dd338c604bc6dfb7048f1cfb956f2349_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd338c604bc6dfb7048f1cfb956f2349_JaffaCakes118
Size

175KB
MD5

dd338c604bc6dfb7048f1cfb956f2349
SHA1

69d4235576c3419894bda723268de167389748b4
SHA256

f34f915c696ea6c1416f0abe4ba2b61d19be828e9dad6afa6be97be328cfee86
SHA512

3b9c4e23105fcf5debc30441fd3248a0f33d8f691478fc3f38a40572f43c5ffc1514c4b77ed14bc656058bc6badb8faf575059fc59b2e1bcbe8bbf03fe15ffe2
SSDEEP

3072:AvMsuLb2g50D7LS2vJ4tuDdn5EX2D+jHMiolrqDf5K0FXrm97/:1LpyPWwStuJnFD1lQj80xK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd338c604bc6dfb7048f1cfb956f2349_JaffaCakes118

Files

dd338c604bc6dfb7048f1cfb956f2349_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4c418f93ba3455c52586e88548bc2fd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

atan
memmove
strcmp
sin
clock
mbstowcs
exp
wcscspn
tolower
fabs
exit
sprintf
wcscspn
tolower
tan
fabs
srand
sqrt
strcmp
mbstowcs
wcschr
srand
memcmp
time
calloc

user32

RegisterClipboardFormatA
IsDialogMessageW
CreateIcon
GetPropA
DrawAnimatedRects
GetKeyboardState
SetMenu
SetScrollInfo
SetWindowPlacement
ScreenToClient
DeleteMenu
GetWindowLongA
GetForegroundWindow
KillTimer
OffsetRect
RedrawWindow
SetMenuItemInfoA
SetWindowPos
GetMenuItemInfoA
GetScrollPos
GetCursor
MoveWindow
EnumChildWindows
LoadBitmapA
GetMenuStringA
SystemParametersInfoA
CharLowerBuffA
DeleteMenu
GetMenuItemID
DispatchMessageW
RemoveMenu
GetDC
ActivateKeyboardLayout
GetWindow
SendMessageW
PostMessageA
PeekMessageW
TrackPopupMenu
GetKeyboardLayoutNameA
IsWindowVisible
RemovePropA
EmptyClipboard
LoadStringA
ChildWindowFromPoint
SetWindowsHookExA
DrawIconEx
SetClipboardData
SetPropA
EnableWindow
GetClientRect
SetMenu
RegisterClassA
DestroyCursor
TranslateMessage
TrackPopupMenu
EnableMenuItem
DrawMenuBar
MessageBoxA
GetSubMenu
GetClipboardData
GetClassInfoA
SendMessageA
LoadStringA
SystemParametersInfoA
SetScrollInfo
CharUpperBuffA
SetWindowLongA
RegisterClipboardFormatA
PtInRect
GetForegroundWindow
EmptyClipboard
IsWindowVisible
ReleaseCapture
SetRect
GetIconInfo
PeekMessageA
MoveWindow
DrawTextA
PeekMessageA
GetForegroundWindow
DrawFrameControl
GetWindowLongW
CharToOemA
EmptyClipboard
ShowWindow
ReleaseDC
GetKeyboardLayoutList
SetWindowLongA
GetCursorPos
GetWindowThreadProcessId
SendMessageA
DrawAnimatedRects
GetWindowLongA
DispatchMessageW
LoadStringA
IsWindow
GetClientRect
UnhookWindowsHookEx
SetPropA
TranslateMessage
GetTopWindow
SetScrollInfo
ReleaseCapture
GetMessagePos
IsWindowVisible
EndPaint

kernel32

WriteFile
SetEvent
GetCommandLineA
GetCPInfo
GetLocalTime
SetErrorMode
lstrlenA
LocalReAlloc
IsBadReadPtr
LoadLibraryA
GetLastError
GetCommandLineA
lstrlenW
GetProcAddress
IsBadHugeReadPtr
GetModuleHandleA
VirtualAlloc
GetModuleHandleW
GetCommandLineW
ExitProcess
ExitThread
FreeResource
HeapDestroy
GetProcAddress
GetFileSize
GetModuleFileNameA

