df14ce9aabd7f014ce66b6a4ab7c4546_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

df14ce9aabd7f014ce66b6a4ab7c4546_JaffaCakes118
Size

286KB
MD5

df14ce9aabd7f014ce66b6a4ab7c4546
SHA1

76d6b15a9f7cb3ce160a338a89e2dc5af95e1023
SHA256

4c010bab2d3c48afb749b48bc8d0c5c626f8ae673a5b8839af4315187e3b8683
SHA512

5affe764c3eb8fc093e589c4095e900841de803711eff935d656c3292396d732533a20aebbfa9f455e303223e7b79bd609d68e8eb8c293421948ac4f8ec4b836
SSDEEP

6144:4UbgLyP0MSt84YhYdx6zgvZUNDdGg41llQrzG3UZil8:n10Zt8E5v4DUg4llJE8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df14ce9aabd7f014ce66b6a4ab7c4546_JaffaCakes118

Files

df14ce9aabd7f014ce66b6a4ab7c4546_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc8864f5b407b187b3ecdf89f677ddab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime
VariantInit
VariantCopy
VariantClear
VariantChangeType
SystemTimeToVariantTime
SysStringLen
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
SysAllocString
SafeArrayDestroy

gdi32

SetViewportOrgEx
CreateBitmap
CreateFontIndirectW
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExtTextOutW
GetDeviceCaps
GetMapMode
GetStockObject
GetTextColor
GetViewportExtEx
GetWindowExtEx
OffsetViewportOrgEx
RectVisible
RestoreDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectObject
SetBkMode
SetMapMode
SetPaletteEntries
SetTextColor
SetViewportExtEx
SetBkColor
SetWindowExtEx
StretchBlt
TextOutW

ole32

CLSIDFromProgID
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
OleUninitialize
OleIsCurrentClipboard
OleInitialize
HDC_UserMarshal
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterMessageFilter
CoInitializeEx
CoGetClassObject
CoFreeUnusedLibraries
CLSIDFromString

shell32

ShellExecuteW
SHGetFolderPathW

comctl32

InitCommonControlsEx

comdlg32

GetFileTitleW
PrintDlgW

wininet

HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetQueryOptionA
InternetGetLastResponseInfoW
InternetConnectW
InternetCloseHandle

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW

oledlg

OleUIBusyW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

user32

SendDlgItemMessageW
SendMessageW
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropW
SetRect
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
SendDlgItemMessageA
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetClassInfoA
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CopyAcceleratorTableW
ClientToScreen
CheckMenuItem
CharUpperW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
AdjustWindowRectEx
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
GetWindowDC
RedrawWindow
OffsetRect

advapi32

CryptDestroyHash
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
RegQueryValueW
RegSetValueExW

kernel32

CompareStringA
lstrlenW
lstrlenA
lstrcmpW
lstrcmpA
WritePrivateProfileStringW
WriteFile
WriteConsoleW
WriteConsoleA
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualAlloc
UnlockFile
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
Sleep
SizeofResource
SetUnhandledExceptionFilter
CloseHandle
CompareStringW
SetLastError
SetHandleCount
SetFilePointer
SetErrorMode
SetEnvironmentVariableA
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
MultiByteToWideChar
MulDiv
LockResource
LockFile
LocalFree
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersionExA
GetVersion
GetTimeZoneInformation
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetPrivateProfileSectionNamesA
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale

Exports

Exports

DeleteConfigFiles

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc8864f5b407b187b3ecdf89f677ddab

Headers

File Characteristics

Imports

oleaut32

gdi32

ole32

shell32

comctl32

comdlg32

wininet

shlwapi

oledlg

winspool.drv

user32

advapi32

kernel32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 104KB

.rdata Size: 138KB - Virtual size: 140KB

.data Size: 15KB - Virtual size: 112KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 101KB - Virtual size: 104KB

.rdata
Size: 138KB - Virtual size: 140KB

.data
Size: 15KB - Virtual size: 112KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 23KB