71cc5b6331ebfa567887949c40860d9f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71cc5b6331ebfa567887949c40860d9f_JaffaCakes118
Size

970KB
MD5

71cc5b6331ebfa567887949c40860d9f
SHA1

b1a05436bfba404ae380a880229ef61f4f904866
SHA256

6da8ab3ed80eb244beb0a5ea4c4a2ccd2917254c6583869040723e5f63e6ef2d
SHA512

2581c954c33d35cb56ee78c60fdb6f81d245a76f08b3afda80c9fe756c73ece9042adbdcdd9c162ea1cfb9f7bc29886030fea1a81e3080790027952756285359
SSDEEP

24576:7aNKbDPMZOte0JMuiMkmx3gcRwe+c1JxtZJR:OktJMcx3pKs7xpR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71cc5b6331ebfa567887949c40860d9f_JaffaCakes118

Files

71cc5b6331ebfa567887949c40860d9f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

17318f067c182e767e4a3b73939d3ab3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ILGetSize
ILGetSize
ShellExecuteW
DragAcceptFiles
SHGetDesktopFolder
ShellExecuteExW
SHGetMalloc
SHBindToParent
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFileInfoW
DragQueryFileW
SHFileOperationW

winmm

timeGetTime
mmioDescend
mciGetErrorStringW
mciSendCommandA
mmioClose
mmioOpenW

msimg32

AlphaBlend

gdi32

CreateSolidBrush
DPtoLP
DeleteDC
CreateFontIndirectW
GetPixel
GetWindowExtEx
DeleteObject
RectVisible
TextOutW
SetBkMode
StretchBlt
CreatePen
ExtTextOutW
CreateCompatibleBitmap
Rectangle
CombineRgn
LPtoDP
GetStockObject
GetDIBColorTable
GetDeviceCaps
SetTextAlign
CreateDIBSection
PtVisible
CreateICW
GetMapMode
GetCharABCWidthsW
SetTextColor
RealizePalette
GetCurrentObject
CreateHalftonePalette
SelectObject
Escape
OffsetRgn
PatBlt
CreateRectRgn
CreateBitmap
BitBlt
SetStretchBltMode
CreateBitmapIndirect
GetTextColor
CreatePalette
ExtCreatePen
CreateRectRgnIndirect
GetObjectW
CreateDCW
CreateCompatibleDC
SetDIBits
GetTextMetricsW
GetDIBits
GetTextExtentPoint32W
GetViewportExtEx
PtInRegion

comctl32

ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_AddMasked
ImageList_GetIconSize
ImageList_Draw
ImageList_DragMove
_TrackMouseEvent
ImageList_GetIcon
ImageList_SetBkColor
FlatSB_GetScrollInfo
ImageList_Replace

user32

SendDlgItemMessageW
SetWindowPos
ReleaseCapture
SetRectEmpty
GetDlgItem
wvsprintfA
DrawTextExW
DrawTextW
KillTimer
IsZoomed
GetMenu
wsprintfA
BringWindowToTop
SetWindowRgn
LoadIconW
SetRect
FindWindowExW
SetClassLongW
GetCursorPos
DrawIconEx
IsClipboardFormatAvailable
SendMessageTimeoutW
RegisterHotKey
GetWindow
SetTimer
SetClipboardData
GrayStringW
GetWindowRect
GetWindowTextW
PostThreadMessageW
IsWindow
UpdateWindow
GetWindowLongW
LoadMenuW
InflateRect
GetCapture
SystemParametersInfoW
OpenClipboard
IsDlgButtonChecked
SetDlgItemTextW
GetFocus
RegisterWindowMessageW
EnableMenuItem
IsWindowVisible
TrackPopupMenu
SetForegroundWindow
ClientToScreen
SetWindowLongW
GetDlgItemInt
GetDlgCtrlID
DrawStateW
SetCursor
IsWindowEnabled
FindWindowW
MoveWindow
LockWindowUpdate
DrawFocusRect
UpdateLayeredWindow
MapDialogRect
MessageBoxW
PostQuitMessage
RemoveMenu
LoadBitmapW
SetActiveWindow
GetKeyState
CheckMenuItem
GetClientRect
EndDialog
WaitForInputIdle
RedrawWindow
ShowWindow
PtInRect
DestroyMenu
GetDlgItemTextW
LoadCursorW
ScreenToClient
OffsetRect
FillRect
GetSysColor
TranslateMessage
EqualRect
LoadStringW
EndPaint
DestroyIcon
SetCapture
WindowFromPoint
SetDlgItemInt
GetComboBoxInfo
wsprintfW
GetSystemMenu
GetDesktopWindow
RegisterClipboardFormatW
IsRectEmpty
GetLastActivePopup
GetClassInfoW
GetParent
CheckDlgButton
AdjustWindowRectEx
InvalidateRect
GetDC
CopyRect
GetClipboardData
IsIconic
GetActiveWindow
ExitWindowsEx
ReleaseDC
GetWindowDC
GetOpenClipboardWindow
LoadImageW
EnableWindow
PeekMessageW
SetWindowTextW
CloseClipboard
SetMenu
DispatchMessageW
BeginPaint
TabbedTextOutW
GetSubMenu
SendMessageW
GetMessagePos
GetSystemMetrics
PostMessageW
UnregisterClassW

gdiplus

GdipGetImageBounds
GdipImageRotateFlip
GdipAlloc
GdipGetImageHeight
GdipLoadImageFromFile
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipFree
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipLoadImageFromFileICM
GdipCreateFromHDC
GdiplusShutdown
GdipCloneImage
GdipGetImageThumbnail
GdipDeleteGraphics
GdipGetImageWidth
GdipDisposeImage

