760fd3264499dec49ba382d8b586bf1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

760fd3264499dec49ba382d8b586bf1a_JaffaCakes118
Size

198KB
MD5

760fd3264499dec49ba382d8b586bf1a
SHA1

4b9ca7571f7d71c2d69d992400abcd6ce55a7596
SHA256

de5e00b062258e8e4e08ee3d126d09c97f7bcfcdb7c7665d9b61b8c098520d93
SHA512

3f635e582c08cb73b86c4a4e2cd752b982f869d0d837795c499ae2f78d02c0590f4ce1739a0d7eddc8d8c853dc048fdf67dbe02196d751d44bbbfa6842530b8a
SSDEEP

3072:ftjfYzgSMR72tfPHgcnKfgyFJMxk8H2yfNMlhnR0U9P8G6yqvkxVAOD8BlZdmVnw:igSMR72pPAcnKD3K2RtVEyvjbn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
760fd3264499dec49ba382d8b586bf1a_JaffaCakes118

Files

760fd3264499dec49ba382d8b586bf1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b7563d9655f78e72e8fc025592496dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

ole32

ReleaseStgMedium
CoGetContextToken
StgCreateDocfileOnILockBytes
StringFromIID
CoRegisterClassObject

advapi32

RegQueryInfoKeyA
RegLoadKeyA

version

GetFileVersionInfoA

shlwapi

PathIsDirectoryA
PathFileExistsA
PathGetCharTypeA
PathIsContentTypeA
SHEnumValueA

user32

GetKeyboardLayoutList
SetWindowTextA
GetParent
UpdateWindow
MapVirtualKeyA
SetWindowLongA
DrawIconEx
SetMenuItemInfoA
GetSubMenu
GetKeyboardLayoutNameA
OffsetRect
CreateWindowExA
FindWindowA
MessageBeep
CharToOemA
DispatchMessageW
GetClientRect
DeleteMenu
PostMessageA
GetKeyboardState
ShowOwnedPopups
InvalidateRect
SetWindowPlacement
GetMenuItemID
GetSysColor
GetWindowRect
IsWindowEnabled
TranslateMessage
GetWindowThreadProcessId
CharNextW
GetForegroundWindow
UnhookWindowsHookEx
OemToCharA
IsWindowVisible
CallNextHookEx
GetPropA
DestroyMenu
GetKeyboardType
EmptyClipboard
GetCursor
GetFocus
PeekMessageA
IntersectRect
CreateMenu
SetCapture
CharNextA
EndPaint
PostQuitMessage
GetWindowDC
DrawFrameControl
ScreenToClient
LoadCursorA
GetCapture
KillTimer
WaitMessage
GetWindowLongA
UnregisterClassA
SetScrollInfo
GetClassInfoA
SetFocus
GetKeyNameTextA
CreateIcon
GetMenuItemInfoA
CharLowerBuffA
SetScrollRange
GetDlgItem
GetWindowLongW
GetScrollRange
PtInRect
DefMDIChildProcA
MapWindowPoints
IsDialogMessageW
SetForegroundWindow
DefFrameProcA
EnableWindow
OpenClipboard
CheckMenuItem
SetActiveWindow
LoadIconA
DefWindowProcA
ScrollWindow
InflateRect
FillRect
BeginPaint
GetScrollPos
GetMenuStringA
ClientToScreen
DrawTextA
GetLastActivePopup
LoadKeyboardLayoutA
SetParent
TranslateMDISysAccel
GetMenuState
DestroyWindow
GetDCEx
SetWindowsHookExA
GetClassLongA
SystemParametersInfoA
SendMessageA
GetScrollInfo
TrackPopupMenu
IsZoomed
GetSysColorBrush
SetClipboardData
ReleaseCapture
GetDesktopWindow
IsWindowUnicode
EnumThreadWindows
LoadStringA
IsWindow
CallWindowProcA
GetTopWindow
RedrawWindow
DrawEdge
GetMenuItemCount
ShowScrollBar
GetMessagePos
GetWindowPlacement
AdjustWindowRectEx
SetMenu
GetKeyState
WindowFromPoint
EqualRect
DestroyIcon
InsertMenuA
EnumChildWindows
RemoveMenu
SetWindowPos
RegisterWindowMessageA
ActivateKeyboardLayout
EnumWindows
ShowWindow
GetMenu
GetClipboardData
GetKeyboardLayout
IsIconic
GetSystemMetrics
DispatchMessageA
RegisterClipboardFormatA
RemovePropA
SetScrollPos
InsertMenuItemA
GetSystemMenu
DrawAnimatedRects
DrawMenuBar
SetRect
LoadBitmapA
GetClassNameA
SetPropA
SetCursor
EnableMenuItem
CreatePopupMenu
wsprintfA
GetCursorPos
RegisterClassA
IsRectEmpty
IsChild
SetWindowLongW
GetActiveWindow
FrameRect
GetWindow
EnableScrollBar
GetIconInfo
DestroyCursor
PeekMessageW
ReleaseDC
ChildWindowFromPoint
GetWindowTextA
SetTimer
CloseClipboard
MessageBoxA
DrawIcon
CharUpperBuffA
CharLowerA
MsgWaitForMultipleObjects
SetClassLongA

