66c8bacb764f08517b26caea287af312_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

66c8bacb764f08517b26caea287af312_JaffaCakes118
Size

1.3MB
MD5

66c8bacb764f08517b26caea287af312
SHA1

8a4b9daca8387bef3aa1558663f3ed2b3a934414
SHA256

74a802178238a6cf50d63afb4c477ce487781af787f525b2a11630386418c7e4
SHA512

1d4d1864431d91c9884ea9c9bf5bfd64b76925038ba1042f97c6aa2a245bc63bde96cf9007896f5dca96c2e7dcc7483da6ebb53d64ffedbd19483533c3959838
SSDEEP

24576:uvVqDe+9GNI033ysmCqPbNCZQEo+d6BqsY52WR3TjJNK7YO:eMDCz9Yk6B92R3TzK7YO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66c8bacb764f08517b26caea287af312_JaffaCakes118

Files

66c8bacb764f08517b26caea287af312_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d64139139cac26903746d54a33662f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
ExitProcess
WaitForSingleObject
LeaveCriticalSection
CreateEventW
SetEvent
CreateMutexW
GetCurrentThread
SetThreadPriority
IsDebuggerPresent
SetPriorityClass
InitializeCriticalSection
GetLastError
GetProcAddress
DeleteCriticalSection
GetCurrentThreadId
SetThreadAffinityMask
LoadLibraryW
FreeLibrary
ReleaseMutex
EnterCriticalSection
CloseHandle
TerminateThread
GetCurrentProcess
Sleep
GetCurrentDirectoryW
GetLogicalDriveStringsW
FindNextFileW
CreateDirectoryW
MoveFileW
GetFileAttributesExW
GetFileAttributesW
FindFirstFileW
FindClose
SetFilePointer
DeleteFileW
ReadFile
GetModuleFileNameW
CreateFileW
GetVolumeInformationW
SetCurrentDirectoryW
RemoveDirectoryW
WriteFile
FlushFileBuffers
GetTempPathW
GetDriveTypeW
GlobalUnlock
GlobalSize
GetCurrentProcessId
GlobalLock
GetModuleHandleW
GlobalAlloc
GetVersionExW
QueryPerformanceCounter
IsProcessorFeaturePresent
QueryPerformanceFrequency
OutputDebugStringW
GetTickCount
GetThreadPriority
GetPriorityClass
LoadLibraryA
OpenFile
MultiByteToWideChar
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
WideCharToMultiByte
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
RtlUnwind
TerminateProcess
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetLocaleInfoA

user32

GetActiveWindow
GetKeyState
GetSystemMetrics
SetFocus
DispatchMessageW
GetWindowLongW
GetUpdateRgn
ReleaseCapture
SetWindowPos
LoadCursorW
EnableMenuItem
SetParent
CreateIconIndirect
GetWindowPlacement
PostMessageW
CreateCursor
ReleaseDC
GetDesktopWindow
RegisterClassExW
EnumDisplayMonitors
PeekMessageW
UnregisterClassW
TrackMouseEvent
SetCapture
DestroyIcon
SetCursorPos
WindowFromPoint
GetParent
EndPaint
InvalidateRect
GetMessagePos
CreateWindowExW
SystemParametersInfoW
MapVirtualKeyW
SetWindowTextW
SetCursor
SetWindowLongW
ShowWindow
GetFocus
GetMessageTime
GetForegroundWindow
BeginPaint
IsChild
DefWindowProcW
CallWindowProcW
GetCapture
SetForegroundWindow
GetWindowInfo
GetDC
GetCursorPos
GetIconInfo
GetSystemMenu
GetWindowTextW
SendMessageTimeoutW
TranslateMessage
GetMessageW
EnumWindows
SetClipboardData
CloseClipboard
EmptyClipboard
MessageBeep
OpenClipboard
GetClipboardData
GetClientRect
GetWindowThreadProcessId
MoveWindow
GetWindow
IsWindow
DestroyWindow
GetWindowRect
AttachThreadInput
SendMessageW
DestroyCursor

msvfw32

DrawDibOpen
DrawDibDraw

winmm

midiOutGetDevCapsW
timeBeginPeriod
midiInStart
midiOutShortMsg
midiInPrepareHeader
midiOutClose
midiInStop
midiOutPrepareHeader
midiOutLongMsg
midiOutGetNumDevs
midiInClose
midiInGetDevCapsW
midiOutUnprepareHeader
midiInAddBuffer
midiInGetNumDevs
midiInUnprepareHeader
midiOutOpen
midiInReset
midiInOpen
timeGetTime

opengl32

wglGetCurrentContext
wglShareLists
wglCreateContext
wglMakeCurrent
wglDeleteContext
wglGetProcAddress
glViewport

gdi32

CreateRectRgn
RealizePalette
GetTextMetricsW
CreateFontIndirectW
EnumFontFamiliesExW
GetOutlineTextMetricsW
GetGlyphOutlineW
SetMapperFlags
GetKerningPairsW
GetGlyphIndicesW
CreateRectRgnIndirect
SelectPalette
SetPixel
SetStretchBltMode
GetPixelFormat
StretchDIBits
ChoosePixelFormat
GetObjectW
CreateBitmap
CombineRgn
DeleteDC
GetRegionData
CreateCompatibleDC
GetPixel
SwapBuffers
RestoreDC
DeleteObject
CreateDIBSection
ExcludeClipRect
DescribePixelFormat
SetPixelFormat
SaveDC
GetDeviceCaps
SetMapMode
CreateCompatibleBitmap
CreateHalftonePalette
SelectObject

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyA
RegOpenKeyExW

shell32

Shell_NotifyIconW
ExtractAssociatedIconW
ShellExecuteW
SHGetSpecialFolderPathW

ole32

RegisterDragDrop
RevokeDragDrop
CoTaskMemAlloc
DoDragDrop
OleInitialize
OleUninitialize
CoCreateInstance
CLSIDFromString
CoInitialize

Sections

.text
Size: 788KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d64139139cac26903746d54a33662f7

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

winmm

opengl32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 788KB - Virtual size: 784KB

.rdata Size: 168KB - Virtual size: 166KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 380KB - Virtual size: 377KB

.text
Size: 788KB - Virtual size: 784KB

.rdata
Size: 168KB - Virtual size: 166KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 380KB - Virtual size: 377KB