b3377657947287fabb21e7c10d574071_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b3377657947287fabb21e7c10d574071_JaffaCakes118
Size

271KB
MD5

b3377657947287fabb21e7c10d574071
SHA1

b845ca0e197b53e436eac0abd7a2f2059475c200
SHA256

3ff7c2d612c9cdd4f858724bec37996561f9ab3702a0930e15087773921818e4
SHA512

2e58db6760cb1edf3f658fdcd08c71cd97d37b638a31757bfb1f408c40bce53593b718d2d27e6e437c187d440e7dd50a35d739b3c9ef6e648ad1886480f40711
SSDEEP

6144:VpdTLa57oL272hloAsPuTzK0YjcVQWvoUc:V65737AgWTtYUQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3377657947287fabb21e7c10d574071_JaffaCakes118

Files

b3377657947287fabb21e7c10d574071_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5573e9b240ce8a403c093a151e5d8d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

user32

IsIconic
DispatchMessageW
DrawTextExW
DrawTextW
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
CharUpperW
CheckMenuItem
ClientToScreen
CopyAcceleratorTableW
CopyRect
CreateDialogIndirectParamW
CreateWindowExW
DefWindowProcW
DestroyMenu
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EqualRect
GetActiveWindow
GetCapture
WinHelpW
ValidateRect
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TabbedTextOutW
SystemParametersInfoA
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowLongW
SetWindowContextHelpId
SetRect
SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
GetClassInfoExW
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
InSendMessage
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
DestroyWindow

wininet

HttpSendRequestW
InternetCloseHandle
InternetConnectW
InternetGetLastResponseInfoW
InternetOpenW
InternetReadFile

ole32

CoGetClassObject
CoInitializeEx
CoRegisterMessageFilter
CoRevokeClassObject
CoTaskMemAlloc
CoFreeUnusedLibraries
CoUninitialize
CreateILockBytesOnHGlobal
HENHMETAFILE_UserUnmarshal
OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
CoTaskMemFree
CLSIDFromProgID
StgOpenStorageOnILockBytes

oledlg

OleUIBusyW

gdi32

SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkMode
SelectObject
ScaleWindowExtEx
SaveDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetTextColor
StretchBlt
GetRgnBox
GetObjectW
GetMapMode
GetDeviceCaps
GetClipBox
GetCharABCWidthsA
GetBkColor
ExtTextOutW
Escape
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
GetStockObject
TextOutW
OffsetViewportOrgEx
ScaleViewportExtEx

shell32

SHGetFolderPathW
ShellExecuteW

comctl32

InitCommonControlsEx

advapi32

RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenEncryptedFileRawW
RegSetValueExW
RegQueryValueExW

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantTimeToSystemTime
VariantInit
VariantCopy

kernel32

LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
LoadLibraryW
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindFirstFileW
FindClose
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
lstrlenW
lstrlenA
lstrcmpW
lstrcmpA
WritePrivateProfileStringW
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualFree
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockFile
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
UnlockFile
GetFileSize

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

Exports

Exports

PDFPortGetVersion
PDFPortInitialize
PDFPortTerminate

Sections

.text
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5573e9b240ce8a403c093a151e5d8d1

Headers

File Characteristics

Imports

shlwapi

user32

wininet

ole32

oledlg

gdi32

shell32

comctl32

advapi32

oleaut32

kernel32

comdlg32

winspool.drv

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 60KB

.rdata Size: 139KB - Virtual size: 140KB

.data Size: 43KB - Virtual size: 156KB

.idata Size: 9KB - Virtual size: 11KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 57KB - Virtual size: 60KB

.rdata
Size: 139KB - Virtual size: 140KB

.data
Size: 43KB - Virtual size: 156KB

.idata
Size: 9KB - Virtual size: 11KB

.rsrc
Size: 21KB - Virtual size: 23KB