946f3c8429f811df15abfdb60eb40692_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

946f3c8429f811df15abfdb60eb40692_JaffaCakes118
Size

259KB
MD5

946f3c8429f811df15abfdb60eb40692
SHA1

b967a182fbf0e3ae966d0fa756d0cfc6dcf6b57c
SHA256

090e5af7303bde4b8574fca4d95769379a6e4a615325874284f79c7a41c3ab9a
SHA512

5321ef51c2048e70cd12d96d8c0590558388e22f5299394b06e2d54f7002aacce5674e24546b3d8e9f2445d3e9dc4ed8cf964122c83edea785aeb0bbe35a0987
SSDEEP

6144:eqFw9mFEddBCQCuwHFknxqEJmKCOPLL4l6m9AiQR:e79LdAswHFkn8EJ/DLyABR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
946f3c8429f811df15abfdb60eb40692_JaffaCakes118

Files

946f3c8429f811df15abfdb60eb40692_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcf1c3906295e37b5d5461d5b3380fc8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
RegisterTypeLib
LoadTypeLib
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges

user32

GetKeyboardType
MessageBoxA
CharNextW
CreateWindowExW
WaitMessage
WaitForInputIdle
UnregisterClassW
TrackPopupMenu
ShowWindow
SetWindowTextW
SetWindowPos
SetWindowLongW
SetTimer
SetParent
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
RemoveMenu
RegisterWindowMessageW
RegisterClassW
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
MessageBoxW
MessageBeep
LoadIconW
LoadCursorW
LoadBitmapW
IsWindow
IsIconic
IsChild
InvalidateRect
InsertMenuItemW
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollPos
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetKeyboardLayout
GetKeyState
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetCursorPos
GetClassInfoW
GetCapture
GetActiveWindow
FindWindowW
EnumWindows
EnableWindow
EnableMenuItem
DestroyMenu
DestroyIcon
DestroyCursor
DefWindowProcW
CreatePopupMenu
CreateMenu
CheckMenuItem
CharLowerW
AppendMenuW
ActivateKeyboardLayout

kernel32

GetACP
GetSystemInfo
GetCurrentThreadId
SetCurrentDirectoryW
lstrlenW
lstrcpynW
GetThreadLocale
GetModuleHandleW
GetCurrentDirectoryW
FreeLibrary
RaiseException
LocalAlloc
lstrcpyW
lstrcmpW
WaitForSingleObject
SetErrorMode
RemoveDirectoryW
OpenMutexW
MulDiv
MoveFileW
LocalFree
LoadResource
IsBadWritePtr
GlobalFindAtomW
GlobalDeleteAtom
GetWindowsDirectoryW
GetUserDefaultLangID
GetSystemDirectoryW
GetShortPathNameW
GetLogicalDrives
GetLocalTime
GetExitCodeThread
GetDiskFreeSpaceW
GetDateFormatW
FindResourceW
FileTimeToSystemTime
EnumCalendarInfoW
CreateNamedPipeW
CreateMutexW
CreateEventW
CreateDirectoryW
CompareFileTime
BeginUpdateResourceW
GetProcAddress

msimg32

AlphaBlend

gdi32

RemoveFontResourceW
GetTextExtentPointW
GetStockObject
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePalette
CreateFontIndirectW
CreateDIBSection
CreateCompatibleDC
CreateBrushIndirect
CreateBitmap
AddFontResourceW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetOpenEnumW
WNetGetUniversalNameW
WNetGetConnectionW
WNetEnumResourceW
WNetCloseEnum

ole32

OleUninitialize
OleInitialize
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoUninitialize
CoInitialize
CoDisconnectObject

comctl32

InitializeFlatSB
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

shell32

ShellExecuteExW
ShellExecuteW
ExtractIconW
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

quartz

AMGetErrorTextA
DllGetClassObject

ssdpapi

SsdpStartup

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mpoY
Size: 1KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GA
Size: 5KB - Virtual size: 974KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.twCHEJ
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VVU
Size: 4KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MEAS
Size: 84KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 357KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iCpYj
Size: 124KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.s
Size: 4KB - Virtual size: 766KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcf1c3906295e37b5d5461d5b3380fc8

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

msimg32

gdi32

version

mpr

ole32

comctl32

shell32

comdlg32

quartz

ssdpapi

Sections

.text Size: 17KB - Virtual size: 17KB

.mpoY Size: 1KB - Virtual size: 79KB

.rdata Size: 6KB - Virtual size: 40KB

.GA Size: 5KB - Virtual size: 974KB

.twCHEJ Size: 1KB - Virtual size: 145KB

.VVU Size: 4KB - Virtual size: 135KB

.MEAS Size: 84KB - Virtual size: 94KB

.data Size: 6KB - Virtual size: 357KB

.iCpYj Size: 124KB - Virtual size: 167KB

.s Size: 4KB - Virtual size: 766KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 17KB

.mpoY
Size: 1KB - Virtual size: 79KB

.rdata
Size: 6KB - Virtual size: 40KB

.GA
Size: 5KB - Virtual size: 974KB

.twCHEJ
Size: 1KB - Virtual size: 145KB

.VVU
Size: 4KB - Virtual size: 135KB

.MEAS
Size: 84KB - Virtual size: 94KB

.data
Size: 6KB - Virtual size: 357KB

.iCpYj
Size: 124KB - Virtual size: 167KB

.s
Size: 4KB - Virtual size: 766KB

.rsrc
Size: 2KB - Virtual size: 1KB