fa2b3b24d37445e649381060527fa6ac_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa2b3b24d37445e649381060527fa6ac_JaffaCakes118
Size

2.5MB
MD5

fa2b3b24d37445e649381060527fa6ac
SHA1

f4612fc3ec4ce05fa90e53d0bf079716d73d3611
SHA256

a28da92ca50f6caf1ed9bef39bb8573b5e6a780138ccd1148afbb76be4b06003
SHA512

58f31e26de8501b6252ad95799aac72ffea9d0d85465acee56a2071190f7473f7314cb9e1778bddfd50fca0650f94af29c27f232ffae1b0d114372fc23009523
SSDEEP

49152:W8fRDcOnQx+HY04kV/lb05qF7crc4nIOwbi7ckze24x:xfRDcOQxKY8Nlgkpcxn7wbi7nzeZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa2b3b24d37445e649381060527fa6ac_JaffaCakes118

Files

fa2b3b24d37445e649381060527fa6ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c3d3a747848357ac8f1826221c1926d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

imm32

ImmGetContext
ImmSetConversionStatus
ImmGetConversionStatus

mscms

CloseColorProfile
GetCountColorProfileElements
GetColorProfileElement
TranslateBitmapBits
CreateColorTransformA
DeleteColorTransform
OpenColorProfileA
IsColorProfileValid
GetColorDirectoryA
GetColorProfileElementTag

ltfil10n

ord101
ord106
ord100
ord114
ord103
ord115

ltimg10n

ord117
ord108
ord111
ord123
ord121
ord122
ord120
ord119
ord118
ord115
ord114
ord112
ord106
ord104
ord101
ord105
ord103
ord124

ltkrn10n

ord134
ord157
ord197
ord107
ord141
ord137
ord150
ord135
ord102
ord198
ord151
ord146
ord124
ord153
ord131
ord142
ord109
ord155
ord116
ord133
ord100
ord136
ord128
ord130
ord132
ord145
ord144
ord129
ord123
ord117
ord113
ord101
ord120
ord125
ord114
ord112
ord108

lttwn10n

ord107
ord100
ord101
ord103

ltdis10n

ord126
ord105
ord116
ord115
ord156
ord157
ord137
ord138
ord129
ord132
ord122

ltefx10n

ord110

kernel32

lstrcmpA
FlushFileBuffers
lstrcmpiA
GlobalDeleteAtom
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
DuplicateHandle
GetCurrentProcess
SetFilePointer
LockFile
UnlockFile
MoveFileA
DeleteFileA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
GlobalAddAtomA
GetModuleHandleA
GlobalFindAtomA
GlobalGetAtomNameA
LocalFree
FormatMessageA
ResumeThread
GetDiskFreeSpaceA
GlobalSize
GlobalReAlloc
lstrlenW
FileTimeToSystemTime
FileTimeToLocalFileTime
GlobalFlags
LocalAlloc
TlsAlloc
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetProcessVersion
GetCPInfo
GetOEMCP
CopyFileA
lstrcpyW
RtlUnwind
SetEnvironmentVariableA
GetDriveTypeA
CreateDirectoryA
ExitThread
HeapAlloc
HeapReAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
GetACP
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
DeviceIoControl
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringA
CompareStringW
RemoveDirectoryA
SetEndOfFile
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFile
GetLocalTime
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FindResourceA
LoadResource
LockResource
FreeResource
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemDirectoryA
SearchPathA
GlobalMemoryStatus
LoadLibraryA
RaiseException
_lwrite
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
OpenFile
_llseek
_lread
_lclose
LeaveCriticalSection
GetProcAddress
GetFileAttributesA
MulDiv
TerminateThread
SetupComm
PurgeComm
SetCommState
ReadFile
GetOverlappedResult
SetCommMask
WaitCommEvent
ClearCommError
SetLastError
lstrcpyA
GetLastError
GetProfileStringA
GlobalHandle
WriteFile
CreateFileA
GetCommTimeouts
SetCommTimeouts
BuildCommDCBA
CreateThread
EscapeCommFunction
WaitForSingleObject
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
SetEvent
lstrlenA
FreeLibrary
WinExec
GetCurrentThreadId
CreateEventA
GetLocaleInfoA
GetVersion
GetTickCount
CloseHandle
Sleep
FindFirstFileA
FindClose
FindNextFileA
GetModuleFileNameA
IsBadWritePtr
IsBadReadPtr
GetWindowsDirectoryA
lstrcatA
GetTempPathA
FreeEnvironmentStringsA
GetTempFileNameA
GetCurrentThread