gdi32

GetDIBColorTable
GetDCOrgEx
GetPixel
GetCurrentPositionEx
GetDIBits
GetDIBColorTable
GetObjectA
CreateDIBitmap
SaveDC
CreateBrushIndirect
CreateDIBSection
GetBitmapBits
GetRgnBox
SelectObject
SetBkColor
CreateCompatibleBitmap
SaveDC
GetPaletteEntries
CreatePenIndirect
SelectPalette
CreateDIBitmap
SelectObject
GetObjectA
CreatePenIndirect
GetRgnBox
SelectPalette
SaveDC

shell32

SHFileOperationA
SHGetFolderPathA
SHGetSpecialFolderLocation

shlwapi

SHStrDupA
SHEnumValueA
SHDeleteValueA
SHGetValueA
PathGetCharTypeA
PathFileExistsA
SHEnumValueA
PathIsDirectoryA
PathIsDirectoryA
SHSetValueA
PathIsContentTypeA
SHDeleteKeyA
SHQueryValueExA
SHStrDupA
SHEnumValueA
SHDeleteValueA
PathFileExistsA
PathIsContentTypeA
SHQueryValueExA
PathGetCharTypeA
SHDeleteValueA
SHStrDupA
PathIsDirectoryA
SHGetValueA
SHEnumValueA

version

GetFileVersionInfoA
VerQueryValueA
VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA

advapi32

GetUserNameA
RegQueryValueExA
GetLengthSid
RegCreateKeyExA

ole32

WriteClassStm
CoTaskMemFree
CLSIDFromString
StringFromIID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
CoGetObjectContext
CoCreateGuid
OleRegGetUserType
MkParseDisplayName
CoRevokeClassObject
CoReleaseMarshalData
GetHGlobalFromStream
CoCreateGuid
CoRegisterClassObject
CoRevokeClassObject
CoDisconnectObject
OleRun
CreateOleAdviseHolder
StringFromIID
PropVariantClear
OleRegGetUserType
CoTaskMemFree
MkParseDisplayName
CoGetMalloc
CoCreateFreeThreadedMarshaler
OleRegGetUserType
CreateOleAdviseHolder
StgCreateDocfileOnILockBytes
CoCreateGuid
GetHGlobalFromStream
CreateStreamOnHGlobal
OleCreateStaticFromData
CoTaskMemFree
CoDisconnectObject
CoCreateFreeThreadedMarshaler
OleRegGetUserType

oleaut32

SysStringLen
RegisterTypeLib
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayGetUBound
SysFreeString
VariantCopyInd
SysStringLen
SysFreeString
SafeArrayGetUBound
RegisterTypeLib
GetErrorInfo
OleLoadPicture
SysStringLen
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayGetElement
SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayGetUBound
SafeArrayPtrOfIndex
SysReAllocStringLen
SysStringLen
SafeArrayGetUBound
SafeArrayUnaccessData
OleLoadPicture
SafeArrayCreate
SafeArrayGetElement

comctl32

ImageList_Write
ImageList_Read
ImageList_Add
ImageList_DragShowNolock
ImageList_Write
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_Remove
ImageList_GetBkColor

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ChooseColorA

Sections

CODE
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 715B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 13KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c418f93ba3455c52586e88548bc2fd8

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

gdi32

shell32

shlwapi

version

advapi32

ole32

oleaut32

comctl32

comdlg32

Sections

CODE Size: 154KB - Virtual size: 153KB

.rdata Size: 1024B - Virtual size: 715B

.data Size: 13KB - Virtual size: 68KB

.bss Size: 512B - Virtual size: 334B

.rsrc Size: 5KB - Virtual size: 5KB

CODE
Size: 154KB - Virtual size: 153KB

.rdata
Size: 1024B - Virtual size: 715B

.data
Size: 13KB - Virtual size: 68KB

.bss
Size: 512B - Virtual size: 334B

.rsrc
Size: 5KB - Virtual size: 5KB