72323ac687e39ada97d49bfcd78246fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

72323ac687e39ada97d49bfcd78246fb_JaffaCakes118
Size

3.1MB
MD5

72323ac687e39ada97d49bfcd78246fb
SHA1

eac387688ac0502c51e185205442545ef1d3c343
SHA256

584c0e7ecae9305b926b17f10b8a46fd6b607302f0070bef70748eb037f4a51f
SHA512

c4535b0c8a2466a3ac39a5739646217a8b77b11d762408a9e659817d094b5fca83ad578055dd2e5fa87e114e42e2446890fb644bd41dc0e15afb08524db403e6
SSDEEP

98304:PruLErndWKVki9AWfT1TP2HCB8UmWYmRU+UKiymJG94p0uPz+5iDsOus:PruLELdr9AWfxLFR94p/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72323ac687e39ada97d49bfcd78246fb_JaffaCakes118

Files

72323ac687e39ada97d49bfcd78246fb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9ba2ad2e7c2ed892dc02b138055625e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmSetCompositionStringW
ImmGetCompositionStringW
ImmNotifyIME
ImmAssociateContext
ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow
ImmGetCandidateListW
ImmGetIMEFileNameA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

winmm

waveInOpen
waveInGetDevCapsW
waveInGetNumDevs
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveInPrepareHeader
waveOutOpen
waveOutGetErrorTextW
waveOutGetDevCapsW
waveOutGetNumDevs
timeEndPeriod
timeBeginPeriod
timeGetTime
waveInClose
waveInUnprepareHeader
waveInStart
waveInAddBuffer
waveOutClose
waveInReset

kernel32

MoveFileExW
FreeLibrary
GetProcAddress
LoadLibraryA
OutputDebugStringW
SetErrorMode
GetFileSizeEx
WriteFile
ReadFile
SetFilePointer
SetFilePointerEx
CloseHandle
CreateFileW
GetTickCount
GetModuleFileNameW
GetModuleHandleW
SetThreadExecutionState
GetCurrentProcess
ExitProcess
TerminateProcess
InterlockedExchange
GlobalMemoryStatusEx
GetSystemInfo
GetLastError
lstrcatW
lstrlenW
LoadLibraryW
CreateDirectoryW
CreateToolhelp32Snapshot
Process32First
Process32Next
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
ReleaseSemaphore
WaitForSingleObjectEx
CreateSemaphoreW
GetEnvironmentVariableA
SetEnvironmentVariableA
RaiseException
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
IsDebuggerPresent
Sleep
QueryPerformanceCounter
QueryPerformanceFrequency
TlsAlloc
TlsGetValue
TlsSetValue
VerSetConditionMask
FormatMessageW
VerifyVersionInfoW
GlobalAlloc
GetCurrentDirectoryW
GlobalUnlock
CompareStringA
MulDiv
CreateEventW
WaitForSingleObject
WideCharToMultiByte
GetSystemPowerStatus
GetLocaleInfoA
LocalFree
GetOverlappedResult
ResetEvent
DeviceIoControl
CreateEventA
CreateFileA
CancelIo
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualFree
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
SetEvent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
SetLastError
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
DuplicateHandle
MultiByteToWideChar
DecodePointer
EncodePointer
FindClose
GetModuleFileNameA
GetStdHandle
GetACP
HeapAlloc
HeapFree
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
FlushFileBuffers
HeapReAlloc
GetTimeZoneInformation
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
WriteConsoleW
HeapSize
GlobalLock

user32

UnregisterDeviceNotification
RegisterDeviceNotificationW
GetDesktopWindow
RegisterRawInputDevices
CreateIconIndirect
LoadCursorW
SetCursorPos
SetWindowRgn
CreateIconFromResource
GetParent
SetWindowLongW
UnregisterClassA
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
SetPropW
SetForegroundWindow
GetFocus
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
CreateWindowExW
RegisterClassExA
CreateWindowExA
GetMessageW
PostThreadMessageW
SetTimer
KillTimer
PtInRect
DialogBoxIndirectParamW
PostMessageW
GetRawInputDeviceList
GetRawInputDeviceInfoA
SystemParametersInfoW
SystemParametersInfoA
DrawTextW
SetFocus
RegisterClassW
GetDlgItem
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ReleaseDC
GetDC
MapVirtualKeyW
ToUnicode
GetKeyboardState
GetKeyboardLayout
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
GetClipboardSequenceNumber
CloseClipboard
OpenClipboard
GetDoubleClickTime
GetRawInputData
DestroyIcon
LoadIconW
GetWindowLongW
IsRectEmpty
WindowFromPoint
ScreenToClient
ClientToScreen
GetClipCursor
ClipCursor
GetCursorPos
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetPropW
ValidateRect
InvalidateRect
GetUpdateRect
GetMenu
GetSystemMetrics
GetAsyncKeyState
GetKeyState
IsIconic
IsWindowVisible
GetClassInfoExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
GetMessageExtraInfo
PeekMessageW
DispatchMessageW
TranslateMessage
MessageBoxA
SendMessageW
EndDialog
DestroyWindow

gdi32

GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
BitBlt
SwapBuffers
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
CreateCompatibleBitmap
CreateDCW
GetDeviceCaps
GetDIBits
GetDeviceGammaRamp
SetDeviceGammaRamp
CombineRgn
CreateRectRgn
CreateBitmap
ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
CreateCompatibleDC

shell32

ShellExecuteW
DragAcceptFiles
SHGetFolderPathW
ExtractIconExW
DragFinish
DragQueryFileW
CommandLineToArgvW

ole32

CoCreateInstance
CoInitializeEx
CoUninitialize
CoTaskMemFree
PropVariantClear

oleaut32

SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ba2ad2e7c2ed892dc02b138055625e2

Headers

DLL Characteristics

File Characteristics

Imports

imm32

setupapi

version

winmm

kernel32

user32

gdi32

shell32

ole32

oleaut32

advapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.rdata Size: 437KB - Virtual size: 437KB

.data Size: 56KB - Virtual size: 320KB

.rsrc Size: 135KB - Virtual size: 134KB

.reloc Size: 144KB - Virtual size: 144KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.rdata
Size: 437KB - Virtual size: 437KB

.data
Size: 56KB - Virtual size: 320KB

.rsrc
Size: 135KB - Virtual size: 134KB

.reloc
Size: 144KB - Virtual size: 144KB