fa710176688d78f6204cd6b0515c1dd5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa710176688d78f6204cd6b0515c1dd5_JaffaCakes118
Size

228KB
MD5

fa710176688d78f6204cd6b0515c1dd5
SHA1

297064510ddcb15c1da070efcc02d864336bef79
SHA256

4fad00a0fda565917f75f3d09acba993da5fa2c12bcbe47eff788c58209571f7
SHA512

534480a92d516f6e828ae172785b2c03b7bbdc88b147a27f1c9bbc5ee56bf3595153fa5fc14ee4ce77d5f7d36b249b7adece3228b7e572bd96ee15b350720f61
SSDEEP

3072:76LiGhAOAvg75x6/iLInV1aJSUZBXcnGWFmM7AKiDF2Nw4uBGHHqTL3e71EC:+LiG0G5o9nVGvZBXcnNmKA2o/3e7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa710176688d78f6204cd6b0515c1dd5_JaffaCakes118

Files

fa710176688d78f6204cd6b0515c1dd5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e94102ef9a657d347dfa11e43b65bb2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\jian.pdb

Imports

shlwapi

PathAppendA
PathFileExistsA
PathIsUNCA

user32

GetMenuItemID
OpenClipboard
GetScrollRange
DestroyCursor
GetSystemMetrics
PtInRect
GetClassNameA
PostQuitMessage
ShowWindow
MessageBoxA
SendDlgItemMessageA
GetMenuItemInfoA
RegisterClassA
GetMenuStringA
GetForegroundWindow
GetWindowTextA
CreatePopupMenu
SetTimer
MoveWindow
GetWindowLongA
LoadAcceleratorsA
GetWindowTextLengthA
IntersectRect
FrameRect
RedrawWindow
PostMessageA
IsZoomed
CreateWindowExA
GetMenuItemCount
GetCursorPos
GetSubMenu
PostThreadMessageA
BeginDeferWindowPos
OffsetRect
SetClipboardData
GrayStringA
SetRect
SetWindowPos
EndPaint
GetSysColorBrush
CharNextA
IsWindowVisible
TranslateAcceleratorA
CallWindowProcA
MessageBeep
GetCaretPos
EndDeferWindowPos
EqualRect
InflateRect
GetDesktopWindow
GetWindowRect
EmptyClipboard
GetLastActivePopup
SetCaretPos
IsChild
GetScrollPos
DrawTextExA
DestroyIcon
GetClassLongA
GetMenuState
ScreenToClient
GetDlgItemInt
DrawIconEx
GetClientRect
DrawEdge
GetSystemMenu
EndDialog
EnumWindows
LoadBitmapA
DrawFrameControl
IsWindowEnabled
IsMenu
GetWindow
SetCapture
CreateMenu
IsDialogMessageA
BeginPaint
IsIconic
AdjustWindowRectEx
TrackPopupMenu
ReleaseCapture
LoadCursorA
DestroyWindow
IsDlgButtonChecked
SetWindowTextA
InsertMenuA
CheckDlgButton
ScrollWindowEx
GetWindowPlacement
DefWindowProcA
GetDC
EnumChildWindows
UnhookWindowsHookEx
LoadIconA
KillTimer
RegisterClassExA
TranslateMessage
SetWindowLongA
WindowFromPoint
SetRectEmpty
SetCursor
GetSysColor

winmm

waveOutWrite
mixerGetNumDevs
waveInGetNumDevs
mixerOpen
mmioOpenA
waveOutPrepareHeader
mixerGetLineInfoA
mmioDescend
mixerGetControlDetailsA
PlaySoundA
mmioRead
mixerSetControlDetails
mmioClose
waveOutGetNumDevs
mixerGetLineControlsA
mixerClose