ole32

CreateClassMoniker
CoUninitialize
CoTaskMemAlloc
StringFromGUID2
CoSetProxyBlanket
CoCreateInstance
ReleaseStgMedium
OleUninitialize
CoTaskMemFree
GetRunningObjectTable
CoInitializeSecurity
OleInitialize
CoGetObject
CoInitialize

avifil32

AVIFileExit
AVIFileRelease
AVIStreamRead
AVIFileGetStream
AVIStreamReadFormat
AVIStreamInfoW
AVIFileInit
AVIFileOpenW
AVIStreamRelease

comdlg32

ChooseColorW
ChooseFontW
GetFileTitleW
CommDlgExtendedError

advapi32

CryptHashData
CryptEncrypt
RegQueryInfoKeyW
RegQueryValueExW
AllocateAndInitializeSid
RegCreateKeyExA
GetTokenInformation
ReportEventW
RegisterEventSourceW
RegQueryValueExA
RegOpenKeyExW
EqualSid
CryptDeriveKey
RegCreateKeyExW
RegSetValueExW
RegSetValueExA
RegEnumValueW
FreeSid
CryptDestroyHash
AdjustTokenPrivileges
CryptDestroyKey
CryptDecrypt
CryptCreateHash
CryptReleaseContext
RegDeleteKeyW
RegEnumKeyExW
OpenProcessToken
LookupPrivilegeValueW
RegCloseKey
GetUserNameA
CryptAcquireContextW

shlwapi

PathRemoveFileSpecA
PathFindFileNameW
StrStrIW
PathAddBackslashW
PathFileExistsW
PathFindExtensionW
PathAppendA
PathRemoveExtensionW
PathIsRelativeW
PathCompactPathW
PathIsRootW
PathAppendW
StrCmpIW
PathRemoveFileSpecW
PathAddExtensionW
PathRenameExtensionW
PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetLocaleInfoW
GetDiskFreeSpaceExW
GetVersion
GetLastError
SetConsoleTitleW
GetExitCodeProcess
LoadLibraryExW
GetCurrentProcess
GetCurrentThreadId
GetFullPathNameW
Sleep
GetProcessAffinityMask
CreateDirectoryW
MulDiv
SetCurrentDirectoryW
GetDriveTypeA
GetSystemTime
SetFilePointer
ReleaseMutex
CreateFileA
CopyFileW
GetExitCodeThread
WriteFile
WaitForSingleObject
GetDateFormatW
GetTempFileNameW
QueryPerformanceCounter
OutputDebugStringW
ReadFile
lstrcpyW
CreateMutexW
HeapFree
TerminateProcess
HeapAlloc
LoadResource
LocalFree
SetProcessAffinityMask
GlobalLock
GetLocaleInfoA
GlobalUnlock
CreatePipe
LocalAlloc
GetLogicalDriveStringsW
lstrcmpiW
OpenFileMappingW
OpenProcess
CreateEventW
ResetEvent
FreeLibrary
GetFileAttributesA
FindClose
InterlockedIncrement
GetShortPathNameW
GetFileAttributesW
GetVersionExW
WideCharToMultiByte
lstrlenA
GetCurrentThread
LoadLibraryA
Process32FirstW
DeviceIoControl
GetModuleHandleW
DeleteFileW
GetCurrentDirectoryW
GetVolumeInformationW
InterlockedDecrement
SetFileAttributesW
GetTimeFormatW
GetThreadLocale
Thread32First
VirtualAlloc
DebugBreak
GetVersionExA
QueryPerformanceFrequency
LockResource
GetSystemTimeAsFileTime
MoveFileW
InitializeCriticalSection
SetThreadPriority
FlushFileBuffers
GetLongPathNameW
lstrlenW
GetLocalTime
MultiByteToWideChar
LoadLibraryW
lstrcatA
FormatMessageW
GetModuleFileNameW
IsBadWritePtr
UnmapViewOfFile
lstrcatW
FindNextFileW
LocalFileTimeToFileTime
ResumeThread
SuspendThread
InterlockedExchange
WaitForMultipleObjects
GetProcAddress
SetEvent
GetStdHandle
EnterCriticalSection
GetModuleHandleA
GetModuleFileNameA
FatalAppExitW
CloseHandle
CreateToolhelp32Snapshot
MapViewOfFile
FileTimeToSystemTime
_llseek
GlobalFree
DeleteCriticalSection
FindFirstFileW
CreateThread
GetSystemInfo
Thread32Next
RemoveDirectoryW
SystemTimeToFileTime
GetACP
LeaveCriticalSection
FreeResource
GetTickCount
FindResourceW
CreateFileMappingW
CreateFileMappingA
RaiseException
CreateFileW
GetSystemDefaultLangID
GetTempPathW
GlobalMemoryStatus
CreateProcessW
GetComputerNameA
VirtualFree
GetProfileIntW
GetProcessHeap
GetFileSize
GetNumberFormatW
IsBadReadPtr
GetPrivateProfileStringW
GetStartupInfoW
GetDiskFreeSpaceA
Process32NextW
GlobalAlloc
FileTimeToLocalFileTime
AllocConsole
GetDriveTypeW
GetCurrentProcessId

Sections

.text
Size: 621KB - Virtual size: 621KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17318f067c182e767e4a3b73939d3ab3

Headers

File Characteristics

Imports

shell32

winmm

msimg32

gdi32

comctl32

user32

gdiplus

ole32

avifil32

comdlg32

advapi32

shlwapi

version

kernel32

Sections

.text Size: 621KB - Virtual size: 621KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 319KB - Virtual size: 3.6MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 621KB - Virtual size: 621KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 319KB - Virtual size: 3.6MB

.rsrc
Size: 16KB - Virtual size: 15KB