgnBox
SetWindowExtEx
SetROP2
EndPage
DeleteObject
CreatePatternBrush
StretchBlt
CreateCompatibleBitmap
EndDoc
SetBkMode
Rectangle
Polygon
GetDIBits
CreateSolidBrush
PtInRegion
MoveToEx
StartPage
CreatePolygonRgn
GetDeviceCaps
GetTextColor
GetStockObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter
ord204
GetJobA
GetPrinterA

wsock32

WSACleanup

shell32

DragQueryFileW
SHGetSpecialFolderPathW
ord155
ShellExecuteExW
SHBrowseForFolderW

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa1d4bf7af77ad9f8b9c911c3726da94

Headers

File Characteristics

PDB Paths

Imports

wininet

comctl32

ole32

user32

advapi32

kernel32

gdi32

winspool.drv

wsock32

shell32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 79KB - Virtual size: 79KB

.data Size: 41KB - Virtual size: 70KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 79KB - Virtual size: 79KB

.data
Size: 41KB - Virtual size: 70KB

.rsrc
Size: 20KB - Virtual size: 20KB