67001202de3838c1866fa262fa32607a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67001202de3838c1866fa262fa32607a_JaffaCakes118
Size

791KB
MD5

67001202de3838c1866fa262fa32607a
SHA1

f0239b33b6b72dd809836de8ffc43ca5a4617f46
SHA256

2896969b988689a955d822b17c752d3a281e12fbc17911d6eae3a1cd2c2d1d91
SHA512

1d4a2a56b4eed0a4cac0d94c2b80ac1b28a8df7ec1bf97df9925a87950308167d58b4fe153ca8a1bae56b2790346570f0703acb5c5c64a97ef8dc70e0d7dfaac
SSDEEP

12288:5+J1QCCjrlj4Q+Smv7QftksI3ub1EDKJ9QtgI6kF64h:g1hCjxj4Qpmv63I3uQtNh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67001202de3838c1866fa262fa32607a_JaffaCakes118

Files

67001202de3838c1866fa262fa32607a_JaffaCakes118
.exe windows:6 windows x86 arch:x86

8307b46b17cba23de17f2b5a9d4178e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Freecell.pdb

Imports

msvcrt

_ismbblead
exit
_acmdln
_initterm
_amsg_exit
_except_handler3
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
__dllonexit
_onexit
_controlfp
?terminate@@YAXXZ
?_set_new_mode@@YAHH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
_wcsicmp
qsort
_CIlog
_CIpow
_XcptFilter
isleadbyte
__mb_cur_max
_vscwprintf
wcstod
_CIatan
??2@YAPAXI@Z
__CxxFrameHandler
free
realloc
_finite
memset
time
wcsncmp
srand
_purecall
wcstol
_exit
_cexit
__getmainargs
_fileno
_iob
_isatty
_write
__pioinfo
__badioinfo
_lseek
wctomb
_itoa
_snprintf
strncmp
memcmp
rand
??_V@YAXPAX@Z
mbtowc
malloc
_errno
wcstoul
??_U@YAPAXI@Z
_CIacos
_CIatan2
_CIsin
_CIsqrt
??3@YAXPAX@Z

kernel32

LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
VirtualFree
GetThreadLocale
LocalFree
GetLocaleInfoW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
VirtualAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
OutputDebugStringA
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSection
GetVersionExA
FindResourceExW
FormatMessageW
LoadResource
LockResource
FreeLibrary
DebugBreak
GetFileType
AllocConsole
GetStdHandle
WriteConsoleW
SetFilePointer
CreateDirectoryW
CreateFileW
CloseHandle
GetFileAttributesW
CopyFileW
WriteFile
ReadFile
GetFileSize
GetCurrentDirectoryW
DeleteFileW
LoadLibraryW
GetProcAddress
MultiByteToWideChar
MulDiv
SetLastError
LeaveCriticalSection
EnterCriticalSection
RaiseException
FlushInstructionCache
ProcessIdToSessionId
WTSGetActiveConsoleSessionId
CreateMutexW
GetCurrentProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
ExitProcess
SleepEx
OutputDebugStringW
SetCurrentDirectoryW
GetModuleFileNameW
GetLastError

user32

UnregisterClassA
GetWindow
GetIconInfo
GetActiveWindow
MessageBoxW
DrawTextExW
ScreenToClient
CallWindowProcW
KillTimer
SetTimer
GetDoubleClickTime
GetCursorPos
GetSystemMetrics
NotifyWinEvent
GetProcessDefaultLayout
SystemParametersInfoW
LoadIconW
PostMessageW
LoadMenuW
GetMenu
DestroyMenu
SetMenu
DrawMenuBar
SetWindowTextW
SendDlgItemMessageW
SetDlgItemInt
IsDlgButtonChecked
GetDlgItem
SendMessageW
DialogBoxParamW
EndDialog
RegisterClassW
GetKeyState
CreateWindowExW
RegisterClassExW
BeginPaint
IsWindowVisible
GetSysColorBrush
EndPaint
GetSysColor
LoadStringW
DrawTextW
PostQuitMessage
SetCapture
TrackMouseEvent
DefWindowProcW
MonitorFromWindow
IntersectRect
IsRectEmpty
ReleaseCapture
RedrawWindow
GetDC
ReleaseDC
EnumDisplayMonitors
SetWindowPlacement
SetWindowPos
MonitorFromRect
GetMonitorInfoW
UnionRect
EqualRect
GetWindowPlacement
GetClientRect
SetRect
GetWindowLongW
AdjustWindowRect
GetWindowRect
LoadCursorW
GetClassInfoExW
InvalidateRect
ShowWindow
IsIconic
DestroyWindow
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
PeekMessageW
LoadAcceleratorsW
SetForegroundWindow
BringWindowToTop
FindWindowW
SetWindowLongW
GetClassLongW

shell32

ShellAboutW
SHGetFolderPathW

advapi32

RegOpenKeyExW
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegQueryValueExW
GetUserNameW

gdi32

CreateCompatibleBitmap
GetDIBits
CreateCompatibleDC
GetTextExtentPoint32W
DeleteObject
SaveDC
RestoreDC
CreateFontW
SelectObject
PatBlt
SetTextColor
SetBkColor
SetBkMode
GetDeviceCaps
AddFontResourceW
RemoveFontResourceW
DeleteDC

oleaut32

SysAllocString
SysFreeString

ole32

CoInitialize
CoUninitialize
CoCreateInstance

comctl32

ImageList_Create
ImageList_Add
ImageList_Destroy
InitCommonControlsEx

gdiplus

GdipCloneImage
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCreateHBITMAPFromBitmap

secur32

GetUserNameExW

d3d9

Direct3DCreate9

dsound

ord11

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

oleacc

CreateStdAccessibleProxyW
LresultFromObject

Exports

Exports

_invalid_parameter

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 508KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8307b46b17cba23de17f2b5a9d4178e1

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

shell32

advapi32

gdi32

oleaut32

ole32

comctl32

gdiplus

secur32

d3d9

dsound

winmm

oleacc

Exports

Exports

Sections

.text Size: 276KB - Virtual size: 275KB

.data Size: 6KB - Virtual size: 22KB

.rsrc Size: 508KB - Virtual size: 508KB

.text
Size: 276KB - Virtual size: 275KB

.data
Size: 6KB - Virtual size: 22KB

.rsrc
Size: 508KB - Virtual size: 508KB