957a32ae4683e9577ab31f507e299c1c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

957a32ae4683e9577ab31f507e299c1c_JaffaCakes118
Size

1.2MB
MD5

957a32ae4683e9577ab31f507e299c1c
SHA1

46159a09306095780babfe24e3398ba2eb9fc303
SHA256

591b969ab81e2aa65e447493119d13b13f8c236fa8a4e8baec3df7cbc1ac78db
SHA512

7e8c99dfa595f9f5aa766f8077ec232886f5030fae2b4280ab00142d172c4471247832a4e91969790764d26f4259254c588b82d2c9002cee4f6322a0433bff8c
SSDEEP

24576:hFayvUf31u6GqFw+GSgUZJmttWde1QxeU/Lt:zarhfmttnBU/Lt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
957a32ae4683e9577ab31f507e299c1c_JaffaCakes118

Files

957a32ae4683e9577ab31f507e299c1c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

078724fecd01d060fb6b0b141cabd494

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

TerminateProcess
CreateThread
ExitProcess
ExitThread
GetACP
HeapReAlloc
RaiseException
GetCommandLineA
GetStartupInfoA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapSize
GetEnvironmentVariableA
HeapDestroy
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FindNextFileA
SetEnvironmentVariableA
GetTimeZoneInformation
RtlUnwind
GetOEMCP
FindResourceExA
GetCurrentDirectoryA
LocalReAlloc
GetCPInfo
TlsGetValue
GlobalHandle
TlsSetValue
TlsFree
SetErrorMode
TlsAlloc
LocalAlloc
GetFileAttributesA
GetFileTime
LeaveCriticalSection
GetProcessVersion
EnterCriticalSection
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
CreateMutexA
ReleaseMutex
UnhandledExceptionFilter
FreeEnvironmentStringsA
ReadFile
SetFilePointer
QueryPerformanceFrequency
QueryPerformanceCounter
WriteFile
lstrcmpiA
GetLastError
WaitForSingleObject
CreateEventA
ResetEvent
DeviceIoControl
GetLogicalDrives
GetDriveTypeA
QueryDosDeviceA
CreateFileA
CloseHandle
GetProcAddress
GetSystemDirectoryA
GetVersionExA
GetModuleFileNameA
CopyFileA
GetTickCount
GetSystemTime
GetTempPathA
GlobalLock
GlobalUnlock
HeapFree
GetProcessHeap
HeapAlloc
Sleep
GlobalSize
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalReAlloc
GlobalFree
CompareStringA
CompareStringW
VirtualProtect
InterlockedExchange
GetSystemInfo
GetDiskFreeSpaceA
SetCurrentDirectoryA
GetProfileStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
lstrcmpA
GetCurrentThread
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetThreadLocale
GetFullPathNameA
FindFirstFileA
FindClose
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
MulDiv
SetLastError
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
FormatMessageA
SizeofResource
GetSystemDefaultLangID
FindResourceA
LoadResource
LockResource
WideCharToMultiByte
MultiByteToWideChar
GetLocaleInfoA
lstrcpynA
GetVolumeInformationA
GlobalMemoryStatus
OpenProcess
GetLocalTime
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetCurrentProcessId
GetFileSize
GetEnvironmentStrings

user32

CopyAcceleratorTableA
CharNextA
GetNextDlgGroupItem
WindowFromPoint
GetAsyncKeyState
DestroyMenu
MapDialogRect
SetWindowContextHelpId
GetMessageA
ValidateRect
GetCursorPos
PostQuitMessage
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckRadioButton
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
GetCapture
GetClassInfoA
RegisterClassA
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
CharUpperA
IntersectRect
EndPaint
BeginPaint
GetDesktopWindow
CopyIcon
GetParent
IsWindow
MessageBeep
DestroyCursor
WinHelpA
GetKeyState
PostMessageA
IsChild
SystemParametersInfoA
SetRect
AdjustWindowRect
LoadStringA
GetSysColorBrush
CopyRect
GetWindow
IsMenu
ScreenToClient
FillRect
GetFocus
DrawEdge
RegisterWindowMessageA
GrayStringA
DrawTextA
TabbedTextOutA
RemoveMenu
SetCursor
UpdateWindow
PostThreadMessageA
RegisterClipboardFormatA
GetClassNameA
RedrawWindow
MsgWaitForMultipleObjects
DispatchMessageA
PeekMessageA
TranslateMessage
LoadImageA
MessageBoxA
wsprintfA
GetSysColor
DrawStateA
EnableMenuItem
InvalidateRect
IsIconic
DrawIcon
LoadBitmapA
GetSystemMenu
AppendMenuA
GetMenu
GetSubMenu
GetMenuItemCount
GetMenuStringA
GetMenuItemID
ModifyMenuA
LoadCursorA
LoadIconA
EnableWindow
KillTimer
SetTimer
ClientToScreen
ReleaseCapture
SetWindowPos
SetCapture
PtInRect
GetPropA
SetPropA
SetWindowLongA
GetWindowLongA
GetSystemMetrics
CallWindowProcA
GetWindowDC
DrawFrameControl
InflateRect
OffsetRect
DrawIconEx
SendMessageA
GetWindowRect
IsRectEmpty
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDC
GetClientRect
ReleaseDC
GetNextDlgTabItem
GetWindowPlacement
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode
UnregisterClassA

gdi32

CreateDIBitmap
CreateRectRgn
GetBitmapBits
DeleteObject
GetTextFaceA
SaveDC
RestoreDC
SelectPalette
SetViewportOrgEx
OffsetViewportOrgEx
GetTextExtentPointA
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
IntersectClipRect
MoveToEx
LineTo
Escape
ExtTextOutA
GetViewportExtEx
GetWindowExtEx
PatBlt
GetTextColor
LPtoDP
EnumFontFamiliesExA
PtVisible
GetBkColor
RectVisible
CreateFontIndirectA
SetTextColor
GetStockObject
Ellipse
SetTextAlign
SetPixel
GetTextExtentPoint32A
CreatePen
TextOutA
Rectangle
SetBkMode
CreateSolidBrush
CreateBitmap
GetMapMode
DPtoLP
SetBkColor
DeleteDC
SetMapMode
CombineRgn
GetDeviceCaps
CreateRectRgnIndirect
CreatePalette
RealizePalette
GetSystemPaletteEntries
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
BitBlt
GetObjectA
SelectObject
GetCurrentObject
CreateFontA

comdlg32

GetFileTitleA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegQueryValueA

shell32

SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

comctl32

ImageList_GetBkColor
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_GetImageInfo
ord17
ImageList_Remove
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_Create
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_DrawIndirect

oledlg

ord8

ole32

OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal

olepro32

ord253

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 580KB - Virtual size: 577KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 412KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

078724fecd01d060fb6b0b141cabd494

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 580KB - Virtual size: 577KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 92KB - Virtual size: 1.7MB

.rsrc Size: 412KB - Virtual size: 412KB

.text
Size: 580KB - Virtual size: 577KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 92KB - Virtual size: 1.7MB

.rsrc
Size: 412KB - Virtual size: 412KB