ce29ac98cf3769870cba713af6d85f41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ce29ac98cf3769870cba713af6d85f41_JaffaCakes118
Size

418KB
MD5

ce29ac98cf3769870cba713af6d85f41
SHA1

c1c21c62679a750b4a5cbffb336edcc80dbabf20
SHA256

352549b43772d3d73dd6efbcc250bb9cee6b6873bd53f66b3eb40995c4cfacd7
SHA512

cd829c06e189960f3731344a3752280dea11ceeedb54e4e3f7d235994ae4dcad80853988cc3b4069889ad982e4b31c7b5c33abe32341d971a2ccb9f940d13626
SSDEEP

6144:CuWwQHbZf4RDbfwpFG2n5a9LMB+Il02z8XhnX37ygCR83d+cX:4bZf4RD0pFGoa9QB+azM7/+8t+u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce29ac98cf3769870cba713af6d85f41_JaffaCakes118

Files

ce29ac98cf3769870cba713af6d85f41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bd820d10cb5f94e7df124a16dcf57992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW

rpcrt4

RpcStringFreeA
UuidToStringA
UuidCreate

kernel32

InterlockedIncrement
LocalAlloc
GetCommandLineW
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
ExitProcess
Sleep
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
WideCharToMultiByte
CreateFileA
GetFileSize
FormatMessageA
SetFilePointer
ReadFile
GetTempPathW
CreateFileW
CloseHandle
FormatMessageW
GetVersionExA
lstrlenA
VirtualQuery
lstrcpynA
FindResourceExW
FindResourceW
FreeLibrary
LoadResource
LoadLibraryExW
GetModuleHandleA
InterlockedDecrement
GetCurrentProcess
GlobalLock
GetModuleHandleW
GetTickCount
InitializeCriticalSection
GlobalAlloc
LoadLibraryW
SizeofResource
GetVersionExW
LeaveCriticalSection
lstrcpynW
MulDiv
GetModuleFileNameW
lstrcmpW
MultiByteToWideChar
lstrlenW
GlobalUnlock
FlushInstructionCache
RaiseException
GetLastError
SetLastError
lstrcpyW
GetCurrentProcessId
DeleteFileW
GetCurrentThreadId
DeleteCriticalSection
VirtualProtect
lstrcmpiW
GetModuleFileNameA
LockResource
EnterCriticalSection
VirtualAlloc
GetProcAddress

user32

ScreenToClient
SetTimer
DestroyAcceleratorTable
GetDlgItemInt
SendMessageW
TranslateAcceleratorW
SetDlgItemTextW
IsWindowVisible
GetWindowTextLengthW
SetCursor
DestroyWindow
ClientToScreen
EndPaint
GetWindowRect
SetWindowTextW
SetMenuItemInfoW
GetDialogBaseUnits
GetMonitorInfoW
CallWindowProcW
DefWindowProcW
CopyRect
GetWindow
GetSystemMetrics
ReleaseCapture
MessageBoxW
EqualRect
SetMenuDefaultItem
CreateWindowExW
RemoveMenu
MapDialogRect
EnableWindow
GetDlgCtrlID
MapWindowPoints
GetMessageW
MonitorFromPoint
PostQuitMessage
CharNextW
TrackPopupMenu
GetWindowDC
RegisterWindowMessageW
MoveWindow
UnregisterClassA
DispatchMessageW
FillRect
IsChild
LoadImageW
SetCapture
PostMessageW
DrawTextW
KillTimer
GetKeyState
LoadStringA
GetFocus
DialogBoxParamW
GetParent
InvalidateRgn
LoadCursorW
MessageBeep
GetClientRect
CreateAcceleratorTableW
SetFocus
DrawEdge
GetMenuItemInfoW
SetRectEmpty
BeginPaint
GetClassLongW
PtInRect
GetClassInfoExW
wsprintfW
GetDoubleClickTime
GetDC
GetCapture
DrawFocusRect
TranslateMessage
LoadAcceleratorsW
InflateRect
SetDlgItemInt
IsDialogMessageW
RegisterClassExW
OffsetRect
TrackPopupMenuEx
IntersectRect
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
SystemParametersInfoW
PeekMessageW
GetDCEx
GetClassNameW
ReleaseDC
MonitorFromWindow
GetDlgItem
SetWindowLongW
EndDialog
RedrawWindow
DestroyCursor
GetDesktopWindow
GetSysColor
SetWindowPos
GetCursorPos
LoadStringW
ShowWindow
CreatePopupMenu
GetSysColorBrush
CreateDialogParamW
GetMenuItemCount
IsWindow
DestroyMenu

gdi32

GetClipRgn
MoveToEx
SetWindowOrgEx
BitBlt
PatBlt
SetViewportOrgEx
LineTo
LPtoDP
SetTextColor
DeleteDC
Polygon
CreateFontIndirectW
GetDeviceCaps
SetBkColor
ExcludeClipRect
RemoveFontMemResourceEx
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
CreateCompatibleDC
CreateRectRgnIndirect
DPtoLP
CombineRgn
CreateCompatibleBitmap
ExtTextOutW
SaveDC
CreateFontW
GetObjectW
AddFontMemResourceEx
CreateRectRgn
Polyline
CreatePen
GetClipBox
IntersectClipRect
GetStockObject
RestoreDC
CreateSolidBrush

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumKeyExW

ole32

CoTaskMemFree
DoDragDrop
CreateItemMoniker
CoGetClassObject
CoTaskMemAlloc
StringFromGUID2
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoTaskMemRealloc
OleLockRunning
OleInitialize
CoCreateInstance
GetRunningObjectTable
OleUninitialize

oleaut32

SysStringLen
LoadRegTypeLi
SysFreeString
VarUI4FromStr
OleCreateFontIndirect
OleCreatePropertyFrame
VariantChangeType
SysAllocStringLen
VarBstrCmp
VariantInit
LoadTypeLi
VariantClear
DispCallFunc
SysAllocString

mkzlib

inflateEnd
inflateInit_
inflate
inflateReset

mkunicode

iso_getentry
Utf16ToUtf8

shlwapi

SHAutoComplete
StrCmpIW
UrlEscapeW

comctl32

ImageList_Draw
ImageList_SetOverlayImage
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_LoadImageW
_TrackMouseEvent

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd820d10cb5f94e7df124a16dcf57992

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

rpcrt4

kernel32

user32

gdi32

advapi32

ole32

oleaut32

mkzlib

mkunicode

shlwapi

comctl32

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 49KB - Virtual size: 48KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 37KB - Virtual size: 37KB

.reloc Size: 19KB - Virtual size: 18KB

.xrdata Size: 68KB - Virtual size: 68KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 49KB - Virtual size: 48KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 37KB - Virtual size: 37KB

.reloc
Size: 19KB - Virtual size: 18KB

.xrdata
Size: 68KB - Virtual size: 68KB