c0ade217983e6a738f608fa4bc9a069f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c0ade217983e6a738f608fa4bc9a069f_JaffaCakes118
Size

972KB
MD5

c0ade217983e6a738f608fa4bc9a069f
SHA1

d0117260caad3f95303312f3e66bf80db2d2c10c
SHA256

c53a1f6e1479cde7dbc4622312919924abc328d6d9fa7960e8880956ecc64d05
SHA512

c5d56f0455e205efa2994888abbee151422e05b3fa817042a8878375b53cb853243671071d23342781b63da5ef8101d2e55d130c5d38e288f3beed1bb0b5a47a
SSDEEP

12288:lbQtvpoTZIgZnTmX+iIyIFcNK+ZIWIBKFNBV6s5PI2q1DKhQp00/1hWphh9f6k2:lbhByV6s5PI2sFhWhF2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0ade217983e6a738f608fa4bc9a069f_JaffaCakes118

Files

c0ade217983e6a738f608fa4bc9a069f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b90d9e355e50818b71841bbfe6608a85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
LoadLibraryExA
FlushInstructionCache
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetWindowsDirectoryA
DeleteFileA
InterlockedExchange
GetTickCount
GetModuleFileNameA
CreateThread
CreateEventA
OpenEventA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
Sleep
WaitForSingleObject
ReadFile
SetFilePointer
GetFileSize
CopyFileA
LocalFree
LocalAlloc
GetDiskFreeSpaceExA
Process32Next
Process32First
CreateToolhelp32Snapshot
Module32Next
Module32First
lstrcpyA
lstrcatA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetSystemDirectoryA
TerminateProcess
OpenProcess
ReadProcessMemory
GlobalFree
GlobalAlloc
LeaveCriticalSection
GetLocalTime
lstrlenA
FindResourceA
GetLocaleInfoW
SetEnvironmentVariableA
SetEndOfFile
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetFileType
GetStdHandle
SetHandleCount
WriteFile
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
HeapSize
CompareStringW
CompareStringA
GetCPInfo
LCMapStringW
LCMapStringA
GetVersion
GetCommandLineA
GetStartupInfoA
ExitProcess
HeapReAlloc
HeapAlloc
HeapFree
LoadResource
LockResource
SizeofResource
lstrcpynA
RaiseException
RtlUnwind
MultiByteToWideChar
GetFileAttributesA
LoadLibraryA
GetProcAddress
FreeLibrary
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
GetFileTime
CloseHandle
InterlockedExchangeAdd
GetTempPathA

user32

CallWindowProcA
SetTimer
DestroyWindow
IsWindow
IsWindowVisible
KillTimer
ShowWindow
DialogBoxParamA
SetWindowPos
GetSystemMetrics
GetWindowRect
CreateDialogParamA
SetForegroundWindow
GetLastActivePopup
IsIconic
AdjustWindowRectEx
GetMenu
GetWindowLongA
CreateWindowExA
DefWindowProcA
EndDialog
SetWindowRgn
GetClientRect
SetWindowLongA
SystemParametersInfoA
MapWindowPoints
GetWindow
RegisterClassExA
wsprintfA
LoadCursorA
GetClassInfoExA
LoadStringA
GetActiveWindow
ClientToScreen
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
RegisterWindowMessageA
FindWindowA
DestroyIcon
SetMenuItemInfoA
GetMenuItemInfoA
SetMenuDefaultItem
GetCursorPos
GetFocus
SetWindowTextA
LoadImageA
PostQuitMessage
PostMessageA
GetParent
SendMessageA
MoveWindow
GetDlgCtrlID
ReleaseCapture
OffsetRect
DrawTextW

gdi32

CreateRoundRectRgn
SetTextAlign
GetTextAlign

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegEnumKeyA
RegSetValueExA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegCreateKeyA

shell32

Shell_NotifyIconA
ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
StringFromGUID2
CoCreateGuid
CreateStreamOnHGlobal
CoInitialize

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString
VariantClear
SysStringLen
LoadRegTypeLi
DispCallFunc

comctl32

InitCommonControlsEx

htmlayout

HTMLayout_UnuseElement
HTMLayoutUpdateElement
HTMLayoutSetCapture
HTMLayoutSelectParent
HTMLayoutRequestElementData
HTMLayoutGetElementHwnd
HTMLayoutSelectElements
HTMLayoutGetElementInnerText16
HTMLayoutSortElements
HTMLayoutGetStyleAttribute
HTMLayoutIsElementVisible
HTMLayoutGetParentElement
HTMLayoutGetElementIndex
HTMLayoutPostEvent
HTMLayoutGetElementLocation
HTMLayoutElementGetExpando
HTMLayoutCreateElement
HTMLayoutElementSetExpando
HTMLayoutGetNthChild
HTMLayoutGetChildrenCount
HTMLayoutInsertElement
HTMLayoutScrollToView
HTMLayoutAttachEventHandler
HTMLayoutGetElementInnerText
HTMLayoutLoadHtmlEx
HTMLayoutClassNameA
HTMLayoutCombineURL
HTMLayoutLoadFile
HTMLayoutGetAttributeCount
HTMLayoutGetNthAttribute
HTMLayoutGetElementType
HTMLayoutDataReady
HTMLayoutGetAttributeByName
HTMLayoutGetMinWidth
HTMLayoutGetMinHeight
HTMLayoutVisitElements
HTMLayoutLoadHtml
HTMLayoutGetElementState
HTMLayoutSetAttributeByName
HTMLayoutGetRootElement
HTMLayout_UseElement
HTMLayoutAttachEventHandlerEx
HTMLayoutSetElementState
HTMLayoutSetCallback
HTMLayoutSetMediaType
HTMLayoutSetElementInnerText16

avengn

ord3
ord2
ord1003
ord4
ord6

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

PlaySoundA

wininet

HttpQueryInfoA
HttpSendRequestA
InternetReadFile
InternetConnectA
InternetOpenA
InternetGetConnectedState
InternetOpenUrlA
InternetCloseHandle
HttpOpenRequestA

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 548KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b90d9e355e50818b71841bbfe6608a85

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

htmlayout

avengn

version

winmm

wininet

Sections

.text Size: 316KB - Virtual size: 316KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 47KB - Virtual size: 47KB

.rsrc Size: 548KB - Virtual size: 548KB

.text
Size: 316KB - Virtual size: 316KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 47KB - Virtual size: 47KB

.rsrc
Size: 548KB - Virtual size: 548KB