9471b4ca4066c4852ddc14d95de15369_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9471b4ca4066c4852ddc14d95de15369_JaffaCakes118
Size

624KB
MD5

9471b4ca4066c4852ddc14d95de15369
SHA1

fc2234e778c05f76c902ed5df20306b387d93e26
SHA256

9650c86906fe4ffb98b7a0d8865a6a3a1f533951ecd7d99e2050b9b950eb84c6
SHA512

bac394706bbacce7d8cb801c91715c4092e3d027c6e797fbcc48212c8e8f36821f3c688f2441a1b26eb79c3d005a962dd0bb0888843d8670010d757cfbc15377
SSDEEP

6144:q4w9X9kfkTsgtx1L8s4vhDx4pS/kJp9dy6OIOWwhDv1yFHQDmPK562:q4cRTssxV8s45i59U6TxSDiUmPh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9471b4ca4066c4852ddc14d95de15369_JaffaCakes118

Files

9471b4ca4066c4852ddc14d95de15369_JaffaCakes118
.exe windows:4 windows x86 arch:x86

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW

comctl32

InitCommonControlsEx

kernel32

ReadFile
SetEndOfFile
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
CreateFileA
FlushFileBuffers
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
SetFilePointer
VirtualQuery
GetSystemInfo
VirtualProtect
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
GetCPInfo
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetStdHandle
CloseHandle
CompareStringA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
HeapSize
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
HeapReAlloc
LCMapStringW
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
HeapFree
DeleteFileA
MoveFileA
GetLastError
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
MultiByteToWideChar
GetProcAddress
GetFileAttributesA
FreeLibrary
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalReAlloc
GlobalFree
MulDiv
WideCharToMultiByte
GetModuleFileNameW
GetVersionExW
CompareStringW
SetEnvironmentVariableA
IsBadWritePtr

user32

CheckMenuItem
SetMenuDefaultItem
CreateWindowExW
DialogBoxParamW
GetClipboardOwner
OpenClipboard
CloseClipboard
RegisterClipboardFormatW
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
GetSystemMetrics
TrackPopupMenu
DestroyMenu
LoadMenuW
LoadBitmapW
GetMenuItemInfoW
GetMenuItemCount
GetMenuItemID
GetMenuState
CreateDialogParamW
GetMenuStringW
ModifyMenuW
FindWindowW
MessageBeep
GetMessageW
IsWindow
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnhookWindowsHookEx
MessageBoxA
PostQuitMessage
RegisterWindowMessageW
GetCursorPos
SetForegroundWindow
PostMessageW
GetMenuDefaultItem
SetWindowsHookExW
LoadIconW
UpdateWindow
BringWindowToTop
RegisterClassExW
SetCursor
GetSysColor
SetFocus
MessageBoxW
GetSystemMenu
LoadStringW
AppendMenuW
GetFocus
GetDlgCtrlID
DestroyWindow
EnableWindow
GetDesktopWindow
GetWindowRect
SetWindowPos
IntersectRect
IsWindowVisible
ScreenToClient
ShowWindow
SetWindowTextW
CallWindowProcW
InflateRect
DrawFrameControl
GetWindowTextW
DrawStateW
DrawFocusRect
GetClientRect
DestroyIcon
InvalidateRect
SetWindowLongW
DefWindowProcW
GetWindowLongW
GetDlgItem
LoadImageW
GetDC
GetTopWindow
GetWindow
ReleaseDC
SendMessageW
SendDlgItemMessageW
DestroyCursor
EndDialog
GetSubMenu

gdi32

CreateSolidBrush
ExtTextOutW
GetObjectW
CreateFontIndirectW
EnumFontFamiliesExW
SelectObject
Rectangle
GetTextExtentPoint32W
SetTextColor
GetStockObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC
SetBkColor
SetBkMode

shell32

ShellExecuteW

ukhook40

VnFileConvert
?VnConvGetOptions@@YAXPAU_VnConvOptions@@@Z
?VnConvResetOptions@@YAXPAU_VnConvOptions@@@Z
?getVnCharset@CVnCharsetLib@@QAEPAVVnCharset@@H@Z
?VnCharsetLibObj@@3VCVnCharsetLib@@A
?genConvert@@YAHAAVVnCharset@@0AAVByteInStream@@AAVByteOutStream@@@Z
VnConvert
?ModifyStatusIcon@@YAXXZ
?UkStoreKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@H@Z
?MsViMethodMapping@@3PAUUkKeyMapping@@A
?VIQRMethodMapping@@3PAUUkKeyMapping@@A
?VniMethodMapping@@3PAUUkKeyMapping@@A
?SimpleTelexMethodMapping@@3PAUUkKeyMapping@@A
?TelexMethodMapping@@3PAUUkKeyMapping@@A
?UkLoadKeyOrderMap@@YAHPBDPAUUkKeyMapPair@@PAH@Z
?getText@CMacroTable@@QAEPBIH@Z
?getKey@CMacroTable@@QAEPBIH@Z
?SetUnikeyOptions@@YAXPAU_UnikeyOptions@@H@Z
?SetOutputCharset@@YAHH@Z
?loadFromFile@CMacroTable@@QAEHPBD@Z
?writeToFile@CMacroTable@@QAEHPBD@Z
?addItem@CMacroTable@@QAEHPBX0H@Z
?resetContent@CMacroTable@@QAEXXZ
?UnikeyLoadMacro@@YAXPBD@Z
?UnikeyLoadUserKeyMap@@YAHPBD@Z
?init@CMacroTable@@QAEXXZ
?SetUnikeyReady@@YAXXZ
?SetInputMethod@@YAHW4UkInputMethod@@@Z
?EnableUnikey@@YAXH@Z
?SetUnikeySysInfo@@YAXPAU_UnikeySysInfo@@@Z
?InitUkHook@@YAXXZ
?MyMouseHook@@YGJHIJ@Z
?MyKeyHook@@YGJHIJ@Z
?SetSwitchKey@@YAXH@Z
?RecreateStatusIcon@@YAXXZ
?SwitchMode@@YAXXZ
?DeleteStatusIcon@@YAXXZ
?IsVietnamese@@YAHXZ
?GetVietHookDll@@YAPAUHINSTANCE__@@XZ
?VnConvSetOptions@@YAXPAU_VnConvOptions@@@Z

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

956c3a69e736592bf540c6af55c9e737

Headers

File Characteristics

Imports

comdlg32

advapi32

comctl32

kernel32

user32

gdi32

shell32

ukhook40

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 196KB

.rsrc Size: 456KB - Virtual size: 454KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 196KB

.rsrc
Size: 456KB - Virtual size: 454KB