user32

DestroyIcon
GetSysColorBrush
GetClassNameA
GetSystemMenu
SetParent
GetTabbedTextExtentA
WindowFromPoint
wvsprintfA
CopyAcceleratorTableA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
DefFrameProcA
IsClipboardFormatAvailable
DestroyCursor
FindWindowA
InSendMessage
GetMenuStringA
InsertMenuA
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
TranslateAcceleratorA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
GetMenuCheckMarkDimensions
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
DestroyMenu
LoadAcceleratorsA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SystemParametersInfoA
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
MoveWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemInt
CheckDlgButton
ShowOwnedPopups
CharUpperA
LoadStringA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
LoadIconA
DrawIcon
MessageBoxA
IsZoomed
RemoveMenu
GetMenuState
DeleteMenu
InvertRect
SetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ValidateRect
IsWindow
GetParent
GetCapture
LoadMenuA
DrawFocusRect
ClientToScreen
SetCursorPos
AppendMenuA
CreateMenu
CopyRect
DdeAccessData
DdeUnaccessData
DdeCreateDataHandle
DdeCmpStringHandles
DdeInitializeA
DdeEnableCallback
DdeNameService
DdeUninitialize
DdeCreateStringHandleA
DdeFreeStringHandle
ScreenToClient
GetCursorPos
ClipCursor
LoadBitmapA
PeekMessageA
GetSysColor
PostQuitMessage
GetSystemMetrics
SetCursor
SendMessageA
PtInRect
SetCapture
GetKeyState
RegisterClipboardFormatA
ReleaseCapture
LoadCursorA
SetRect
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
EnableMenuItem
OffsetRect
GetClientRect
UnionRect
GetWindowRect
InflateRect
ReleaseDC
GetDC
MessageBeep
RedrawWindow
IsWindowVisible
IsRectEmpty
FillRect
IntersectRect
GetDesktopWindow
InvalidateRect
GetDCEx
LockWindowUpdate
GetDlgItemTextA
SetRectEmpty
EqualRect
EnableWindow
GetFocus
UpdateWindow
IsIconic
DdeGetData
wsprintfA
GetMessageA
TranslateMessage
DispatchMessageA
PostMessageA
SetTimer
KillTimer
RegisterWindowMessageA
PostThreadMessageA
DdeImpersonateClient
UnregisterClassA

