78c88adee36532585c7b5bb46b8ef2d3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

78c88adee36532585c7b5bb46b8ef2d3_JaffaCakes118
Size

486KB
MD5

78c88adee36532585c7b5bb46b8ef2d3
SHA1

b5b87a7eea3108af66b79f6e0f8dee1f43bb49ef
SHA256

d96226946f7f296f018314a7656cc62b3f809894f4f0796c1826e8e7986d6fda
SHA512

7c90f8c24ee93df4eaa6463a5afa37ddbdccb3efbe076f3312a9377b88a714949d4920688b10bd649f26074dedc532573a791b83b356679b4be3e6a23dfc13bc
SSDEEP

12288:5jD1tySQy6WSWkQh76PaX5oMdKg308L9yE:J1tySQy6Wt6PaaQKX8L4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78c88adee36532585c7b5bb46b8ef2d3_JaffaCakes118

Files

78c88adee36532585c7b5bb46b8ef2d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ed316d3da8c4554f1b755b00e6fbed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\joe.pdb

Imports

user32

SetParent
GetClassInfoExW
IsWindowEnabled
DrawTextW
ClientToScreen
GetCursorPos
InvalidateRgn
ReleaseDC
LoadIconW
LoadImageW
GetMenuItemCount
SetWindowPos
InflateRect
CreateAcceleratorTableW
RedrawWindow
RemoveMenu
MessageBoxW
DefWindowProcW
GetSysColor
GetWindowDC
DestroyWindow
ChildWindowFromPoint
CreateWindowExW
InsertMenuW
IntersectRect
LoadCursorW
FillRect
DrawEdge
GetIconInfo
RegisterClassExW
RegisterClassW
LoadBitmapW
ShowWindow
PostQuitMessage
GetKeyState
SetClassLongW
GetWindowLongW
GetMonitorInfoW
GetSystemMetrics
SetTimer
FindWindowW
MoveWindow
SetWindowPlacement
IsWindow

gdi32

GetPixel
OffsetViewportOrgEx
CreateSolidBrush
StretchBlt
ScaleViewportExtEx
GetWindowExtEx
StrokePath
BitBlt
SetTextAlign
SetMapMode
SetROP2
CreateCompatibleBitmap
EndDoc
TextOutW
Rectangle
EqualRgn
GetObjectW
EndPage
ScaleWindowExtEx
SelectObject
CreateCompatibleDC
StartPage
GetTextMetricsA
SetTextColor
CreateDIBSection
GetDIBits
DeleteDC
RestoreDC
GetDeviceCaps
SetWindowOrgEx
CreateRectRgn
SetWorldTransform
PtInRegion
DeleteObject
SaveDC
SetBkMode
CreateDCW

advapi32

RegSetValueA
RegOpenKeyA
RegCreateKeyExA
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey

comctl32

InitCommonControlsEx
ImageList_DragShowNolock
ImageList_Draw
ImageList_Remove
_TrackMouseEvent

ole32

OleRegGetMiscStatus
StgIsStorageILockBytes
OleSetClipboard
StgOpenStorageOnILockBytes
OleRegEnumVerbs
GetClassFile
GetRunningObjectTable
WriteClassStm
CoTreatAsClass
CoFreeUnusedLibraries
CoLockObjectExternal
OleQueryCreateFromData
OleRun
SetConvertStg
StgCreateDocfileOnILockBytes
CoGetMalloc
CLSIDFromProgID
CreateOleAdviseHolder
CoGetClassObject
DoDragDrop
CoDisconnectObject
OleCreateStaticFromData
CLSIDFromString
CreateILockBytesOnHGlobal
OleUninitialize
OleLockRunning
OleGetClipboard
ReadFmtUserTypeStg
WriteFmtUserTypeStg
CoTaskMemAlloc
ReadClassStg
OleQueryLinkFromData
CreateItemMoniker
CoRevokeClassObject

kernel32

GetEnvironmentVariableW
EnterCriticalSection
GetEnvironmentStrings
lstrcpyW
ExitProcess
GetModuleFileNameW
FreeEnvironmentStringsW
IsValidLocale
CompareStringW
LoadResource
CreateMutexA
GetLocalTime
TlsFree
InterlockedExchange
GetLocaleInfoW
HeapFree
Sleep
GetFullPathNameW
MoveFileW
SetEndOfFile
RtlUnwind
SetFilePointer
WriteConsoleW
WaitForSingleObject
GetUserDefaultLCID
GetOEMCP
GetProcAddress
GlobalLock
SetConsoleCtrlHandler
SetStdHandle
GetCurrentDirectoryA
GetEnvironmentStringsW
IsProcessorFeaturePresent
FreeLibrary
GetStartupInfoW
GetCurrentProcessId
WriteFile
GetCommandLineW
GetSystemTime
GetSystemTimeAsFileTime
HeapAlloc
LoadLibraryA
OutputDebugStringW
WideCharToMultiByte
GetStartupInfoA
ExitThread
lstrcmpiA
CloseHandle
VirtualQuery
VirtualFree
CreateMutexW
IsValidCodePage
GetACP
SetThreadPriority
GetModuleHandleA
GetDateFormatA
ReadFile
GetModuleHandleW
GetConsoleCP
GetTimeFormatA
FindFirstFileW
RaiseException
HeapSize
GetStdHandle
HeapCreate
UnmapViewOfFile
GetFileTime
SetEnvironmentVariableA
CreateThread
GetStringTypeA
LCMapStringW
GlobalAlloc
GetModuleFileNameA
SetEvent
FreeEnvironmentStringsA
lstrcmpW
SizeofResource
GetCurrentThreadId
CompareStringA
GetVersionExA
TlsAlloc
CreateFileW
MultiByteToWideChar
InterlockedDecrement
lstrcmpiW
GetLocaleInfoA
GetFileAttributesA
lstrlenA
IsDebuggerPresent
InterlockedCompareExchange
GetConsoleMode
LCMapStringA
GetStringTypeW
GetProcessHeap
LeaveCriticalSection
InitializeCriticalSection
MapViewOfFile
GlobalFree
DeleteCriticalSection
FileTimeToLocalFileTime
lstrcpynW
VirtualAlloc
GetTempPathA
TlsSetValue
GetTickCount
FindNextFileA
FindClose
CreateProcessW
CreateFileA
WriteConsoleA
FatalAppExitA
TlsGetValue
GetCurrentProcess
GetLastError
lstrcmpA
GetDriveTypeA
GetFileType
GetCommandLineA
SetUnhandledExceptionFilter
FindNextFileW
InterlockedIncrement
GetCurrentThread
LocalFree
SetHandleCount
GetTimeZoneInformation
UnhandledExceptionFilter
MulDiv
QueryPerformanceCounter
TerminateProcess
SetLastError
FormatMessageA
HeapDestroy
FlushFileBuffers
DeleteFileA
HeapReAlloc
GetConsoleOutputCP
GetCPInfo

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ed316d3da8c4554f1b755b00e6fbed3

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

advapi32

comctl32

ole32

kernel32

Sections

.text Size: 119KB - Virtual size: 118KB

.rdata Size: 259KB - Virtual size: 259KB

.data Size: 67KB - Virtual size: 90KB

.rsrc Size: 39KB - Virtual size: 39KB

.text
Size: 119KB - Virtual size: 118KB

.rdata
Size: 259KB - Virtual size: 259KB

.data
Size: 67KB - Virtual size: 90KB

.rsrc
Size: 39KB - Virtual size: 39KB