d33b116fb3d8466e421474d261453642_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d33b116fb3d8466e421474d261453642_JaffaCakes118
Size

19.3MB
MD5

d33b116fb3d8466e421474d261453642
SHA1

4ad8de16f2725896afbb5f4b0271e3845eaa8437
SHA256

a4a257470f3eb76b87c71d8aaf39608ebb32152bfc325abc0f5e5cec78ec3639
SHA512

808ec66e4c8cf3d9a44aa03483e08d717a602bd109be876ae027e2b7d85534c032d4f4bff47f8415667443b6563f927ad1b5db506d3e3d082d6608dec4aa2935
SSDEEP

393216:NSwjU9yDPM4tvxmpCcUYawOUjlBtHJKtWKmOUYawOUjlBtHJKtWKVUYawOUjlBtu:SQTM4tvxqCU4ZBeeeeeeDeeeeeeee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d33b116fb3d8466e421474d261453642_JaffaCakes118

Files

d33b116fb3d8466e421474d261453642_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f01f9e28a4bf2fcb4180dc21d86ab7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

comctl32

ImageList_GetBkColor
ord17
ImageList_Write
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetDragCursorImage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_EndDrag
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetModuleHandleW
WriteProcessMemory
WritePrivateProfileStringA
WriteFile
WinExec
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
SuspendThread
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
ReadFile
RaiseException
QueryPerformanceFrequency
OutputDebugStringA
MultiByteToWideChar
MulDiv
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
LockResource
LocalFree
LocalAlloc
LoadResource
LoadLibraryExA
LeaveCriticalSection
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVolumeInformationA
GetVersionExA
GetUserDefaultLCID
GetTimeZoneInformation
GetTimeFormatA
GetThreadLocale
GetSystemInfo
GetSystemDirectoryA
GetStringTypeExA
GetStdHandle
GetStartupInfoA
GetProfileStringA
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLogicalDriveStringsA
GetLogicalDrives
GetLocalTime
GetLocaleInfoA
GetLastError
GetFullPathNameA
GetFileType
GetFileSize
GetFileAttributesA
GetExitCodeThread
GetDriveTypeA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentDirectoryA
GetCPInfo
GetComputerNameA
GetCommandLineA
GetACP
FreeResource
FormatMessageA
FlushInstructionCache
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitThread
EnumCalendarInfoA
EnterCriticalSection
DeviceIoControl
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
CloseHandle
ExitProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetVersion
LoadLibraryA
SetCurrentDirectoryA

user32

SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
ShowCaret
ShowCursor
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TabbedTextOutW
ToAsciiEx
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateWindow
ValidateRect
WaitMessage
WindowFromPoint
WinHelpA
SetForegroundWindow
SetFocus
SetCursor
SetClipboardData
SetClassLongA
SetCapture
SetActiveWindow
SendNotifyMessageA
SendMessageA
SendDlgItemMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LockWindowUpdate
LoadStringA
LoadMenuA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsRectEmpty
IsMenu
IsIconic
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextA
GetWindowRgn
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindowDC
SetRectEmpty
GetTopWindow
GetTabbedTextExtentW
GetTabbedTextExtentA
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetMessageTime
GetMessagePos
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
GetKeyState
GetKeyNameTextA
GetKeyboardType
GetKeyboardState
GetKeyboardLayoutList
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDesktopWindow
GetDCEx
GetCursorPos
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
DrawFrameControl
DrawFocusRect
DrawEdge
DragDetect
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreateWindowExA
CreatePopupMenu
CreateMenu
CreateIcon
CopyImage
CloseClipboard
ClientToScreen
ChildWindowFromPointEx
CheckMenuItem
CharUpperBuffA
CharToOemA
CharNextA
CharLowerBuffA
CharLowerA
CallWindowProcA
CallNextHookEx
BeginPaint
BeginDeferWindowPos
AdjustWindowRectEx
ActivateKeyboardLayout
SetPropA
SetParent
SetMenuItemInfoA
GetUpdateRgn
SetMenuDefaultItem
GetUpdateRect