gdi32

GetColorSpace
SetICMMode
SetICMProfileA
PatBlt
DPtoLP
GetPixel
CreatePen
CreateFontA
CreateCompatibleDC
Polygon
BitBlt
Ellipse
GetViewportExtEx
GetWindowExtEx
SelectObject
GetObjectA
GetCurrentObject
GetROP2
CreatePolyPolygonRgn
PolyBezier
SetPixel
GetTextMetricsA
GetGlyphOutlineA
EnumFontFamiliesA
CreateFontIndirectA
SelectClipRgn
GetClipRgn
CreateEllipticRgn
CreatePolygonRgn
PolyPolygon
PtInRegion
OffsetRgn
SetMetaFileBitsEx
GetMetaFileA
GetEnhMetaFileA
EnumEnhMetaFile
SetWinMetaFileBits
GetMetaFileBitsEx
SelectPalette
StretchDIBits
SetStretchBltMode
CreateDIBSection
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
GetDIBits
CreateEllipticRgnIndirect
CreateRoundRectRgn
RectInRegion
RoundRect
GetViewportOrgEx
CreateCompatibleBitmap
TextOutA
Polyline
GetStockObject
StretchBlt
ExtTextOutA
GetCharWidthA
GetCharABCWidthsA
GetLogColorSpaceA
EndPath
StrokePath
SetBrushOrgEx
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SetBkMode
SetPolyFillMode
SetROP2
SetViewportOrgEx
OffsetViewportOrgEx
GetMapMode
SetRectRgn
GetWindowOrgEx
AbortDoc
EndDoc
EndPage
StartPage
SetAbortProc
GetBkColor
GetNearestColor
GetTextColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
EnumMetaFile
GetBkMode
GetTextFaceA
GetTextExtentPoint32A
CopyMetaFileA
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
GetCurrentPositionEx
SetTextAlign
LineTo
MoveToEx
IntersectClipRect
ExcludeClipRect
CreateDCA
FrameRgn
CreateRectRgn
CreateBrushIndirect
DeleteMetaFile
DeleteEnhMetaFile
RealizePalette
SetMapMode
DeleteObject
LPtoDP
CreatePenIndirect
Rectangle
GetDeviceCaps
Escape
RectVisible
PtVisible
CreatePatternBrush
UnrealizeObject
CreateSolidBrush
CreateRectRgnIndirect
CombineRgn
BeginPath
GetRgnBox
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
PlayMetaFile

comdlg32

GetOpenFileNameA
ChooseFontA
GetSaveFileNameA
PrintDlgA
ChooseColorA
GetFileTitleA
CommDlgExtendedError

winspool.drv

EndDocPrinter
WritePrinter
StartDocPrinterA
DocumentPropertiesA
GetPrinterA
SetPrinterA
OpenPrinterA
ClosePrinter

advapi32

GetFileSecurityA
RegOpenKeyA
RevertToSelf
RegCloseKey
RegQueryValueA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegQueryValueExA
SetFileSecurityA
RegDeleteKeyA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA
ExtractIconA

comctl32

ord17
ImageList_Destroy

oledlg

ord1
ord3
ord7
ord5
ord8

ole32

StgOpenStorageOnILockBytes
GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
CreateStreamOnHGlobal
CreateItemMoniker
CreateGenericComposite
OleSetMenuDescriptor
CreateBindCtx
CoTaskMemAlloc
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoDisconnectObject
OleDuplicateData
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
CoTreatAsClass
StgCreateDocfileOnILockBytes
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
OleGetClipboard
OleLoad
OleQueryCreateFromData
OleIsCurrentClipboard
OleFlushClipboard
OleSetClipboard
ReleaseStgMedium
StgIsStorageFile
StgOpenStorage
StgCreateDocfile
CreateFileMoniker
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
OleInitialize

oleaut32

VariantClear
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate

hid

HidD_GetHidGuid
HidD_GetAttributes

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PTCODE
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 220KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PTDATA
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c3d3a747848357ac8f1826221c1926d

Headers

File Characteristics

Imports

setupapi

imm32

mscms

ltfil10n

ltimg10n

ltkrn10n

lttwn10n

ltdis10n

ltefx10n

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

hid

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

PTCODE Size: 4KB - Virtual size: 2KB

.rdata Size: 168KB - Virtual size: 167KB

.data Size: 220KB - Virtual size: 1.6MB

PTDATA Size: 4KB - Virtual size: 428B

.rsrc Size: 400KB - Virtual size: 400KB

.text Size: 76KB - Virtual size: 76KB

.text
Size: 1.6MB - Virtual size: 1.6MB

PTCODE
Size: 4KB - Virtual size: 2KB

.rdata
Size: 168KB - Virtual size: 167KB

.data
Size: 220KB - Virtual size: 1.6MB

PTDATA
Size: 4KB - Virtual size: 428B

.rsrc
Size: 400KB - Virtual size: 400KB

.text
Size: 76KB - Virtual size: 76KB