bad46f8e330581111e888906d840f033_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bad46f8e330581111e888906d840f033_JaffaCakes118
Size

1.4MB
MD5

bad46f8e330581111e888906d840f033
SHA1

678b6673588bc2f9751bc5f98879b5e37b3feebe
SHA256

199fc67172053f364364a862252407d1b78895e5a1bd181bc9112550a8e49622
SHA512

594fbd564ec37ea8093d971215b7a6fac515aa7cee77207fdb692f467e9da19e18c77d09b562c4ca9ad42494da66027c2838208ae56923a198384b31ef787996
SSDEEP

24576:VTZfjcAeSdD8tZxjbPZT2at0bisjonFHTaXcbBRTGqnGdZT9UMk7:TeMDgZ1PZT2aaxSzaXcbXKqGrTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bad46f8e330581111e888906d840f033_JaffaCakes118

Files

bad46f8e330581111e888906d840f033_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fdf31ccbc3ed20c17202361b30910ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileAttributesW
GetFileTime
FindNextFileW
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
ExitThread
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
SuspendThread
WritePrivateProfileStringW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FormatMessageW
LocalFree
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FreeLibrary
InterlockedDecrement
MulDiv
GlobalFree
SetEvent
GetTickCount
ResumeThread
SetThreadPriority
CreateEventW
lstrcmpiA
TerminateProcess
GetCurrentProcess
GetCurrentThread
GetVersionExW
WinExec
GetSystemDirectoryA
ReadFile
SetFilePointer
GetFileSize
GetModuleFileNameW
DeleteFileA
CreateThread
TerminateThread
GetVersion
Sleep
GetLocalTime
FindClose
InterlockedExchange
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
OpenProcess
lstrcmpW
lstrcpyW
FreeResource
GetModuleHandleA
CreateFileW
DeleteFileW
GlobalUnlock
GlobalLock
GlobalAlloc
FindResourceW
ExitProcess
CopyFileA
lstrcpyA
CreateDirectoryA
CloseHandle
WriteFile
CreateFileA
GetPrivateProfileStringA
lstrcmpA
lstrcatA
GetModuleFileNameA
WaitForSingleObject
CreateMutexW
LockResource
LoadResource
SizeofResource
FindResourceA
GetVolumeInformationA
GetDriveTypeA
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetLogicalDrives
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
WideCharToMultiByte
lstrlenW
lstrcatW
MultiByteToWideChar
VirtualQuery
lstrlenA

user32

GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
IsWindowVisible
GetMenu
GetMenuItemCount
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
PtInRect
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
GetWindowTextLengthW
GetWindowTextW
GetWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CreateDialogIndirectParamW
DestroyWindow
GetWindowLongW
GetDlgItem
GetNextDlgTabItem
EndDialog
DrawFocusRect
GetFocus
CopyRect
SetCursor
ReleaseDC
GetDC
LoadCursorW
InvalidateRect
GetParent
RedrawWindow
SetParent
IsWindow
GetMenuItemID
PostMessageW
TrackPopupMenu
GetCursorPos
SetMenuDefaultItem
GetSubMenu
RegisterWindowMessageW
UnregisterClassA
RegisterClipboardFormatW
LoadMenuW
KillTimer
SetForegroundWindow
PostThreadMessageW
UpdateWindow
GetSysColor
SetActiveWindow
GetActiveWindow
IsWindowEnabled
GetDesktopWindow
LoadIconA
SetFocus
GetWindowRect
AppendMenuW
CreatePopupMenu
wsprintfW
EnableWindow
DrawIcon
GetClientRect
GetSystemMetrics
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SendMessageW
IsIconic
LoadIconW
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
SetCapture
ReleaseCapture
UnregisterClassW
GetSysColorBrush
WindowFromPoint
CharUpperW
GetWindowThreadProcessId
GetMessageW
TranslateMessage
ValidateRect
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
DestroyMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetForegroundWindow
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
UnhookWindowsHookEx
RemovePropW
LoadBitmapW

gdi32

DeleteObject
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExtSelectClipRgn
DeleteDC
CreateBitmap
GetDeviceCaps
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
GetCurrentObject
CreateFontIndirectW
CreateFontW
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBSection
GetObjectW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

OpenProcessToken
RegEnumValueA
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegOpenKeyA
OpenThreadToken
RegSetValueExA
RegCreateKeyW
RegDeleteValueW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW
ShellExecuteA
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindExtensionW
UrlUnescapeW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

VariantChangeType
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysFreeString
SysStringLen
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
VariantCopy
VariantClear

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree

psapi

EnumProcesses
GetModuleFileNameExA
GetModuleFileNameExW
EnumProcessModules

wininet

InternetOpenUrlW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetGetConnectedState

Sections

.text
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 233KB - Virtual size: 233KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 747KB - Virtual size: 747KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fdf31ccbc3ed20c17202361b30910ca

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

psapi

wininet

Sections

.text Size: 415KB - Virtual size: 415KB

.rdata Size: 233KB - Virtual size: 233KB

.data Size: 47KB - Virtual size: 63KB

.rsrc Size: 747KB - Virtual size: 747KB

.text
Size: 415KB - Virtual size: 415KB

.rdata
Size: 233KB - Virtual size: 233KB

.data
Size: 47KB - Virtual size: 63KB

.rsrc
Size: 747KB - Virtual size: 747KB