gdi32

CreateICA
CreateHatchBrush
CreateHalftonePalette
CreateFontIndirectA
CreateEnhMetaFileA
CreatePalette
CreatePatternBrush
CreatePenIndirect
CreatePolygonRgn
CreateRectRgnIndirect
ExtCreateRegion
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FillPath
FillRgn
FrameRgn
GdiFlush
GetBitmapBits
GetBkColor
GetBkMode
GetBrushOrgEx
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCOrgEx
GetDeviceCaps
GetDIBColorTable
GetDIBits
GetEnhMetaFileBits
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetMapMode
GetNearestColor
GetNearestPaletteIndex
EnumFontFamiliesExA
GetObjectA
GetObjectType
GetPaletteEntries
GetPixel
GetRgnBox
GetROP2
GetStockObject
GetSystemPaletteEntries
CreateEllipticRgn
GetTextColor
GetTextExtentExPointA
GetTextExtentExPointW
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextMetricsA
GetTextMetricsW
GetViewportOrgEx
GetWindowOrgEx
GetWinMetaFileBits
IntersectClipRect
LineTo
MaskBlt
MoveToEx
OffsetRgn
OffsetWindowOrgEx
PatBlt
PlayEnhMetaFile
Polygon
Polyline
PolyPolyline
PtInRegion
RealizePalette
Rectangle
RectVisible
ResizePalette
RestoreDC
RoundRect
SaveDC
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetBkColor
SetBkMode
SetBrushOrgEx
SetDIBColorTable
SetDIBitsToDevice
SetEnhMetaFileBits
SetMapMode
SetPaletteEntries
SetPixel
SetRectRgn
SetROP2
SetStretchBltMode
SetTextAlign
SetTextColor
SetTextJustification
SetViewportOrgEx
SetWindowOrgEx
SetWinMetaFileBits
StartDocA
StartPage
StretchBlt
StretchDIBits
TextOutA
TextOutW
ExcludeClipRect
UnrealizeObject
UpdateColors
EndPath
EndPage
EndDoc
Ellipse
DPtoLP
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
CreateDIBSection
CreateDIBitmap
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineRgn
CloseEnhMetaFile
BitBlt
GetTextCharset
BeginPath

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
EnumPrintersA

comdlg32

GetOpenFileNameA
ChooseFontA
ChooseColorA
GetSaveFileNameA

advapi32

RegQueryInfoKeyA
RegOpenKeyExW
RegFlushKey
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

SHAppBarMessage
DragQueryFileA
DragAcceptFiles
ShellExecuteA

ole32

CoCreateInstance
StringFromCLSID
ProgIDFromCLSID
OleSetMenuDescriptor
OleDraw
IsAccelerator
CreateStreamOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoInitialize
CoGetClassObject

oleaut32

VariantChangeType
GetActiveObject
SysReAllocStringLen
SysFreeString
GetErrorInfo
SafeArrayCreate
SafeArrayCreateVector
SafeArrayDestroy
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayPtrOfIndex
SafeArrayPutElement
SysAllocStringLen
VariantClear
VariantCopyInd
VariantInit

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 29.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lfd0
Size: 643KB - Virtual size: 643KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16.5MB - Virtual size: 16.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f01f9e28a4bf2fcb4180dc21d86ab7f

Headers

File Characteristics

Imports

msvcrt

comctl32

version

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 1KB - Virtual size: 29.9MB

.tls Size: 5KB - Virtual size: 4KB

.lfd0 Size: 643KB - Virtual size: 643KB

.rsrc Size: 16.5MB - Virtual size: 16.5MB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 1KB - Virtual size: 29.9MB

.tls
Size: 5KB - Virtual size: 4KB

.lfd0
Size: 643KB - Virtual size: 643KB

.rsrc
Size: 16.5MB - Virtual size: 16.5MB