747c7540bfdd083972d47b13e2f64fe0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

747c7540bfdd083972d47b13e2f64fe0_JaffaCakes118
Size

867KB
MD5

747c7540bfdd083972d47b13e2f64fe0
SHA1

4069b2595b61b1c5d56a21cd92e1453256fa2c77
SHA256

1c3a77a37d0e9344e5a7cdde97fee6433215433e34310002e4f9872109691ad5
SHA512

d290288c7b6cb521a90a17c6352de484463903b61c6d8c828af3735b1ae57e47e5e088b48d52499fc36eea0e6e4f6bb80ecc83d35b3571a3f9faf81202c8ff9b
SSDEEP

24576:dw/iK8YAxDY7EWyEPpp363MdLBlPa4t8m3Ljiw:k3/V33RRm4t8qX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
747c7540bfdd083972d47b13e2f64fe0_JaffaCakes118

Files

747c7540bfdd083972d47b13e2f64fe0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c128d1d3767eaecf39ffaa34e778ed1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateMutexW
GetExitCodeThread
LockResource
GetProcAddress
QueryPerformanceCounter
GetVersionExW
MulDiv
GetCurrentProcessId
HeapAlloc
TerminateProcess
Sleep
WaitForMultipleObjects
FindResourceExW
WaitForSingleObject
SystemTimeToFileTime
SetCurrentDirectoryW
GetCurrentThreadId
HeapCreate
GetBinaryTypeW
GetTickCount
LoadResource
HeapFree
CreateEventW
FileTimeToSystemTime
GetUserDefaultLCID
OpenEventW
FindResourceA
GetStartupInfoW
InitializeCriticalSection
lstrlenW
CreateThread
lstrcmpiW
SetLastError
CloseHandle
DelayLoadFailureHook
EnterCriticalSection
CreateIoCompletionPort
GetSystemDirectoryW
HeapReAlloc
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
VirtualAlloc
lstrlenA
HeapDestroy
CompareStringW
OutputDebugStringA
GetModuleHandleW
GetUserDefaultUILanguage
LeaveCriticalSection
HeapSize
ProcessIdToSessionId
GetCurrentThread
GetQueuedCompletionStatus
FlushInstructionCache
GetSystemInfo
LoadLibraryExA
FindResourceW
FreeLibrary
VirtualFree
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResumeThread
RaiseException
ExitProcess
GetSystemTimeAsFileTime
LoadLibraryW
TerminateThread
HeapSetInformation
LocalFree
LoadLibraryA
LocalAlloc
LoadLibraryExW
PostQueuedCompletionStatus
OpenProcess
GetProcessHeap
FormatMessageW
ReleaseMutex
ExpandEnvironmentStringsW
MultiByteToWideChar
GetSystemTime
GetLastError
ResetEvent
GetSystemWindowsDirectoryW
GetVersionExA
SizeofResource
SetEvent
DeleteCriticalSection

user32

IsWindowEnabled
GetFocus
LoadMenuW
MoveWindow
TranslateAcceleratorW
LoadCursorW
CheckDlgButton
UnregisterClassA
LoadStringW
LoadAcceleratorsW
KillTimer
SetWindowLongW
GetMenu
DefWindowProcW
CreateWindowExW
SetWindowTextW
GetWindowLongW
IsDlgButtonChecked
IsWindowVisible
GetClassNameW
DestroyIcon
SetCursor
EnumChildWindows
TranslateMessage
TrackPopupMenuEx
ShowWindow
GetDC
AdjustWindowRectEx
CharNextW
EnableWindow
ReleaseDC
GetProcessDefaultLayout
RegisterClassExW
DestroyMenu
SetWindowPos
GetSystemMetrics
GetSysColor
DestroyWindow
SendMessageW
InvalidateRect
GetMonitorInfoW
IsIconic
LockWindowUpdate
PostMessageW
IsZoomed
PostQuitMessage
GetClassInfoExW
GetKeyState
GetWindowPlacement
GetSysColorBrush
ClientToScreen
SetFocus
CharLowerBuffW
CheckMenuRadioItem
GetDlgItem
GetSubMenu
GetClientRect
GetWindowThreadProcessId
GetMessageW
CallWindowProcW
SystemParametersInfoW
MonitorFromRect
SetTimer
DeleteMenu
GetWindowRect
TrackMouseEvent
DispatchMessageW
EnableMenuItem
GetShellWindow
MonitorFromPoint
IsWindow
BringWindowToTop
GetParent
SetActiveWindow

gdi32

GetDeviceCaps
AbortDoc
GetTextExtentPointA
StartDocA
GetStockObject
StartPage
DeleteDC
EndPage
SetMapMode
TextOutA
SelectObject
EndDoc
SetBkColor
StretchBlt
DeleteObject
ExtTextOutA
CreateFontA
CreateCompatibleDC
CreateSolidBrush
SetBkMode
GetTextMetricsA
SetTextColor
CreateFontIndirectA
SetAbortProc
CreateCompatibleBitmap
GetObjectA
GetTextExtentPoint32A

advapi32

OpenProcessToken
RegOpenKeyA
AdjustTokenPrivileges
StartServiceA
LookupPrivilegeValueA
DeleteService
InitializeSecurityDescriptor
RegDeleteValueA
RegDeleteKeyA
OpenServiceA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
RegCreateKeyA
CloseServiceHandle
RegCloseKey
CreateServiceA
QueryServiceStatus
OpenSCManagerA
ControlService
RegOpenKeyExA

shell32

ShellExecuteExA
SHBrowseForFolderA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderLocation

ole32

CoResumeClassObjects
CoRevertToSelf
CoInitializeSecurity
CoUninitialize
OleGetClipboard
CoRegisterClassObject
CoRevokeClassObject
CoImpersonateClient
PropVariantClear
OleUninitialize
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleInitialize
CoTaskMemRealloc
StringFromCLSID
CoGetClassObject

oleaut32

SysAllocString
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetUBound
VariantClear
VariantCopyInd
SysStringLen
SysAllocStringByteLen
SafeArrayDestroy
VariantInit
GetErrorInfo
SafeArrayUnlock
VarUI4FromStr
VarBstrCmp
SysFreeString
VariantCopy
SysAllocStringLen
SafeArrayCreate
LoadRegTypeLi
VarBstrCat
SafeArrayRedim
LoadTypeLi
SysStringByteLen
DispCallFunc

comctl32

ImageList_Add

shlwapi

SHStrDupW
UrlUnescapeW
ColorHLSToRGB
UrlEscapeW

rpcrt4

UuidToStringA
UuidCreateNil
UuidCreate
UuidFromStringA
UuidIsNil
RpcStringFreeA

wldap32

ord22
ord197

gdiplus

GdiplusStartup

msvcrt

malloc

Sections

.text
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textg
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c128d1d3767eaecf39ffaa34e778ed1b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

rpcrt4

wldap32

gdiplus

msvcrt

Sections

.text Size: 187KB - Virtual size: 186KB

.rdata Size: 378KB - Virtual size: 378KB

.data Size: 132KB - Virtual size: 5.4MB

.textg Size: 146KB - Virtual size: 146KB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 57B

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 187KB - Virtual size: 186KB

.rdata
Size: 378KB - Virtual size: 378KB

.data
Size: 132KB - Virtual size: 5.4MB

.textg
Size: 146KB - Virtual size: 146KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 57B

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 7KB