comctl32

InitCommonControlsEx
ImageList_DragEnter
ImageList_BeginDrag
ImageList_AddMasked
ImageList_DragMove
ImageList_DragShowNolock
PropertySheetA
ImageList_DrawEx
ImageList_Remove
ImageList_GetIconSize
ImageList_Destroy
ImageList_LoadImageA
ImageList_EndDrag
ImageList_GetImageCount
_TrackMouseEvent
ImageList_DragLeave
ord17
ImageList_GetImageInfo
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_Create
ImageList_ReplaceIcon
ImageList_Draw
CreatePropertySheetPageA

advapi32

RegDeleteKeyA
RegQueryValueA
RegQueryValueExA
LookupPrivilegeValueA
OpenSCManagerA
OpenProcessToken
RegCloseKey
RegEnumKeyA
RegOpenKeyA

kernel32

GetCurrentThreadId
WideCharToMultiByte
ReadFile
ExitProcess
GetCurrentProcess
CreateMutexA
GetEnvironmentStringsW
VirtualQuery
TerminateProcess
HeapReAlloc
VirtualAlloc
GetStringTypeW
HeapFree
CompareStringW
SetLastError
GetLastError
GetSystemTime
HeapCreate
InitializeCriticalSection
GetFileType
GetCurrentProcessId
InterlockedDecrement
MultiByteToWideChar
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
SetEnvironmentVariableA
GetStringTypeA
LoadLibraryA
GetACP
EnterCriticalSection
InterlockedExchange
FlushFileBuffers
GetTimeZoneInformation
WriteFile
GetModuleFileNameA
GetCommandLineA
GetSystemTimeAsFileTime
FreeEnvironmentStringsW
HeapDestroy
SetStdHandle
SetHandleCount
TlsGetValue
LeaveCriticalSection
LCMapStringW
CompareStringA
IsBadCodePtr
GetEnvironmentStrings
InterlockedIncrement
DeleteCriticalSection
QueryPerformanceCounter
RaiseException
VirtualFree
RtlUnwind
GetModuleHandleA
GetStdHandle
GetProcAddress
SetFilePointer
GetCPInfo
HeapAlloc
GetTickCount
GetLocalTime
TlsSetValue
GetStartupInfoA
CloseHandle
FreeEnvironmentStringsA
GetOEMCP
GetVersion

gdi32

Ellipse
GetNearestPaletteIndex
CreateEllipticRgnIndirect
GetTextExtentPointA
SetViewportExtEx
SelectPalette
ExcludeClipRect
ResizePalette
GetBoundsRect
CreateHatchBrush
CloseMetaFile
TextOutA
GetStockObject
UnrealizeObject
MoveToEx
OffsetClipRgn
SetROP2
GetRgnBox
ScaleViewportExtEx
CreateMetaFileA
SetMapMode
Polyline
Arc
Rectangle
CreateRectRgn
ScaleWindowExtEx
Escape
RealizePalette
CreateBitmap
CreateFontA
GetTextAlign
RectVisible
StrokeAndFillPath
GetClipBox
LPtoDP
RectInRegion
SetTextCharacterExtra
DeleteObject
FillRgn
CreateCompatibleBitmap
LineTo
SetBitmapBits
CreateCompatibleDC
BitBlt
RestoreDC
SelectObject
GetDCOrgEx
GetObjectA
CreateBrushIndirect
GetViewportExtEx
GetObjectType
GetTextExtentPoint32A
SetPixelV
CreatePen
GetCurrentObject
SetTextAlign
CreateBitmapIndirect
GetPaletteEntries
OffsetViewportOrgEx
GetPixel
CloseFigure
GetBkMode
SaveDC
Chord
SetWindowExtEx
CopyMetaFileA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ord155
SHBrowseForFolderA

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e94102ef9a657d347dfa11e43b65bb2e

Headers

File Characteristics

PDB Paths

Imports

shlwapi

user32

winmm

comctl32

advapi32

kernel32

gdi32

shell32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 60KB - Virtual size: 61KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 60KB - Virtual size: 61KB

.rsrc
Size: 20KB - Virtual size: 19KB