de13e3566c3b68682c7680e112ec3a50_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

de13e3566c3b68682c7680e112ec3a50_JaffaCakes118
Size

452KB
MD5

de13e3566c3b68682c7680e112ec3a50
SHA1

af5298ea4159d1f0c92f53b1db8d7d4e18be11f7
SHA256

25670f43cb027b5b661713aa6fda8e4870e3bb867617bcd43cf4b43609e79249
SHA512

6a625bd25761066dd53b0ed3862b5e9f0f82464287b10e9d6d06c3186937c05ee41606a9c83a371be4803e5f0e56dd3edd36f060bd01562253def24ef9623bb5
SSDEEP

6144:b1yYKjCp9S3+ncTWAp7QzslTJlQapP9uQzYr15AaylSb:JyxjeS3+cTWAZcslTXpP9usYr3VylC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de13e3566c3b68682c7680e112ec3a50_JaffaCakes118

Files

de13e3566c3b68682c7680e112ec3a50_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e6d6645897fdf3664170669fb3b1ea9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

imm32

ImmGetConversionStatus
ImmSetConversionStatus
ImmReleaseContext
ImmGetContext

shlwapi

SHDeleteValueA

iphlpapi

GetAdaptersInfo

kernel32

ExitProcess
HeapAlloc
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
HeapFree
GetACP
SetStdHandle
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
SetHandleCount
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
SetErrorMode
IsBadWritePtr
GetLastError
LoadLibraryA
FreeLibrary
DeleteFileA
Sleep
CopyFileA
MulDiv
CloseHandle
CreateProcessA
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
GetPriorityClass
OpenProcess
CreateDirectoryA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetVersionExA
WritePrivateProfileStringA
IsDBCSLeadByte
GetLongPathNameA
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
ResumeThread
GetFileTime
GetFileSize
GetFileAttributesA
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
FlushFileBuffers
ReadFile
DuplicateHandle
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetProfileStringA
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
SetLastError
FormatMessageA
LocalFree
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetProcAddress
SetThreadPriority
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
SuspendThread
CreateFileA
SetFilePointer
LockFile
WriteFile
UnlockFile
GetExitCodeThread
TerminateThread
GetVersion
GetModuleHandleA
SetEvent
ResetEvent
FindResourceA
LoadResource
SizeofResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateEventA
GetCurrentProcess

user32

RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
CharNextA
CharUpperA
DestroyMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
GetTopWindow
IsChild
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
DrawFocusRect
DefDlgProcA
IsWindowUnicode
IsWindowVisible
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
PostQuitMessage
GetWindowTextA
EnumWindows
DestroyIcon
PeekMessageA
TranslateMessage
DispatchMessageA
IsWindow
UpdateWindow
SystemParametersInfoA
GrayStringA
DrawTextA
TabbedTextOutA
CopyRect
GetSysColor
FillRect
MessageBeep
GetNextDlgGroupItem
CopyAcceleratorTableA
SetRect
SetCursor
ReleaseCapture
GetParent
SetCapture
LoadCursorA
InvalidateRect
LoadStringA
EnableWindow
RegisterWindowMessageA
LoadMenuA
GetSubMenu
ModifyMenuA
SetMenuDefaultItem
GetCursorPos
TrackPopupMenu
GetForegroundWindow
GetAncestor
GetClassNameA
MonitorFromWindow
GetMonitorInfoA
GetDesktopWindow
wsprintfA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
GetDC
ReleaseDC
SetTimer
PtInRect
GetWindowRect
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadBitmapA
SendMessageA
LoadIconA
GetClassInfoA
FindWindowA
ShowWindow
PostMessageA
SetForegroundWindow
MessageBoxA
ExcludeUpdateRgn
ShowCaret
SetMenuItemBitmaps
HideCaret
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetBkMode
GetStockObject
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleBitmap
DeleteDC
CreateFontIndirectA
CreatePen
Rectangle
SelectObject
BitBlt
DeleteObject
GetDeviceCaps
CreateSolidBrush
GetObjectA
CreateCompatibleDC
GetTextExtentPointA
CreateDIBitmap
StretchBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA
SHFileOperationA
SHGetFileInfoA
SHGetSpecialFolderPathA

comctl32

ImageList_GetImageCount
ImageList_Remove
ImageList_AddMasked
_TrackMouseEvent
ImageList_ReplaceIcon
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CLSIDFromString
CLSIDFromProgID
CreateStreamOnHGlobal
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord251
ord253

oleaut32

SysStringLen
VariantTimeToSystemTime
VariantChangeType
SysAllocStringByteLen
SysAllocString
VariantCopy
SafeArrayCreateVector
SafeArrayAccessData
VariantClear
SafeArrayUnaccessData
SysAllocStringLen
SysFreeString

wininet

InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e6d6645897fdf3664170669fb3b1ea9

Headers

File Characteristics

Imports

version

imm32

shlwapi

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wininet

Sections

.text Size: 328KB - Virtual size: 327KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 24KB - Virtual size: 46KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 328KB - Virtual size: 327KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 24KB - Virtual size: 46KB

.rsrc
Size: 28KB - Virtual size: 26KB