fabcec0f05941ab0849b616ed84c3e80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fabcec0f05941ab0849b616ed84c3e80_JaffaCakes118
Size

352KB
MD5

fabcec0f05941ab0849b616ed84c3e80
SHA1

444a03ed3d18b615df5cec21b1ae2e37df9f63d1
SHA256

ede6606d26c25910d867e730c277b1d3f922f72d9f63243445c6076f07ce4ec9
SHA512

8809e06293729f1fa70e151fb83b3d5822d291d08a06b60c71d423327f105bcbb38cf5097378c88613a066e9c7aa641d07f9609ffada1b9ee631d95a04bec2e2
SSDEEP

6144:yzv9s9pNigAOzKVqL1Gm0gFgY6vore+9nVz:y/ghKqf0ieaZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fabcec0f05941ab0849b616ed84c3e80_JaffaCakes118

Files

fabcec0f05941ab0849b616ed84c3e80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9505fb7d44fdf6a1b63678bf72495d39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameW
InterlockedDecrement
CreateThread
GetTimeZoneInformation
GlobalMemoryStatusEx
WinExec
EnumResourceNamesW
VirtualFreeEx
WriteProcessMemory
ReadProcessMemory
VirtualAllocEx
SystemTimeToTzSpecificLocalTime
GetPrivateProfileSectionNamesW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetFileSize
DeviceIoControl
CancelIo
GetLogicalDriveStringsW
GetSystemTime
WaitForMultipleObjects
CreatePipe
GetStdHandle
DuplicateHandle
CreateMutexW
ReleaseMutex
GetCommandLineW
GetExitCodeProcess
ProcessIdToSessionId
HeapAlloc
GetEnvironmentVariableW
Process32FirstW
LoadResource
HeapFree
GetProcessHeap
FindResourceW
WTSGetActiveConsoleSessionId
LockResource
Process32NextW
SizeofResource
lstrcpyW
CreateToolhelp32Snapshot
OpenProcess
MoveFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FreeLibrary
QueryPerformanceCounter
QueryPerformanceFrequency
GetModuleFileNameW
SetUnhandledExceptionFilter
VirtualQuery
GetCurrentProcessId
LoadLibraryW
GetCurrentThreadId
ExitProcess
SetEndOfFile
GetFileTime
GetLocaleInfoW
SetEnvironmentVariableW
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
LocalAlloc
SetLastError
GetLastError
WaitForSingleObject
LocalFree
GetCurrentDirectoryW
SetEvent
RemoveDirectoryW
SetEnvironmentVariableA
SetFilePointer
GetStartupInfoW
EnterCriticalSection
SetThreadPriority
ResetEvent
CopyFileW
LeaveCriticalSection
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
GetFileSizeEx
GetCurrentThread
GetTempFileNameW
FindNextFileW
GetProcAddress
GlobalAlloc
LoadLibraryA
DeleteFileW
ReadFile
Sleep
SetFilePointerEx
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
FindClose
GetVersionExW
CreateEventW
GlobalLock
GetTempPathW
GetThreadPriority
GetFileAttributesW
CreateProcessW
CreateDirectoryW
GlobalFree
WriteFile
FindFirstFileW
CreateFileW
GlobalUnlock
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
CompareStringW
CompareStringA
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RaiseException
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
VirtualAlloc
GetConsoleMode
GetConsoleCP
RtlUnwind
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetModuleFileNameA
HeapCreate
HeapDestroy
HeapReAlloc

advapi32

RegDeleteValueW
RegOpenKeyExW
RegDeleteKeyW
RegSetKeySecurity
LookupPrivilegeValueW
GetAce
GetSidLengthRequired
InitializeSid
OpenProcessToken
GetSidSubAuthority
RegCreateKeyExW
RegQueryValueExW
InitializeAcl
InitializeSecurityDescriptor
RegRestoreKeyW
RegSaveKeyW
AddAccessAllowedAce
AdjustTokenPrivileges
SetSecurityDescriptorDacl
SetFileSecurityW
DuplicateTokenEx
RegEnumValueW
RegOpenKeyW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCloseKey

comctl32

PropertySheetW
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
CreateToolbarEx
_TrackMouseEvent
ord17

gdi32

DeleteObject
CreateFontW
DeleteDC
GetStockObject
CreateDIBitmap
CreateFontIndirectW
GetObjectW
CreateSolidBrush
SetTextColor
GetCurrentObject
TextOutW
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
SetBkColor
CreatePen
LineTo
MoveToEx
ExtTextOutW
CreateCompatibleBitmap
SetTextAlign
SetBkMode
CreateDIBSection
GetViewportExtEx
GetWindowExtEx
SetWindowExtEx
SetViewportExtEx
CreatePatternBrush
StretchBlt
SelectObject

