d35c98321d2f87f089b7d5c26174a10b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d35c98321d2f87f089b7d5c26174a10b_JaffaCakes118
Size

340KB
MD5

d35c98321d2f87f089b7d5c26174a10b
SHA1

2d7f432514ba316ecec7a8f372d0a75cb32f8fc0
SHA256

2d8e7d0a895c13a1d012b25b069a528481cd0d3c91b74689c61299f3b5a55232
SHA512

a467e624af472a2dc240dc325bef21b4dd435315dd765e9afd6f4134bd1c2482d23072e2057cc9ef60e9aad9107f6985bdacde3c92f0d68601b44ebf9990c40d
SSDEEP

6144:DrHbGlBfoXKBA4pOoGf75hK7d/X/CMmm/2ikfOmvA2CxjSJgE0ToC8uUsYEF7u2K:f7GliXAOJf75YtPhxd3dRMkz8rG4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
d35c98321d2f87f089b7d5c26174a10b_JaffaCakes118

Files

d35c98321d2f87f089b7d5c26174a10b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f84ab6efd884e5be4d16e70c8ace4077

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetGetProviderNameA
WNetAddConnectionA
WNetConnectionDialog
WNetCancelConnection2A
WNetAddConnection2A

gdi32

CreateDIBPatternBrushPt
CreateSolidBrush
EqualRgn
FillPath
CreateCompatibleDC
SetMapMode
CreatePenIndirect
CreateFontW
CreateFontA
ScaleWindowExtEx
GetMapMode
StretchBlt
SetTextColor
IntersectClipRect
StartDocW
CreateRoundRectRgn
CreateICA
DeleteObject
SelectClipRgn
DeleteDC
RestoreDC
ExtEscape
RemoveFontResourceA
RectVisible
GetEnhMetaFileBits
PolyBezierTo
GetBrushOrgEx
FillRgn
StartDocA
GetObjectW
GetClipBox
GetPolyFillMode
SetPixelFormat
EnumFontsW
GdiFlush
EnumMetaFile
SetWinMetaFileBits
EnumFontFamiliesExW
MoveToEx
SetTextAlign
GetKerningPairsA
GetTextAlign
ResizePalette
GetDeviceCaps
GetPixel
SetBitmapBits
SetBkMode
CreateDIBSection
CreateDCA
GetTextExtentPointA
ExtCreateRegion
SetWindowOrgEx
GetNearestPaletteIndex
CombineRgn
ExtCreatePen
GetRgnBox
GetCharWidthA
SetViewportExtEx
GetObjectType
OffsetRgn
DPtoLP
PlayEnhMetaFileRecord
EnumFontFamiliesA
SetBkColor
Pie
GetTextExtentPoint32A
AbortDoc
GetClipRgn
CreateDCW
CloseEnhMetaFile
CreateFontIndirectA
OffsetClipRgn
SetColorAdjustment
GetTextColor
CancelDC
GetROP2
ScaleViewportExtEx
EndPath
CreateCompatibleBitmap
StrokePath
GetTextMetricsA
TextOutA
CopyEnhMetaFileA
PatBlt
Polygon
ExtSelectClipRgn
GetWinMetaFileBits
GetFontData
SetAbortProc
BeginPath
RealizePalette
GetGlyphOutlineA
GetSystemPaletteEntries
LPtoDP
ExtTextOutA
CopyEnhMetaFileW
OffsetWindowOrgEx
CreateBitmap
EndPage
GetWindowOrgEx
CreateMetaFileA
GetStockObject
GetBkColor
GetDIBits
PolyPolyline
GetDIBColorTable
CreateEllipticRgn
GetEnhMetaFileHeader

oleaut32

VARIANT_UserFree
LPSAFEARRAY_UserFree

advapi32

SetServiceStatus
CreateServiceA
GetServiceKeyNameA
OpenSCManagerA
RegSetValueExW
RegQueryInfoKeyW
ChangeServiceConfigA
OpenSCManagerW
LsaOpenPolicy
DeleteService
RegCreateKeyExA
LsaFreeMemory
RegDeleteKeyA
QueryServiceStatus
GetUserNameA
RegOpenKeyExA
RegCreateKeyW
RegEnumKeyW
RegConnectRegistryA
RegOverridePredefKey
RegQueryValueA
SetServiceObjectSecurity
CreateServiceW
CloseServiceHandle
ChangeServiceConfigW
RegEnumKeyExA
StartServiceA
RegCloseKey
LockServiceDatabase
QueryServiceLockStatusW
ChangeServiceConfig2A
OpenServiceA
GetUserNameW
QueryServiceConfigW
RegSetValueA
RegOpenKeyExW
StartServiceCtrlDispatcherW
RegQueryInfoKeyA
EnumDependentServicesA
RegisterEventSourceA
LsaQueryInformationPolicy
ReportEventA
RegSetValueExA
ReadEventLogW
RegCreateKeyExW
RegUnLoadKeyW
ChangeServiceConfig2W
ReportEventW
GetTrusteeTypeA
GetTrusteeFormA
CreateProcessAsUserA
RegQueryValueW
RegNotifyChangeKeyValue

