c28ff555cf7ff606bc83f8979747505d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c28ff555cf7ff606bc83f8979747505d_JaffaCakes118
Size

820KB
MD5

c28ff555cf7ff606bc83f8979747505d
SHA1

5f28b4e57ca8ee23b407a3388696f7f13ca69c32
SHA256

b2b0297c7e8c24fbea6926a34ae63206d88c94a0d0b180b26bc0d68ba550eec2
SHA512

cc966f716ad2d97eb8bd457addb03c746ae59365535a49da6c437a520feaca20b7b0fcd114b3f92225f962d5a2972016e491f52ef89ac1ecd94a53b42a4d5374
SSDEEP

12288:xg5V4gKLI0SoE5JqLwM3HWc6GLK0bzuw76nbwZ02N:xgcTSVuLwM3WUDbD7P0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c28ff555cf7ff606bc83f8979747505d_JaffaCakes118

Files

c28ff555cf7ff606bc83f8979747505d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f024996291823f508be3b5f7706c8946

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\erxege\onacas.pdb

Imports

shell32

ShellExecuteW
CommandLineToArgvW
DragFinish
SHGetSpecialFolderLocation

user32

InvalidateRect
SystemParametersInfoA
CheckDlgButton
SetTimer
GetWindowTextA
RegisterClassA
GetDC
ReleaseDC
TranslateMessage
GetSubMenu
RegisterClassExA
IntersectRect
GetMenuState
DestroyIcon
MapWindowPoints
GetClassInfoA
SetClipboardData
SetWindowPos
CharUpperA
SetScrollPos
LoadAcceleratorsA
GetWindowPlacement
MapDialogRect
SetParent
TrackPopupMenu
SetCapture
IsRectEmpty
DestroyAcceleratorTable
LoadCursorA
LoadImageA
CreatePopupMenu
CreateWindowExA
ShowScrollBar
IsWindowEnabled
GetDCEx
GetForegroundWindow
MessageBeep
SetClassLongA
UnionRect
SetFocus
GetMenuItemInfoA
InflateRect
RemovePropA
GetKeyboardLayout
LoadIconA
GetClassLongA
SetActiveWindow
EnableWindow
GetWindowLongA
PostMessageA
SetWindowLongA
CopyImage
WaitForInputIdle
EqualRect
DeleteMenu
LoadStringA
SetCursor
GetSystemMetrics
GetWindow
PtInRect
DestroyCursor
BringWindowToTop
RegisterWindowMessageA
WindowFromPoint
GetMenuItemCount
GetNextDlgGroupItem
GetDesktopWindow
MessageBoxA
ShowWindow
InsertMenuA
LoadBitmapA
SetRect
GetWindowRect
GetCursorPos

wininet

HttpAddRequestHeadersW
InternetCanonicalizeUrlW
InternetGetLastResponseInfoW
InternetSetFilePointer
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetConnectW

winspool.drv

ClosePrinter
DocumentPropertiesA
ord204

shlwapi

PathRemoveExtensionA
PathFindExtensionA

kernel32

TerminateProcess
SetEnvironmentVariableA
LoadLibraryA
RtlUnwind
SetHandleCount
CompareStringA
HeapFree
IsDebuggerPresent
GetOEMCP
VirtualQuery
GetDateFormatA
LCMapStringA
ExitProcess
WriteConsoleA
InitializeCriticalSection
MultiByteToWideChar
GetTimeZoneInformation
EnterCriticalSection
GetStringTypeA
GetProcAddress
GetCommandLineA
ReadFile
CloseHandle
GetLocaleInfoA
FlushFileBuffers
GetSystemTimeAsFileTime
InterlockedDecrement
InterlockedExchange
GetCurrentThreadId
GetVersionExA
WriteFile
GetModuleHandleA
GetTickCount
TlsSetValue
GetModuleFileNameA
SetStdHandle
GetLastError
GetCurrentProcess
GetACP
WideCharToMultiByte
CreateFileA
HeapAlloc
GetTimeFormatA
VirtualAlloc
HeapDestroy
WriteConsoleW
UnhandledExceptionFilter
InterlockedIncrement
GetConsoleOutputCP
GetStartupInfoA
HeapSize
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
QueryPerformanceCounter
GetEnvironmentStringsW
GetStdHandle
HeapReAlloc
DeleteCriticalSection
GetFileType
GetCurrentProcessId
RaiseException
FreeEnvironmentStringsA
SetLastError
GetConsoleMode
GetEnvironmentStrings
GetProcessHeap
SetFilePointer
Sleep
GetStringTypeW
VirtualFree
LCMapStringW
TlsGetValue
GetCPInfo
HeapCreate
IsValidCodePage
TlsFree
LeaveCriticalSection
GetConsoleCP
CreateMutexA
TlsAlloc
CompareStringW

