b4362bed2e584b6671892e73afb86755_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4362bed2e584b6671892e73afb86755_JaffaCakes118
Size

330KB
MD5

b4362bed2e584b6671892e73afb86755
SHA1

dea7638f01ad501a36a2e101fd2ced9133b1d85e
SHA256

592290807771c747e94912be4b65961ed71f3c0db61374d2c2a084b33aabbeb7
SHA512

6b842cabba27268ecec680497baafce07f1e8fa0abd4af6c6d5f241463aefae44dd27fc371ef9a4e6038d314b9e180cd4bc8a0ebc12365f8aa6f3c5bb2879277
SSDEEP

6144:4PtbZ4ECs3jJzeNG6bxNI6pXmmHp9c1EIvAhTXcx5ZAfjRWJV8:4PtbZzCs3NaSGJS4dSKw8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4362bed2e584b6671892e73afb86755_JaffaCakes118

Files

b4362bed2e584b6671892e73afb86755_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a463d723330d3a15469e40a7cb8f5a6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pvgds

??_7CHorizSplitterGroup@@6B@
?GetPathByCLSID@CPvUtils@@SA_NABU_GUID@@PBDH_N@Z
?LTrim@CPvUtils@@SAPBDPAD@Z
??1CPvWaitCursor@@QAE@XZ
??0CHorizSplitterGroup@@QAE@PAUHWND__@@W4FrameType@CPvSplitterGroup@@_N@Z
?CreateSplitter@CHorizSplitterGroup@@UAEPAVCPvSplitter@@PAUHWND__@@H@Z
?CreateSplitter@CHorizSplitterGroup@@UAEPAVCPvSplitter@@PAVCWindow@ATL@@H@Z
?MakeEqual@CHorizSplitterGroup@@UAEXXZ
?SetClientRect@CHorizSplitterGroup@@UAEXPBUtagRECT@@@Z
?GetDragRect@CHorizSplitterGroup@@MBEXPAVCPvSplitter@@AAUtagRECT@@@Z
?GetAverageWH@CHorizSplitterGroup@@MBEHXZ
??_7CVertSplitterGroup@@6B@
??1CPvSplitterGroup@@MAE@XZ
??0CVertSplitterGroup@@QAE@PAUHWND__@@W4FrameType@CPvSplitterGroup@@_N@Z
?CreateSplitter@CVertSplitterGroup@@UAEPAVCPvSplitter@@PAUHWND__@@H@Z
?CreateSplitter@CVertSplitterGroup@@UAEPAVCPvSplitter@@PAVCWindow@ATL@@H@Z
?MakeEqual@CVertSplitterGroup@@UAEXXZ
?SetClientRect@CVertSplitterGroup@@UAEXPBUtagRECT@@@Z
?GetDragRect@CVertSplitterGroup@@MBEXPAVCPvSplitter@@AAUtagRECT@@@Z
?GetAverageWH@CVertSplitterGroup@@MBEHXZ
?RemoveSplitter@CPvSplitterGroup@@QAEXPAVCPvSplitter@@@Z
?UnRegisterComponent@CPvUtils@@SAKPBDAAJ@Z
?ShowInfoEx@CPvUtils@@SAHPAUHWND__@@PBDIPA_N1@Z
?RegisterComponent@CPvUtils@@SAKPBDAAJ@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDKI1@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBD1I1@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDI1@Z
?IsKeyPressed@CPvUtils@@SA_NH@Z
?ShowInfo@CPvUtils@@SAHPAUHWND__@@PBDJI1@Z
?RTrim@CPvUtils@@SAPBDPAD@Z
?CreateProcessA@CPvUtils@@SAHPBDPADPAU_PROCESS_INFORMATION@@PAK@Z
?IsNT@CPvUtils@@SA_NPAH@Z
??0CPvWaitCursor@@QAE@XZ

