c8e141f1e8289af9cc62d38d00ee8537_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8e141f1e8289af9cc62d38d00ee8537_JaffaCakes118
Size

324KB
MD5

c8e141f1e8289af9cc62d38d00ee8537
SHA1

f8efa567b375cd704964670a08915a2f30542ba1
SHA256

6333bc4f4f750425e2a54cc5760f40bf6e737475193acd2d57baff30943fe0b4
SHA512

98104a2e816c4a00d6e15f81d4b4de03a1ba2c9c860f5c1f4e2833148a80bb7fc1fdb7bcfc3a9c3b6a5262f3627027c97c599dfc0f2d22690d9c039e6c9b3a5d
SSDEEP

6144:PirhxTj1DTVz0OE03WbTTkP+K39BemitufWqnAHpC0:PidZ1fVzr5JP7femM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e141f1e8289af9cc62d38d00ee8537_JaffaCakes118

Files

c8e141f1e8289af9cc62d38d00ee8537_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bd3e9e86a0baf1d88e3e90ec2c386fb7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayDestroy

ole32

CLSIDFromProgID
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleUninitialize
OleIsCurrentClipboard
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoInitialize
CoGetClassObject
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

comdlg32

GetFileTitleW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

advapi32

RegQueryValueW
RegQueryValueExW
RegOpenCurrentUser
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

WinHelpW
AdjustWindowRectEx
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
TranslateMessage
SetWindowsHookExW
SetWindowTextW
SetWindowLongW
SetWindowContextHelpId
SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DrawIcon
DlgDirSelectComboBoxExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyIcon
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
SystemParametersInfoA

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

oledlg

OleUIBusyW

shell32

ShellExecuteW
ExtractIconW

gdi32

GetMapMode
GetObjectW
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
GetDeviceCaps
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkColor
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetBkColor
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
DeleteDC
CreateRectRgnIndirect
CreateFontW
SaveDC
CreateBitmap
GetRgnBox

comctl32

ord17

kernel32

SetEndOfFile
RtlUnwind
QueryPerformanceCounter
MultiByteToWideChar
LockResource
LocalAlloc
LoadResource
LoadLibraryW
LeaveCriticalSection
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapReAlloc
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalFlags
GlobalAlloc
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
SetEnvironmentVariableA
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindResourceExW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CopyFileW
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
SetHandleCount
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpW
lstrlenA
lstrlenW
GetStringTypeW

Exports

Exports

MM_InitWrapper
PlugPlugExtensionCall
PlugPlugGetVersion
PlugPlugLoadExtension
PlugPlugMenuCall
PlugPlugNotifyStateChange
PlugPlugSetFlashPanelList
PlugPlugSetup
PlugPlugTerminate
PlugPlugUnloadExtension
fdgfdgfgghj

Sections

.text
Size: 201KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd3e9e86a0baf1d88e3e90ec2c386fb7

Headers

File Characteristics

Imports

oleaut32

ole32

comdlg32

shlwapi

advapi32

user32

winspool.drv

oledlg

shell32

gdi32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 201KB - Virtual size: 204KB

.rdata Size: 75KB - Virtual size: 76KB

.data Size: 17KB - Virtual size: 76KB

.idata Size: 8KB - Virtual size: 12KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 201KB - Virtual size: 204KB

.rdata
Size: 75KB - Virtual size: 76KB

.data
Size: 17KB - Virtual size: 76KB

.idata
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 20KB - Virtual size: 20KB