msvcrt

free
_except_handler3
_mbsnicoll
__dllonexit
_onexit
fseek
_strerror
fmod
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

user32

GetDlgItemInt
TranslateMessage
CharUpperW
SetWindowLongW
GetScrollPos
GetWindowLongA
WindowFromDC
GetWindowLongW
DispatchMessageA
RegisterClassExW
CreateCursor
TrackPopupMenuEx
GetProcessWindowStation
ModifyMenuA
CharUpperA
GetKeyboardLayoutList
DialogBoxIndirectParamW
CopyAcceleratorTableW
CopyIcon
SetWindowTextA
IsMenu
GetKeyboardState
LoadBitmapW
SendDlgItemMessageW
TrackPopupMenu
ShowCursor
GetParent
wvsprintfA
GetKeyboardLayoutNameW
GetClipboardViewer
CharNextA
IsClipboardFormatAvailable
SetClipboardData
EnableScrollBar
CharToOemA
GetClassInfoA
GetSysColorBrush
PeekMessageW
UnhookWinEvent
ClientToScreen
FindWindowExA
IntersectRect
InvalidateRect
DialogBoxIndirectParamA
CloseClipboard
CreateWindowExW
DestroyCursor
ChildWindowFromPointEx
SendNotifyMessageW
LoadMenuW
GetSysColor
CreateDialogIndirectParamW
SetMenu
GetMenuState
DdeAccessData
SetMenuDefaultItem
DdeClientTransaction
SetWindowRgn
SetRect
DdeFreeStringHandle
MapDialogRect
SetCaretBlinkTime
SystemParametersInfoW
GetLastActivePopup
GetDlgItem
GetCursorPos
GetWindowTextLengthA
MapVirtualKeyExA
DrawIcon
SetWindowPos
PostQuitMessage
IsDialogMessageA
GetMenu
GetClassNameA
VkKeyScanExW
IsChild
GetWindowWord
WindowFromPoint
EnableWindow
DestroyMenu
TranslateAcceleratorW
LoadKeyboardLayoutW
PostMessageA
SetCursor
SetActiveWindow
EmptyClipboard
IsWindowVisible
ScreenToClient
LoadMenuA
RegisterHotKey
ChangeClipboardChain
BringWindowToTop
MoveWindow
SetDlgItemTextW
SetRectEmpty
DdeQueryStringA
GetKeyState
GetClipboardFormatNameW
LoadImageA
IsCharLowerA
GetWindowTextA
RemovePropA
CallMsgFilterA
DrawStateW
IsCharAlphaNumericA
PostMessageW
MapWindowPoints
GetClassLongA
GetDlgItemTextA
DdeConnectList
SendNotifyMessageA
UnionRect
GetWindowThreadProcessId
DefFrameProcW
WaitMessage
GetScrollInfo
OemToCharBuffA
SetFocus
ShowOwnedPopups
ShowCaret
FindWindowW
MessageBeep
GetSystemMetrics
SetCaretPos
GetClassNameW
DrawFrameControl
DefDlgProcA
IsWindowEnabled
ValidateRect
GetDlgCtrlID
EnumThreadWindows
LoadBitmapA
RegisterClipboardFormatA
WinHelpA
RemoveMenu
FindWindowA
GetDC
SetClassLongW
CharLowerA
CloseDesktop
GetForegroundWindow
GetNextDlgTabItem
ToAscii
IsDlgButtonChecked
GetFocus
GetMessageA
CharPrevW
LoadStringW
GetMessagePos
CharPrevA
SendInput
BlockInput
CreateDialogParamA
DrawTextExA
GetUserObjectInformationW
InsertMenuW
UnpackDDElParam
DrawTextW
IsZoomed

mfc42

ord561
ord1576
ord815
ord3738
ord4424
ord1039
ord4080
ord3079
ord3825
ord3831
ord3830
ord1058
ord2976
ord3081
ord2985
ord3262
ord1097
ord4465
ord3259
ord1093
ord2982
ord1044
ord5714
ord1017
ord5307
ord4698
ord1041
ord2725
ord5302
ord6375
ord1045
ord3346
ord2396
ord1060
ord1089
ord3922
ord5731
ord1044
ord2554
ord4486
ord1168

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f84ab6efd884e5be4d16e70c8ace4077

Headers

File Characteristics

Imports

mpr

gdi32

oleaut32

advapi32

msvcrt

user32

mfc42

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 52KB - Virtual size: 50KB

.data Size: 44KB - Virtual size: 3.8MB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 52KB - Virtual size: 50KB

.data
Size: 44KB - Virtual size: 3.8MB

.rsrc
Size: 48KB - Virtual size: 47KB