a6f6b241eb4c53041785d121bafe5512_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a6f6b241eb4c53041785d121bafe5512_JaffaCakes118
Size

470KB
MD5

a6f6b241eb4c53041785d121bafe5512
SHA1

e2a66539458606821b42a51d72c6f3a2fdd8acd2
SHA256

3393a053940acbed2b65beb768cb871290d6840558c3fb6feee11be6fbdcef30
SHA512

53b80c28629e4b355d9dad5172b0c1663e8be858df74e398dc25d7b28c9322fa1c2abe39815fe7ca22fa6604ac4e4a8ad8bcddc5eb254d3cb3fa5ce7b50373f7
SSDEEP

6144:Dx8QDGj2o9oGej8ppVLsEpOjtY93K2gVeydbV5uxw1q1kszcJnNRNzYqJAv8rEeC:TaYj8ppuEYjtUgVjXAFksoVpzYf8IP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6f6b241eb4c53041785d121bafe5512_JaffaCakes118

Files

a6f6b241eb4c53041785d121bafe5512_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4d32b3f2ef5e3f51a48a8707bbf1a67d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
lstrcatA
GetTempFileNameA
HeapDestroy
InterlockedExchange
GetStartupInfoA
CreateMutexA
TerminateThread
CreateThread
GetFullPathNameA
GetDiskFreeSpaceA
GetEnvironmentVariableA
CompareStringA
lstrcmpiA
GetWindowsDirectoryA
GetShortPathNameA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
GetPrivateProfileIntA
WritePrivateProfileStringA
SizeofResource
WideCharToMultiByte
GetSystemDirectoryA
TerminateProcess
GetLastError
Sleep
InitializeCriticalSection
DeleteCriticalSection
lstrlenW
GlobalAlloc
lstrlenA
GlobalHandle
GlobalFree
FreeResource
GetModuleHandleA
ReadFile
GlobalLock
GlobalUnlock
GetPrivateProfileStringA
GetLocalTime
lstrcpynA
lstrcpynW
MulDiv
lstrcmpA
GetCurrentProcessId
GetLogicalDrives
GetCurrentProcess
FlushInstructionCache
lstrcpyA
SetLastError
OutputDebugStringA
DebugBreak
InterlockedDecrement
FindResourceA
LoadResource
LockResource
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
FindFirstFileA
FindNextFileA
FindClose
MultiByteToWideChar
CopyFileA
CreateDirectoryA
GetTempPathA
CreateFileA
WriteFile
CloseHandle
InterlockedIncrement
RemoveDirectoryA
SetFileAttributesA
DeleteFileA
GetSystemDefaultLangID
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleFileNameA
GetVersionExA

