72f3bc42ce359fafc64fb95be547f44c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72f3bc42ce359fafc64fb95be547f44c_JaffaCakes118
Size

260KB
MD5

72f3bc42ce359fafc64fb95be547f44c
SHA1

fa9de69217f0097dad8a4e2e4f5e07872e7ac328
SHA256

1acbfc9d80ce24aaba4e05ae980a65b3fe92fbbe74ef5b6c0d0699c1ffbaed12
SHA512

85cbf83d2adac88904fd7a1e9631538454bb564055306ac9168f5bec156a3ab0e8431aeb76df45396059b2b6c4ed58de18c8034b54c85100da345ed718902f20
SSDEEP

6144:vxgfCfgysbCHQ6/GT9OkOE4QqTKt1Bl1g6kl:vxB1s2HwUkOTgvrk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f3bc42ce359fafc64fb95be547f44c_JaffaCakes118

Files

72f3bc42ce359fafc64fb95be547f44c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63c4665ea3c364c43a5564d60b5d2250

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowDC
IsMenu
CreateAcceleratorTableW
EqualRect
SetCursorPos
FrameRect
ExitWindowsEx
WaitForInputIdle
GetCapture
DrawTextExA
RegisterClassA
GetWindowRgn
GetClientRect
ClipCursor
SetWindowLongW
UnregisterClassW
FlashWindowEx
MapWindowPoints
EnableScrollBar
GetKeyboardState
DrawTextW
CharNextA
GetDlgCtrlID
GetClassInfoExA
wvsprintfW
GetClipboardData
LoadImageW
GetAncestor
GetFocus
DialogBoxIndirectParamW
IsWindowVisible
InvalidateRgn
RemovePropW
LoadCursorW
GetDesktopWindow
RegisterWindowMessageA
GetDoubleClickTime
SetWindowPos
PeekMessageW
ClientToScreen
SetWindowRgn
CreatePopupMenu
GetMenuItemInfoW
SetParent
GetMenuItemID
ActivateKeyboardLayout
DefMDIChildProcA
DdeInitializeW
IsCharAlphaNumericA
InsertMenuItemW
CharLowerBuffW
GetDCEx
MapVirtualKeyA
DdeFreeDataHandle
SetMenuItemInfoA
SetDlgItemInt
InvalidateRect
wsprintfW
InsertMenuItemA
SetRect
SetPropA
EnumWindows
GetClipboardFormatNameA
BringWindowToTop
DdeUninitialize
InflateRect
VkKeyScanA
SystemParametersInfoA
AllowSetForegroundWindow
SetWindowsHookExW
GetMessageW
GetMenu
BeginDeferWindowPos
SetClassLongW
GetSystemMetrics

shlwapi

PathFileExistsA

kernel32

DosDateTimeToFileTime
GetModuleHandleA
FindFirstFileW
CreateEventA
GetLogicalDrives
GetWindowsDirectoryA
SearchPathW
lstrcmpiA
GetNumberFormatW
TlsSetValue
SizeofResource
ReadFile
ExitThread
GetStringTypeW
ExitProcess
SetEndOfFile
InterlockedIncrement
IsProcessorFeaturePresent
GetTempPathA
IsBadReadPtr
DuplicateHandle
GetStartupInfoA
FileTimeToLocalFileTime
DebugBreak
HeapFree
SetFileTime
BackupRead
ReleaseSemaphore
SetThreadPriority
FormatMessageW
GetDateFormatA
MoveFileA
GetSystemDefaultLangID
VerSetConditionMask
GetFullPathNameA
ExpandEnvironmentStringsA
IsBadWritePtr
GetLastError
_lread
CreateProcessA
InitializeCriticalSection
GetPrivateProfileStringA
lstrcatW
GlobalFindAtomW
GlobalDeleteAtom
InitializeCriticalSectionAndSpinCount
GetPrivateProfileIntW
SetErrorMode
GetFileAttributesW
GetModuleFileNameA
VerifyVersionInfoW
GetProcessTimes
lstrcatA
SetLastError
VirtualAlloc

gdi32

ExtCreateRegion
SetDIBits
GetLayout
GetTextFaceA
AbortDoc
SaveDC
GetBkMode
PlayEnhMetaFile
LineTo
CreatePen

version

VerQueryValueA

winspool.drv

EnumPortsA

advapi32

RevertToSelf
GetAclInformation
CryptHashData
RegSetValueExA
RegFlushKey

oleaut32

SafeArrayPutElement

comdlg32

GetOpenFileNameW
GetFileTitleW
GetFileTitleA

comctl32

ImageList_GetImageCount
ImageList_Write
ImageList_Create

ole32

GetHGlobalFromStream
CoTaskMemRealloc
StgOpenStorageOnILockBytes
CreateGenericComposite
WriteClassStm
CoTaskMemAlloc
CoMarshalInterface
CreateFileMoniker

shell32

SHGetPathFromIDListA
SHCreateDirectoryExW
SHGetFolderLocation
SHFileOperationA

msvcrt

_msize
wcstok
_snwprintf
_itoa
realloc
setlocale
_itow
wcstod
rand
wcstol
sprintf
fclose
_exit
wcsstr
_mbsrchr
tolower
_vsnwprintf
towupper
_wcsdup
_CxxThrowException
_wcsicmp
wcsspn
wcslen
strstr
floor
toupper
_wsplitpath
wcsncpy
_controlfp
_except_handler3
__set_app_type
__p__fmode
_vsnprintf
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

63c4665ea3c364c43a5564d60b5d2250

Headers

File Characteristics

Imports

user32

shlwapi

kernel32

gdi32

version

winspool.drv

advapi32

oleaut32

comdlg32

comctl32

ole32

shell32

msvcrt

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 52KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 11KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 52KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 11KB