ff732ec01cb8123254aaab1da52d2ea3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff732ec01cb8123254aaab1da52d2ea3_JaffaCakes118
Size

273KB
MD5

ff732ec01cb8123254aaab1da52d2ea3
SHA1

740e822e0c01cbabd5a176c72f63d57ff7488bfc
SHA256

6828c8e0f7f6573c07c750965f9c5a444a0b22fea2406be3ecbb57d3a3a46adb
SHA512

792701c8d51da77ab8e7e55ce14de0339e556c694592fb154c8b98033257e7f43e31d7d108aed72c83a13b56efba42a588fce8abfdd74706f109e6524a3151e3
SSDEEP

6144:tn0BTwanQrYRLeY2zMdwrmflLzsEilTe:h0au1eY2zjmNL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff732ec01cb8123254aaab1da52d2ea3_JaffaCakes118

Files

ff732ec01cb8123254aaab1da52d2ea3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7dd76736fa3a40e3b13b461a4e5cd1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

ShellExecuteW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyW
OpenTraceW
RegCloseKey
RegEnumKeyW
RegOpenKeyExW

wininet

InternetGetLastResponseInfoW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetOpenW
InternetReadFile
GetUrlCacheEntryInfoExW

winspool.drv

DocumentPropertiesW
EnumPrinterDataW
OpenPrinterW
ClosePrinter

user32

SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
SetRect
GetWindowTextLengthW
GetWindowRect
GetWindowDC
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow
EqualRect
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawTextW
DrawTextExW
DispatchMessageW
DestroyWindow
DestroyMenu
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
GetWindowTextW
DefWindowProcW
CreateWindowExW
CopyRect
CopyAcceleratorTableW
ClientToScreen
CharUpperW
CharNextW
CallNextHookEx
BeginPaint
AdjustWindowRectEx

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathFindExtensionW

kernel32

lstrlenW
lstrcmpW
lstrcmpA
WritePrivateProfileStringW
WriteFile
WriteConsoleW
WriteConsoleA
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
UnlockFile
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TerminateProcess
Sleep
SizeofResource
SetUnhandledExceptionFilter
SetStdHandle
SetLastError
SetFilePointer
SetFileAttributesW
SetErrorMode
SetEnvironmentVariableA
RtlUnwind
ReadFile
RaiseException
QueryPerformanceCounter
MulDiv
LockResource
LockFile
LocalReAlloc
LocalFree
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsDebuggerPresent
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapReAlloc
HeapFree
HeapAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetBinaryTypeW
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindResourceW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExitProcess
EnumSystemLocalesA
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CloseHandle
CompareStringW
ConvertDefaultLocale
CreateDirectoryW

oleaut32

VariantCopy
SafeArrayDestroy
SysAllocString
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VarR8Pow
VariantTimeToSystemTime
VariantInit
OleCreateFontIndirect
VariantClear
VariantChangeType

comdlg32

GetFileTitleW
ChooseFontW

gdi32

TextOutW
StartPage
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkColor
SelectObject
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetMapMode
GetDeviceCaps
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap

oledlg

OleUIBusyW

ole32

StgCreateDocfileOnILockBytes
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoInitializeEx
CoRegisterChannelHook
CoRegisterMessageFilter
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
OleInitialize
OleIsCurrentClipboard
OleUninitialize

Sections

.text
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 148KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7dd76736fa3a40e3b13b461a4e5cd1e

Headers

File Characteristics

Imports

comctl32

shell32

advapi32

wininet

winspool.drv

user32

shlwapi

kernel32

oleaut32

comdlg32

gdi32

oledlg

ole32

Sections

.text Size: 57KB - Virtual size: 60KB

.rdata Size: 148KB - Virtual size: 152KB

.data Size: 37KB - Virtual size: 144KB

.idata Size: 8KB - Virtual size: 11KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 57KB - Virtual size: 60KB

.rdata
Size: 148KB - Virtual size: 152KB

.data
Size: 37KB - Virtual size: 144KB

.idata
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 21KB - Virtual size: 23KB