oleaut32

LoadTypeLi

gdi32

GetColorAdjustment
CreateEllipticRgn
CloseMetaFile
ExtEscape
SetBkColor
GetPolyFillMode
Polyline
CreateDiscardableBitmap
RealizePalette
GetBkColor
StretchBlt
SetArcDirection
SetTextJustification
SetROP2
GetStretchBltMode
EnumMetaFile
PolyBezierTo
ExtCreatePen
SetMiterLimit
SetBkMode
RectInRegion
GetBrushOrgEx
ArcTo
GetKerningPairsA
GetGlyphOutlineA
SetStretchBltMode
GetPaletteEntries
CreateICA
SetMapperFlags
Arc
SetWindowExtEx
GetTextAlign
CreateDIBitmap
GetCharWidthA
SetColorAdjustment
CreateHatchBrush
PatBlt
CloseEnhMetaFile
AnimatePalette
PlgBlt
RoundRect
SelectObject
OffsetWindowOrgEx
SelectClipRgn
CombineRgn
PathToRegion
SetTextColor
SetBitmapDimensionEx
FloodFill
DeleteObject
SetRectRgn
GetClipRgn
GetBitmapBits
GetMiterLimit
TextOutA
CreateCompatibleDC
GetBkMode
MoveToEx
SetPixelV
GetBitmapDimensionEx
CreateMetaFileA
AbortPath
BitBlt
LPtoDP
SetBrushOrgEx
GetTextExtentPointA
SetBitmapBits
PolyDraw
PtInRegion
GetNearestPaletteIndex
GetCharABCWidthsFloatA
LineTo
GetStockObject
SetTextCharacterExtra
EndPath
CreateRectRgn
ResetDCA
GetRgnBox
GetTextFaceA
CreatePenIndirect
GetViewportOrgEx
DeleteMetaFile
EnumObjects
CreatePolyPolygonRgn
AbortDoc
FillPath
UnrealizeObject
CreateEnhMetaFileA
CreateBitmapIndirect
SetViewportExtEx
GetCharWidthFloatA
ExcludeClipRect
CopyMetaFileA
CreateDIBPatternBrushPt
GetDCOrgEx
GetTextCharacterExtra
StartPage
FillRgn
GetNearestColor
PolyPolyline
AngleArc
ExtTextOutA
GetCurrentPositionEx
BeginPath
GetRegionData
GetDeviceCaps
GetTextColor
GetTextExtentPoint32A
GetAspectRatioFilterEx
PaintRgn
StretchDIBits
DrawEscape
CreateRectRgnIndirect
GetCharABCWidthsA
GetCurrentObject
CreatePolygonRgn
DeleteDC
PolylineTo
EndDoc
CreatePen
SetWindowOrgEx
CreatePalette
PlayMetaFileRecord
InvertRgn
GdiComment
GetROP2
FrameRgn
CreateFontA
PolyPolygon
EqualRgn
CreateBitmap
WidenPath
PlayEnhMetaFile
GetObjectA
CreateSolidBrush
GetPixel
CreateDCA
Rectangle
SelectClipPath
CloseFigure
RectVisible
EndPage
SetTextAlign

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 484KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f024996291823f508be3b5f7706c8946

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

wininet

winspool.drv

shlwapi

kernel32

oleaut32

gdi32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 484KB - Virtual size: 481KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 112KB - Virtual size: 111KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 484KB - Virtual size: 481KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 112KB - Virtual size: 111KB