b2aff3d9030a38ed428c13868d311176_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b2aff3d9030a38ed428c13868d311176_JaffaCakes118
Size

149KB
MD5

b2aff3d9030a38ed428c13868d311176
SHA1

1c795051794076365c9cd984c2120f5e334beee7
SHA256

c203f9f646ebb76b10ca0017d3799736a4c1cd1c035fc0d95da8bc4277098484
SHA512

9f43951823345c7d05fb01bb4c4138bac9c18d79271e9acc435e3c4faa471dbb93fd0d624f2e52e39e45687c5c61880487678d06d55daff247db9ced72e0c66e
SSDEEP

3072:q80T95An0i/eOTjbTwDHygVUIjUjwtKUOBcVKt8xc:q+n0YTjbmUIjUjw8O4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2aff3d9030a38ed428c13868d311176_JaffaCakes118

Files

b2aff3d9030a38ed428c13868d311176_JaffaCakes118
.exe windows:4 windows x86 arch:x86

95a77f15c95a76c8fc207cdac13a8287

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
CreateEventA
CreateEventW
CreateFileMappingA
CreateProcessA
DeleteFileW
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FindNextFileW
FindResourceA
FindResourceW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCommandLineA
GetDateFormatA
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileSize
GetFileTime
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetPrivateProfileStringA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetSystemDirectoryA
GetSystemInfo
GetThreadLocale
GetTickCount
GetVersion
GetVersionExW
GlobalDeleteAtom
GlobalFree
GlobalHandle
GlobalUnlock
HeapDestroy
HeapSize
InterlockedCompareExchange
InterlockedDecrement
IsDBCSLeadByte
LCMapStringW
LoadLibraryExA
LoadLibraryExW
LocalFileTimeToFileTime
LocalFree
MapViewOfFile
MoveFileA
OpenProcess
QueryPerformanceCounter
ReadFile
ResumeThread
RtlUnwind
SetEnvironmentVariableA
SetEvent
SetFilePointer
SetFileTime
SetStdHandle
SetThreadLocale
SetThreadPriority
TerminateThread
TlsAlloc
TlsFree
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
lstrcmpiW
lstrcpyA
lstrlenA

user32

AdjustWindowRectEx
CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CheckMenuItem
CloseClipboard
DefWindowProcA
DestroyMenu
DrawEdge
DrawIcon
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EnumWindows
FillRect
GetClassInfoA
GetClientRect
GetDCEx
GetDesktopWindow
GetDlgItem
GetForegroundWindow
GetKeyState
GetMenu
GetMenuItemCount
GetMenuState
GetMenuStringA
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSysColorBrush
GetWindow
GetWindowDC
GetWindowRect
InsertMenuItemA
IsIconic
IsRectEmpty
IsWindowVisible
IsZoomed
KillTimer
LoadBitmapA
LoadIconA
LoadStringA
MapWindowPoints
MessageBeep
MessageBoxA
OemToCharA
PtInRect
RedrawWindow
RegisterClassA
RegisterClipboardFormatA
ReleaseCapture
RemovePropA
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetFocus
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowPlacement
SetWindowsHookExA
ShowOwnedPopups
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
WindowFromPoint
wsprintfA

gdi32

CloseEnhMetaFile
CombineRgn
CopyMetaFileA
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBitmap
CreateEllipticRgn
CreateEnhMetaFileA
CreateFontIndirectW
CreateICW
CreateMetaFileW
CreatePen
DPtoLP
DeleteDC
EndDoc
EndPage
EnumFontFamiliesExA
EnumFontFamiliesW
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
GetBkMode
GetCharWidthA
GetClipBox
GetDIBits
GetEnhMetaFileBits
GetMapMode
GetObjectW
GetPixel
GetTextAlign
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
GetTextMetricsW
GetViewportOrgEx
InvertRgn
LPtoDP
MaskBlt
MoveToEx
OffsetRgn
PatBlt
PolyBezierTo
Polygon
Polyline
PolylineTo
SaveDC
ScaleWindowExtEx
SelectClipRgn
SetBkMode
SetEnhMetaFileBits
SetMapMode
SetTextJustification
StretchDIBits
TextOutA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
ExtractAssociatedIconW
ExtractIconA
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHFileOperationA
SHFileOperationW
SHGetFileInfo
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderPathA
ShellExecuteEx
Shell_NotifyIconA

comctl32

CreatePropertySheetPageW
CreateStatusWindowA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_SetOverlayImage
InitCommonControlsEx

advapi32

AddAccessAllowedAce
AdjustTokenPrivileges
CheckTokenMembership
CloseServiceHandle
ControlService
CopySid
CryptAcquireContextA
CryptCreateHash
CryptDestroyHash
CryptGenRandom
CryptHashData
CryptReleaseContext
DeleteService
DeregisterEventSource
EqualSid
GetLengthSid
GetSecurityDescriptorDacl
GetTokenInformation
GetUserNameA
InitializeSecurityDescriptor
LookupPrivilegeValueA
OpenSCManagerA
OpenServiceA
OpenServiceW
QueryServiceStatus
RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegFlushKey
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExA
RegSetValueExA
RegSetValueExW
RevertToSelf
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup

msvcrt

_CIpow
_Getmonths
__p__fmode
_close
_dup2
_get_osfhandle
_hypot
_mbschr
_read
_stati64
atan
fseek
getenv
getwc
isalpha
isxdigit
printf
strncat
strxfrm
wcstol

oleaut32

LoadTypeLib
RegisterTypeLib
SafeArrayAccessData
SafeArrayCreate
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SetErrorInfo
SysAllocStringByteLen
SysFreeString
SysStringByteLen
SysStringLen
VariantChangeType
VariantClear
VariantCopy
VariantCopyInd
VariantInit

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95a77f15c95a76c8fc207cdac13a8287

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

msvcrt

oleaut32

Sections

.text Size: 39KB - Virtual size: 39KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 84KB - Virtual size: 83KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 39KB - Virtual size: 39KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 84KB - Virtual size: 83KB

.rsrc
Size: 16KB - Virtual size: 16KB