kernel32

lstrcmpA
GetCurrentProcessId
IsBadWritePtr
lstrcpyA
GetVersionExA
InterlockedDecrement
lstrcpynA
lstrlenW
GetShortPathNameA
GetModuleFileNameA
MultiByteToWideChar
lstrcmpiA
lstrcatA
lstrcpynW
EnterCriticalSection
CloseHandle
CreateEventA
GetCommandLineA
HeapDestroy
DeleteCriticalSection
FreeLibrary
lstrlenA
SetEvent
WideCharToMultiByte
InitializeCriticalSection
WaitForSingleObject
ReadFile
GetFileSize
GetLastError
CreateFileA
GetCurrentThreadId
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
WriteFile
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetProcAddress
LoadLibraryA
InterlockedIncrement
Sleep
GetModuleHandleA
CreateThread
RtlUnwind
TlsSetValue
HeapAlloc
HeapFree
HeapReAlloc
RaiseException
InterlockedExchange
LocalFree
HeapCreate
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
HeapSize
VirtualFree
VirtualAlloc
ExitThread
GetStartupInfoA
TlsAlloc
SetLastError
TlsGetValue
LocalAlloc

user32

LoadIconA
RedrawWindow
ReleaseCapture
SetCapture
PostQuitMessage
InvertRect
LoadBitmapA
DrawIcon
GetCursorPos
DispatchMessageA
TranslateMessage
GetMessageA
MessageBoxA
PostThreadMessageA
SetCursor
GetMenuStringA
SetMenuDefaultItem
AppendMenuA
GetSysColorBrush
LoadAcceleratorsA
LoadMenuA
LoadImageA
EndPaint
DrawIconEx
BeginPaint
TrackPopupMenu
GetMenuState
EnableMenuItem
EnableWindow
KillTimer
GetMenuItemID
DestroyWindow
IsDlgButtonChecked
InsertMenuA
ClientToScreen
GetWindowPlacement
SystemParametersInfoA
CopyRect
IsRectEmpty
OffsetRect
DrawEdge
GetMenuItemInfoA
InvalidateRect
UpdateWindow
SetMenu
SetWindowTextA
GetDlgItem
SetMenuItemInfoA
GetWindowRect
SetWindowPos
CreatePopupMenu
GetMenuItemCount
MessageBeep
RegisterWindowMessageA
SetRectEmpty
GetClassInfoExA
LoadCursorA
wsprintfA
RegisterClassExA
GetMessagePos
WindowFromPoint
ScreenToClient
GetSystemMetrics
ReleaseDC
TrackPopupMenuEx
ModifyMenuA
SetFocus
GetParent
SetWindowsHookExA
UnhookWindowsHookEx
FillRect
CharNextA
CharLowerA
IsWindowEnabled
GetClassNameA
RemoveMenu
CallNextHookEx
PeekMessageA
PtInRect
DialogBoxParamA
GetSysColor
GetWindowLongA
SetWindowLongA
CreateWindowExA
CallWindowProcA
IsWindow
GetClientRect
MoveWindow
ShowWindow
SendMessageA
LoadStringA
DefWindowProcA
InflateRect
LoadStringW
IsMenu
DestroyMenu
GetWindowThreadProcessId
GetFocus
GetActiveWindow
TranslateAcceleratorA
GetKeyState
GetSubMenu
WinHelpA
IsWindowVisible
PostMessageA
DeleteMenu
EndDialog
CheckRadioButton
DrawTextA
GetWindowDC
SetRect

gdi32

SelectObject
GetObjectA
SetBkMode
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
SetBkColor
SetTextColor
DeleteDC
BitBlt
CreateSolidBrush
CreateDIBSection
GetTextExtentPoint32A
RealizePalette
SelectPalette
GetDeviceCaps
CreateFontIndirectA
DeleteObject

comdlg32

GetSaveFileNameA
GetOpenFileNameA

ole32

CoResumeClassObjects
CoTaskMemFree
CLSIDFromProgID
CoRegisterClassObject
CLSIDFromString
StringFromCLSID
CoRevokeClassObject
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysStringLen
RegisterTypeLi
SysFreeString
VariantClear

comctl32

ImageList_Remove
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_Add
ImageList_GetIcon
ImageList_AddMasked
PropertySheetA
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
ImageList_Destroy
ImageList_Draw
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_GetImageCount

Sections

.text
Size: 240KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a463d723330d3a15469e40a7cb8f5a6d

Headers

File Characteristics

Imports

pvgds

kernel32

user32

gdi32

comdlg32

ole32

oleaut32

comctl32

Sections

.text Size: 240KB - Virtual size: 236KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 58KB - Virtual size: 60KB

.text
Size: 240KB - Virtual size: 236KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 58KB - Virtual size: 60KB