a5e44ecce2713d2ee147c581c290a042_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5e44ecce2713d2ee147c581c290a042_JaffaCakes118
Size

300KB
MD5

a5e44ecce2713d2ee147c581c290a042
SHA1

ce379372115bbfe23a1c8456f66a1b5584be16c0
SHA256

ee5ea913d5ec537a69866f667dee9d8ca7c29d6938d244531a4404d49266434e
SHA512

c8a6f7391e0f32fe2711d5b35a71afb61b672ec0596a6362a68d6a350e4b2404b03409abb0667553ee2e239e8f049c387aa5cf3156c4ca62760581e705c991dd
SSDEEP

6144:V1+VtU2+Ec79hrD/N7WU7Tki56NDKITC06j0609:GtU2d49hf/N7j/8DfG06

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e44ecce2713d2ee147c581c290a042_JaffaCakes118

Files

a5e44ecce2713d2ee147c581c290a042_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c64e364715ba5930f40541fc56fdd9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

mixerClose
mixerGetLineControlsW
mixerGetLineInfoW
mixerSetControlDetails
mixerGetControlDetailsW
mixerOpen
waveOutClose
mixerGetID
waveOutOpen
mixerGetNumDevs

kernel32

HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
RtlUnwind
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetStartupInfoW
SetErrorMode
FindResourceExW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetStringTypeExW
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
VirtualQuery
VirtualProtect
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
LoadLibraryW
SetLastError
GlobalFree
FormatMessageW
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetProcAddress
GetVersionExA
WideCharToMultiByte
GetCurrentThreadId
lstrcpynW
lstrcmpiW
LoadLibraryExW
FreeLibrary
GetModuleHandleW
GetModuleFileNameW
lstrcmpW
lstrlenW
GetCurrentProcess
FlushInstructionCache
HeapAlloc
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetProcessHeap
HeapFree
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
MulDiv
InterlockedIncrement
InterlockedDecrement
GetVersionExW
GetLocaleInfoA
GetACP
InterlockedExchange
WaitForSingleObject
GetThreadLocale
SetThreadLocale
ReleaseMutex
CreateEventW
OpenEventW
Sleep
LocalAlloc
LocalFree
CreateMutexW
GetVersion
GetTickCount
CloseHandle
CreateFileW
ReadFileEx
GetLastError
SleepEx
CancelIo
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetSystemInfo
VirtualAlloc
TerminateProcess
ExitProcess
GlobalReAlloc
HeapReAlloc
HeapCreate

user32

CharUpperW
DeleteMenu
GetSysColorBrush
DestroyMenu
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
MapDialogRect
GetAsyncKeyState
GetMessageW
TranslateMessage
GetActiveWindow
ValidateRect
SetCursor
ClientToScreen
GrayStringW
DrawTextW
TabbedTextOutW
GetMenuStringW
InsertMenuW
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
IsWindowEnabled
MoveWindow
IsDialogMessageW
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetActiveWindow
DispatchMessageW
GetTopWindow
UnhookWindowsHookEx
GetMessagePos
LoadIconW
PeekMessageW
MessageBoxW
GetKeyState
IsWindowVisible
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
ScreenToClient
RegisterClassW
GetDlgCtrlID
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
GetClassInfoW
wsprintfW
CreateAcceleratorTableW
CharNextW
SetWindowPos
RedrawWindow
GetDlgItem
DestroyAcceleratorTable
IsChild
GetWindow
SetFocus
BeginPaint
EndPaint
CallWindowProcW
GetDesktopWindow
InvalidateRgn
SetCapture
ReleaseCapture
GetClassInfoExW
LoadCursorW
GetWindowTextLengthW
SetWindowTextW
GetWindowLongW
SetWindowLongW
DrawTextExW
InvertRect
FrameRect
DrawIconEx
RegisterClassExW
CreateWindowExW
DefWindowProcW
DestroyWindow
PostQuitMessage
GetLastActivePopup
KillTimer
SetTimer
GetCursorPos
LoadStringW
GetWindowTextW
GetMessageTime
FindWindowW
ShowWindow
SetForegroundWindow
LoadImageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
FindWindowExW
PostMessageW
SendInput
GetForegroundWindow
GetClassNameW
RegisterWindowMessageW
IsWindow
GetFocus
GetParent
UpdateWindow
ReleaseDC
GetDC
GetWindowRect
DrawEdge
FillRect
PtInRect
EnableWindow
InvalidateRect
GetClientRect
SendMessageW
InflateRect
GetSysColor
GetSystemMetrics
UnregisterClassW
MapWindowPoints

gdi32

EnumFontFamiliesExW
RestoreDC
SaveDC
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
Escape
ExtTextOutW
RectVisible
PtVisible
GetCurrentObject
BitBlt
GetBkColor
CreateCompatibleDC
GetObjectW
GetClipBox
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
CreateDIBSection
GdiFlush
SetMapMode
SetBkMode
TextOutW
MoveToEx
LineTo
GetStockObject
SelectObject
SetTextColor
SetBkColor
DeleteDC
CreateRectRgn
SelectClipRgn
DeleteObject
SetViewportOrgEx
OffsetViewportOrgEx
CreatePen
CreateFontIndirectW
GetTextExtentPoint32W

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

ConvertStringSidToSidW
SetSecurityDescriptorDacl
RegOpenKeyExA
RegQueryValueExA
InitializeAcl
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegEnumValueW
RegOpenKeyW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
AddAccessAllowedAce
RegQueryValueW
RegEnumKeyW

comctl32

ImageList_SetBkColor
ImageList_GetBkColor
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_LoadImageW
ImageList_DrawIndirect
PropertySheetW
DestroyPropertySheetPage
CreatePropertySheetPageW

shlwapi

SHSetValueW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

ole32

OleLockRunning
CoGetClassObject
CoUninitialize
CLSIDFromString
CoTaskMemFree
CoCreateInstance
CoInitialize
OleRun
CreateStreamOnHGlobal
OleInitialize
CoTaskMemAlloc
OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoTaskMemRealloc

oleaut32

SysStringLen
VariantChangeType
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysFreeString
SysAllocString
SysAllocStringLen

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW

hid

HidD_FreePreparsedData
HidP_GetCaps
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetHidGuid

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c64e364715ba5930f40541fc56fdd9d4

Headers

File Characteristics

Imports

version

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

ole32

oleaut32

setupapi

hid

Sections

.text Size: 188KB - Virtual size: 188KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 7KB - Virtual size: 35KB

.rsrc Size: 51KB - Virtual size: 54KB

.text
Size: 188KB - Virtual size: 188KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 7KB - Virtual size: 35KB

.rsrc
Size: 51KB - Virtual size: 54KB