msacm32

acmDriverDetailsW
acmDriverClose
acmFormatEnumW
acmFormatDetailsW
acmStreamClose
acmStreamConvert
acmFormatTagEnumW
acmStreamUnprepareHeader
acmDriverEnum
acmStreamOpen
acmStreamPrepareHeader
acmStreamSize
acmDriverOpen

ole32

CoUninitialize
CoCreateInstance
CoTaskMemAlloc
CoInitializeSecurity
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear
SysFreeString
OleLoadPicturePath
OleLoadPicture

shell32

SHBrowseForFolderW
SHGetFolderPathW
ShellExecuteExW
SHGetMalloc
Shell_NotifyIconW
CommandLineToArgvW
SHChangeNotify
ShellExecuteW
SHGetPathFromIDListW

shlwapi

SHDeleteKeyW
SHDeleteEmptyKeyW

user32

RemovePropW
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
OpenClipboard
TranslateMessage
ScreenToClient
GetDC
SetMenuDefaultItem
GetMessageW
CreateDialogIndirectParamW
IsWindow
DrawTextW
AppendMenuW
wsprintfW
FillRect
FrameRect
InvalidateRect
GetScrollInfo
DrawIconEx
SetScrollInfo
UnhookWindowsHookEx
SetWindowsHookExW
CallNextHookEx
DrawEdge
InflateRect
GetWindowTextW
DrawFocusRect
GetIconInfo
DrawStateW
DialogBoxIndirectParamW
EndDialog
IsDialogMessageW
EnableWindow
CreateDialogParamW
GetDlgCtrlID
ClientToScreen
MapDialogRect
InsertMenuItemW
GetWindowThreadProcessId
BeginPaint
GetWindowPlacement
UpdateWindow
InsertMenuW
SetWindowPlacement
GetMenu
PostQuitMessage
EndPaint
SetForegroundWindow
SetMenuItemInfoW
FindWindowExW
GetSubMenu
IsZoomed
MsgWaitForMultipleObjects
LoadIconW
GetSysColorBrush
SetActiveWindow
ModifyMenuW
GetClassNameA
GetClassNameW
CheckMenuItem
IsWindowVisible
GetFocus
GetDlgItemInt
CallWindowProcW
GetKeyNameTextW
MapVirtualKeyW
GetKeyState
GetDesktopWindow
GetSysColor
LoadCursorW
SetWindowPos
GetWindowDC
ReleaseDC
IsCharAlphaW
GetPropW
SetPropW
PeekMessageW
FlashWindowEx
DispatchMessageW
SetFocus
SendDlgItemMessageW
EnableMenuItem
GetDlgItemTextW
GetClientRect
DestroyMenu
DestroyWindow
MessageBoxW
MoveWindow
GetCursorPos
KillTimer
GetParent
GetDlgItem
PostMessageW
GetWindowRect
SendMessageW
SetWindowTextW
CreatePopupMenu
DialogBoxParamW
IsIconic
SetTimer
SetDlgItemTextW
ShowWindow
TrackPopupMenu
IsDlgButtonChecked
LoadImageW
SetWindowLongW
DestroyIcon
RegisterClassW
SendMessageTimeoutW
CreateWindowExW
CheckDlgButton
GetWindowLongW
DefWindowProcW
SetCursor
GetCursor
FindWindowW
WaitForInputIdle

winmm

waveOutRestart
waveOutOpen
waveOutPrepareHeader
waveOutPause
waveOutUnprepareHeader
waveOutClose
waveOutReset
waveOutWrite
waveOutGetNumDevs
waveInGetNumDevs

ws2_32

WSACleanup
closesocket
htons
inet_addr
gethostbyname
WSAStartup
connect
getsockopt
ioctlsocket
ntohs
__WSAFDIsSet
WSAGetLastError
select
socket
recv
setsockopt
send

msimg32

GradientFill

iphlpapi

GetAdaptersAddresses

wininet

InternetQueryOptionW

gdiplus

GdipGetImageEncodersSize
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders

Sections

.rdata
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 356KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9505fb7d44fdf6a1b63678bf72495d39

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

gdi32

msacm32

ole32

oleaut32

shell32

shlwapi

user32

winmm

ws2_32

msimg32

iphlpapi

wininet

gdiplus

Sections

.rdata Size: 172KB - Virtual size: 172KB

.data Size: 356KB - Virtual size: 544KB

.rsrc Size: 228KB - Virtual size: 228KB

.rdata
Size: 172KB - Virtual size: 172KB

.data
Size: 356KB - Virtual size: 544KB

.rsrc
Size: 228KB - Virtual size: 228KB