user32

CreateAcceleratorTableA
GetDesktopWindow
IsChild
CreateDialogIndirectParamA
CheckMenuItem
CreatePopupMenu
DestroyWindow
RegisterClipboardFormatA
GetWindowTextLengthA
IsDialogMessageA
SetTimer
KillTimer
AppendMenuA
InvalidateRgn
EndPaint
GetDlgCtrlID
GetScrollPos
MoveWindow
IsRectEmpty
IntersectRect
GetDC
BeginPaint
DrawFrameControl
SetWindowTextA
GetDlgItem
LoadMenuA
GetWindowPlacement
EnumWindows
MonitorFromPoint
GetMonitorInfoA
SetRectEmpty
FrameRect
DrawEdge
GetSysColor
GetSysColorBrush
GetClassNameA
CallNextHookEx
IsMenu
RegisterWindowMessageA
TrackPopupMenuEx
ModifyMenuA
PostQuitMessage
LoadIconA
TranslateAcceleratorA
SetMenu
GetMenu
SetWindowPlacement
DeleteMenu
SetForegroundWindow
CharUpperA
InsertMenuItemA
InsertMenuA
LoadStringW
GetMenuStringA
SetMenuDefaultItem
DrawAnimatedRects
DestroyIcon
MenuItemFromPoint
RemovePropA
GetPropA
SetPropA
GetMenuItemID
DialogBoxIndirectParamA
SetCursor
LoadAcceleratorsA
GetMessageA
GetParent
EndDialog
EnableWindow
SendMessageA
LoadImageA
GetSystemMetrics
SetWindowPos
ScreenToClient
GetWindowRect
SetWindowLongA
GetWindowLongA
wsprintfA
GetWindowTextA
MessageBoxA
DialogBoxParamA
GetActiveWindow
CharLowerA
TranslateMessage
DispatchMessageA
EnableMenuItem
FindWindowExA
DrawFocusRect
RemoveMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIcon
InflateRect
GetMessagePos
WindowFromPoint
InvalidateRect
GetKeyState
GetWindowThreadProcessId
GetMenuItemCount
GetMenuItemInfoA
SetMenuItemInfoA
IsWindowEnabled
MessageBeep
UnhookWindowsHookEx
SetWindowsHookExA
DestroyMenu
GetMenuDefaultItem
GetCapture
GetSystemMenu
TrackPopupMenu
FillRect
OffsetRect
LoadBitmapA
GetSubMenu
PeekMessageA
PtInRect
ReleaseDC
IsWindow
GetWindowDC
DrawTextA
CallWindowProcA
CreateDialogParamA
GetClassInfoExA
LoadCursorA
RegisterClassExA
GetAsyncKeyState
GetFocus
CopyRect
GetCursorPos
SetCapture
IsWindowVisible
ReleaseCapture
DefWindowProcA
SetFocus
UpdateWindow
RedrawWindow
SetClassLongA
ClientToScreen
PostMessageA
SetParent
ShowWindow
LoadStringA
CharNextA
wvsprintfA
CreateWindowExA
GetWindow
SystemParametersInfoA
GetClientRect
MapWindowPoints
GetClipboardData

gdi32

GetTextExtentPoint32A
GetClipBox
LPtoDP
GetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateBitmap
CreatePatternBrush
SetTextColor
SetBkColor
SetBrushOrgEx
SetBkMode
DeleteDC
SelectObject
DeleteObject
ExcludeClipRect
OffsetWindowOrgEx
RestoreDC
CreateSolidBrush
ExtTextOutA
SaveDC
GetDeviceCaps
PatBlt
CreateDIBSection
CreateDCA
StretchBlt
SetStretchBltMode
GetPixel
DPtoLP
SetWindowOrgEx
GetStockObject
GetObjectA
CreateFontIndirectA

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey

shell32

SHAppBarMessage
DragFinish
SHFileOperationA
ord21
ord2
ord4
SHBrowseForFolderA
ord25
ShellExecuteExA
ord17
ord16
ord155
ord189
ExtractIconExA
ord68
SHGetSettings
DragQueryFileA
ord18
SHGetDesktopFolder
SHGetMalloc
DragAcceptFiles
SHGetFileInfoA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA
Shell_NotifyIconA

ole32

CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CLSIDFromString
ReleaseStgMedium
RegisterDragDrop
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
DoDragDrop

oleaut32

VariantInit
OleCreateFontIndirect
VariantClear
SysStringLen
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysFreeString

msvcrt

_chdir
_mbscmp
_mbsrchr
??3@YAXPAX@Z
??2@YAPAXI@Z
_mbschr
_mbsstr
wcslen
_ismbcdigit
atoi
_ismbcspace
memmove
_fullpath
realloc
free
fclose
fwrite
fopen
_purecall
time
exit
_ftol
fread
rand
malloc
calloc
sprintf
_except_handler3
toupper
clock
_mbsicmp
__dllonexit
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_controlfp
strrchr
_mbsrev
__p__commode

comctl32

ImageList_SetBkColor
_TrackMouseEvent
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ord6
ImageList_GetIcon
InitCommonControlsEx
ImageList_Destroy
ord8
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Draw
ImageList_Create
ImageList_ReplaceIcon
ImageList_LoadImageA

shlwapi

PathRelativePathToA

winmm

PlaySoundA

Sections

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 307KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4d32b3f2ef5e3f51a48a8707bbf1a67d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

msvcrt

comctl32

shlwapi

winmm

Sections

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 307KB - Virtual size: 320KB

.rsrc Size: 148KB - Virtual size: 152KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 307KB - Virtual size: 320KB

.rsrc
Size: 148KB - Virtual size: 152KB