shell32

SHGetDesktopFolder

comdlg32

GetSaveFileNameA

kernel32

GetLastError
GetDiskFreeSpaceA
HeapFree
GetCurrentProcess
DeleteCriticalSection
FreeResource
LoadLibraryA
GetLocaleInfoA
WideCharToMultiByte
GetTickCount
LocalFree
HeapDestroy
WriteFile
GetStringTypeA
GetUserDefaultLCID
SizeofResource
SetHandleCount
MulDiv
GetDateFormatA
LoadLibraryExA
CreateFileA
SetFilePointer
lstrcmpiA
lstrcmpA
GetFileAttributesA
ReadFile
SetLastError
lstrcpyA
GetModuleFileNameA
GetFileSize
GetModuleHandleA
VirtualQuery
FindResourceA
RaiseException
DeleteFileA
ExitThread
GetCurrentThreadId
HeapAlloc
InitializeCriticalSection
lstrlenA
GetOEMCP
GetEnvironmentStrings
GetCurrentThread
GetStdHandle
CreateEventA
lstrcatA
GetCommandLineA
GlobalAlloc
SetThreadLocale
EnterCriticalSection
LockResource
VirtualAllocEx
GetFullPathNameA
GetProcessHeap
MoveFileExA
EnumCalendarInfoA
lstrcpynA
ExitProcess
LocalReAlloc
CompareStringA
CloseHandle
GetSystemDefaultLangID
FindClose
GetProcAddress
VirtualFree
GetCPInfo
SetEvent
CreateThread
SetEndOfFile
WaitForSingleObject
GetCurrentProcessId
GetVersion
FormatMessageA
MoveFileA
GetVersionExA
GetStringTypeW
GetACP
ResetEvent
LocalAlloc

oleaut32

SafeArrayGetElement
SafeArrayCreate
VariantCopyInd
VariantChangeType
RegisterTypeLib
OleLoadPicture
SafeArrayGetUBound
GetErrorInfo

comctl32

ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Destroy
ImageList_Read

msvcrt

swprintf
srand
mbstowcs
wcschr
malloc
clock
sqrt
atol
tolower
sprintf
wcsncmp
memset

gdi32

GetBitmapBits
GetClipBox
SelectObject
CreateDIBitmap
SetBkMode

Sections

CODE
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 37KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b7563d9655f78e72e8fc025592496dc

Headers

File Characteristics

Imports

ole32

advapi32

version

shlwapi

user32

shell32

comdlg32

kernel32

oleaut32

comctl32

msvcrt

gdi32

Sections

CODE Size: 73KB - Virtual size: 73KB

.rdata Size: 38KB - Virtual size: 38KB

BSS Size: 37KB - Virtual size: 45KB

.edata Size: 21KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 106B

DATA Size: 512B - Virtual size: 120B

.data Size: 512B - Virtual size: 24B

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 17KB - Virtual size: 16KB

CODE
Size: 73KB - Virtual size: 73KB

.rdata
Size: 38KB - Virtual size: 38KB

BSS
Size: 37KB - Virtual size: 45KB

.edata
Size: 21KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 106B

DATA
Size: 512B - Virtual size: 120B

.data
Size: 512B - Virtual size: 24B

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 17KB - Virtual size: 16KB