f99994393bb1e8218465843c197f18a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f99994393bb1e8218465843c197f18a9_JaffaCakes118
Size

165KB
MD5

f99994393bb1e8218465843c197f18a9
SHA1

b13fa6f36096cc2bad11754dcfc65e7655eed68a
SHA256

3ca74ef0487acdb6bb30179cf7c6e9db5ea49102ab164b4863484bb88fc95abf
SHA512

5a3c92fe9e2c91e94c577937a61b8d3fc97b30399bc361babf3b3c6d037213771931a1d71e2d3c8fbd5ccb41f34199bd481dcc5a227de5cd85f65f142f229618
SSDEEP

3072:bY9ByYAR414vuJEHKMKEX/tySut1uV5z3EXPRBoPekNam9K8ZfE:8fsR4BGHKMKEPty5tMj3E/8VC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f99994393bb1e8218465843c197f18a9_JaffaCakes118

Files

f99994393bb1e8218465843c197f18a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5f1c4ec3823131e00d2490183cfad06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
ShellExecuteW
DragAcceptFiles
SHGetDesktopFolder
SHGetMalloc
ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderLocation
Shell_NotifyIconW

advapi32

RegEnumKeyExW
RegOpenKeyExW
RegDeleteValueW
RegOpenKeyW
RegDeleteKeyW
RegEnumValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
ImageList_GetImageInfo
InitCommonControlsEx
PropertySheetW
ImageList_GetImageCount
_TrackMouseEvent
ImageList_GetIcon
ImageList_Add
ImageList_LoadImageW
ImageList_AddMasked
ImageList_Draw

kernel32

GlobalAlloc
FindClose
WaitForSingleObject
LoadLibraryA
GlobalLock
GlobalFree
lstrlenW
ReplaceFileW
GetTickCount
SetThreadPriority
GetCurrentDirectoryW
WritePrivateProfileStringW
GlobalUnlock
FileTimeToLocalFileTime
FindResourceW
LoadLibraryExW
GetVersionExW
GetLocaleInfoW
GetProcessId
CreateThread
InitializeCriticalSection
LockResource
FreeLibrary
GetPrivateProfileStringW
InterlockedDecrement
GetLastError
GetPrivateProfileIntW
FileTimeToSystemTime
EnumResourceTypesA
lstrcmpW
GetVersion
GetCurrentThreadId
GetACP
lstrcpyW
GlobalSize
GetSystemTimeAsFileTime
SetFileAttributesW
MulDiv
FindCloseChangeNotification
FindFirstChangeNotificationW
ExitProcess
lstrcpynW
GetThreadLocale
Sleep
InterlockedExchange
InterlockedIncrement
QueryPerformanceCounter
FindFirstFileW
GetModuleHandleW
WideCharToMultiByte
DeleteCriticalSection
GetProcAddress
GetModuleFileNameW
MultiByteToWideChar
FindNextChangeNotification
ResumeThread
CloseHandle
LocalFree
GetFileAttributesW
LoadResource
GetVersionExA
LoadLibraryW
DeleteFileW
GetCurrentProcessId

ole32

DoDragDrop
CoCreateInstance
OleRun

user32

SetParent
GetMenuItemID
GetMenu
DrawFocusRect
CopyIcon
DestroyCursor
CloseClipboard
GetMenuDefaultItem
FillRect
DestroyWindow
DrawTextExW
CopyAcceleratorTableW
ShowWindow
DeferWindowPos
DispatchMessageW
EmptyClipboard
GetFocus
CallWindowProcW
GetMenuState
IsMenu
LoadImageW
CheckMenuItem
InflateRect
EndDeferWindowPos
SetForegroundWindow
DeleteMenu
GetSystemMetrics
BeginDeferWindowPos
LoadCursorW
UnhookWindowsHookEx
KillTimer
LoadIconW
LockWindowUpdate
MapWindowPoints
GetWindowPlacement
GetDlgCtrlID
OpenClipboard
ScreenToClient
MapVirtualKeyW
SetTimer
GetMessagePos
EnableMenuItem
IsCharLowerW
GetWindow
LoadBitmapW
GetNextDlgTabItem
SetWindowRgn
DestroyCaret
SetCursor
DrawEdge
GetSysColor
ReleaseDC
UpdateWindow
GetWindowTextW
AppendMenuW
mouse_event
GetSysColorBrush
DrawTextW
GetForegroundWindow
HideCaret
SetRectEmpty
GetKeyNameTextW
MapVirtualKeyExW
GetMenuItemCount
CreatePopupMenu
LoadMenuW
DestroyAcceleratorTable
SystemParametersInfoW
SetActiveWindow
ReleaseCapture
GetSubMenu
GetClipboardData
GetLastActivePopup
SendMessageW
IsClipboardFormatAvailable
IsIconic
IsZoomed
IsChild
ShowCaret
TabbedTextOutW
InvalidateRect
PeekMessageW
MessageBeep
PostMessageW
CopyRect
GetSystemMenu
GetCursor
DrawStateW
GetKeyState
CreateIconIndirect
GrayStringW
SetClipboardData
DrawIconEx
OffsetRect
GetMessageW
SetMenu
BringWindowToTop
CreateAcceleratorTableW
DragDetect
GetIconInfo
GetTabbedTextExtentW
GetActiveWindow
GetDC
EnumChildWindows
RedrawWindow
SetCaretPos
DestroyIcon
SetScrollInfo
RegisterWindowMessageW
GetClassLongW
CreateCaret
GetDlgItem
CloseWindow
IsWindow
TranslateMessage
SetCapture
wsprintfW
WindowFromPoint
IsRectEmpty
GetWindowRect
SetFocus
UnionRect
GetMenuItemInfoW
DrawFrameControl
FindWindowW
CallNextHookEx
GetScrollPos
GetParent
SetMenuDefaultItem
SetRect
ClientToScreen
TrackPopupMenu
SetCursorPos
SetScrollPos
IntersectRect
IsWindowVisible
DrawAnimatedRects
EnableScrollBar
RegisterClipboardFormatW
EqualRect
SetWindowLongW
ShowScrollBar
GetDCEx
PtInRect
MoveWindow
SetWindowPos
SystemParametersInfoA
GetCapture
GetCursorPos
InsertMenuW
SetWindowsHookExW
GetClassNameW
GetWindowLongW
GetClientRect
EnableWindow
GetDesktopWindow
GetKeyboardLayout
DrawIcon
GetScrollInfo
DestroyMenu

gdi32

Rectangle
GetTextExtentPoint32W
SetPixelV
GetBkColor
CreateDIBSection

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5f1c4ec3823131e00d2490183cfad06

Headers

File Characteristics

Imports

gdiplus

shell32

advapi32

comctl32

kernel32

ole32

user32

gdi32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 60KB - Virtual size: 60KB

.tls Size: 1024B - Virtual size: 92KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 60KB - Virtual size: 60KB

.tls
Size: 1024B - Virtual size: 92KB