b393bd30cb228c79955ffd0d7a227873_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b393bd30cb228c79955ffd0d7a227873_JaffaCakes118
Size

285KB
MD5

b393bd30cb228c79955ffd0d7a227873
SHA1

489aa108ba81d4445a8120c36769884d252e5b4e
SHA256

76a0354da02532228d214dc9dc4f55a2fba69752128f120b58e1a78887157b0d
SHA512

3e71b684a89b09ae9241fe4648923713aed8ae7abb9bd19e2e514651e941913a527573815145a4d1e6eab80e002c4d0dc866347d573b5114c0a5b2d6e0ef09c2
SSDEEP

6144:p8PHVcQ+2BePnsE1yLvBDpIsBxsQJxSIL6NN5K5LPbf+R:pMmaJEmpI22P5WP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b393bd30cb228c79955ffd0d7a227873_JaffaCakes118

Files

b393bd30cb228c79955ffd0d7a227873_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f8d5f36b158dd2ae4be686c0f1da69d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetConnectW
InternetGetLastResponseInfoW
InternetOpenW
FtpGetCurrentDirectoryA
HttpSendRequestW
HttpOpenRequestW
InternetCloseHandle

oledlg

OleUIBusyW

gdi32

CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExtSelectClipRgn
GetBkColor
GetClipBox
GetDeviceCaps
GetMapMode
GetObjectW
GetPath
GetStockObject
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
ScaleWindowExtEx
SelectObject
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutW
CreateFontIndirectW
CreateCompatibleDC

kernel32

CompareStringW
ConvertDefaultLocale
CreateDirectoryW
CreateFileA
CreateFileW
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
EnumResourceLanguagesW
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindResourceW
FormatMessageW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileSize
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
CompareStringA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GetVolumeInformationW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomW
GlobalFlags
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockFile
LockResource
MultiByteToWideChar
OpenSemaphoreA
QueryPerformanceCounter
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
CloseHandle
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
GetStringTypeW
VirtualQuery

comdlg32

dwOKSubclass
GetFileTitleW

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsUNCW
PathFindExtensionW

shell32

ShellExecuteW
SHGetFolderPathW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

user32

CopyAcceleratorTableW
CopyRect
CreateDialogIndirectParamW
CreateWindowExW
DdeCreateDataHandle
DefWindowProcW
DestroyMenu
DestroyWindow
DispatchMessageW
DrawTextExW
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EqualRect
GetActiveWindow
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassNameW
GetClientRect
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetPropW
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
ClientToScreen
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
CheckMenuItem
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
IsIconic
IsRectEmpty
IsWindow
IsWindowVisible
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
MapDialogRect
MapWindowPoints
MessageBeep
ModifyMenuW
MoveWindow
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendDlgItemMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropW
SetRect
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
GrayStringW
AdjustWindowRectEx
GetWindowDC

oleaut32

SystemTimeToVariantTime
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayDestroy
OleCreateFontIndirect
VariantChangeType
VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear

ole32

OleFlushClipboard
OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx
StgOpenStorageOnILockBytes
CoGetClassObject

advapi32

OpenServiceW
RegCloseKey
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueExW

comctl32

InitCommonControlsEx

Exports

Exports

DeleteConfigFiles

Sections

.text
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f8d5f36b158dd2ae4be686c0f1da69d

Headers

File Characteristics

Imports

wininet

oledlg

gdi32

kernel32

comdlg32

shlwapi

shell32

winspool.drv

user32

oleaut32

ole32

advapi32

comctl32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 104KB

.rdata Size: 138KB - Virtual size: 140KB

.data Size: 15KB - Virtual size: 112KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 100KB - Virtual size: 104KB

.rdata
Size: 138KB - Virtual size: 140KB

.data
Size: 15KB - Virtual size: 112KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 23KB