fdbb54479968a35e66fca8d151e3a386_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fdbb54479968a35e66fca8d151e3a386_JaffaCakes118
Size

364KB
MD5

fdbb54479968a35e66fca8d151e3a386
SHA1

fd686588db4b8e07641b7142a34bffbcb6df9204
SHA256

85d4cae4a83e18b83f3cbc8190952c150055987879e325fc7a2588e642826f5a
SHA512

3b42ba1e56daa66aa2799bb7eb9ea055475fcf668d0d40f9ccd11d3e3e39e1f9e56a268160226509ade77a9bba30e3f8f71534eab62dbb03c580ccef8e463497
SSDEEP

6144:nFAyTI3rFZdR0Mpahwjzu6Idikt1IbYU23hmZYS:nFA13BjR0P6jznIdiktysrhm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdbb54479968a35e66fca8d151e3a386_JaffaCakes118

Files

fdbb54479968a35e66fca8d151e3a386_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f188d8523226d1909e2f6a9ef36e7fb4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineA
SHSetValueW
SHSetValueA
SHDeleteValueA

kernel32

GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
SetLastError
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
DuplicateHandle
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
GetVolumeInformationA
GetStringTypeExA
GetShortPathNameA
LocalFileTimeToFileTime
SystemTimeToFileTime
SetErrorMode
GetTickCount
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DeleteCriticalSection
GetCommandLineA
ExitProcess
ExitThread
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
Sleep
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsAlloc
FormatMessageA
GetThreadLocale
MulDiv
GetDiskFreeSpaceA
SetFileTime
GetFullPathNameA
GetFileAttributesA
GlobalFree
GlobalAlloc
lstrcmpA
GetCurrentThread
FileTimeToSystemTime
SuspendThread
SetThreadPriority
lstrcmpiA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
TerminateProcess
FreeLibrary
lstrlenW
FindFirstFileW
FindFirstFileA
FindClose
GetModuleHandleA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OpenFileMappingA
OpenProcess
lstrcpynA
IsBadReadPtr
GlobalMemoryStatus
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetSystemInfo
RaiseException
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetCurrentProcess
OutputDebugStringA
SetFilePointer
VirtualQuery
lstrcpyA
SetUnhandledExceptionFilter
LocalAlloc
LocalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
HeapSize
FindResourceA
LoadResource
LockResource
InterlockedDecrement
GetModuleFileNameW
CreateFileW
ResumeThread
InterlockedIncrement
WaitForMultipleObjects
CreateEventA
CreateMutexA
CreateWaitableTimerA
GetVersionExA
GetTempPathA
GetTempFileNameA
DeleteFileA
WriteFile
InterlockedExchange
CreateThread
GetExitCodeThread
TerminateThread
GetCurrentProcessId
WaitForSingleObject
ResetEvent
SetEvent
ReleaseMutex
CancelWaitableTimer
SetWaitableTimer
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetWindowsDirectoryA
GetLongPathNameW
CreateProcessW
CreateProcessA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
CopyFileW
SetFileAttributesW
CopyFileA
SetFileAttributesA
GetShortPathNameW
GetSystemDirectoryA
GetModuleFileNameA
GetFileTime
GetSystemTimeAsFileTime
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetLastError
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
GetStartupInfoA

user32

PostThreadMessageA
RegisterClipboardFormatA
CharUpperA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
LoadStringA
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
ClientToScreen
PtInRect
GetClassNameA
EndDialog
CreateDialogIndirectParamA
CharNextA
FindWindowA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
MoveWindow
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
DispatchMessageA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
RegisterClassA
DestroyWindow
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
InvalidateRect
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetWindowTextA
EnumWindows
GetWindowThreadProcessId
wvsprintfA
wsprintfA
SetWindowPos
SystemParametersInfoA
AnimateWindow
GetWindowLongA
IsWindow
SendMessageA
DestroyIcon
EnableWindow
PostMessageA
UpdateWindow
LoadMenuA
GetSubMenu
GetCursorPos
TrackPopupMenu
DestroyMenu
CreateWindowExA
UnregisterClassA

gdi32

GetMapMode
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
GetObjectA
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetWindowExtEx
GetStockObject
GetDeviceCaps
GetBkColor
GetTextColor
DPtoLP
LPtoDP
CreateBitmap

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyA
RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegEnumKeyA
RegQueryValueA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
CryptReleaseContext
RegQueryValueExA
RegCloseKey
CryptDecrypt
CryptGetProvParam
CryptGetKeyParam
CryptGenKey
CryptExportKey
CryptImportKey
CryptDestroyKey
CryptAcquireContextA
CryptGenRandom

shell32

SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish
SHAppBarMessage

comctl32

ord17

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleInitialize
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
GetClassFile
CoInitialize
CoCreateInstance
CoUninitialize
OleIsCurrentClipboard
OleFlushClipboard
CoGetClassObject
CoTaskMemAlloc

olepro32

ord253

oleaut32

VariantTimeToSystemTime
SysAllocStringLen
SafeArrayGetUBound
SysFreeString
SysAllocString
VariantClear
VariantInit
SysStringLen
SafeArrayUnaccessData
SafeArrayGetLBound
VariantChangeType
SysAllocStringByteLen
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayAccessData

urlmon

URLDownloadToCacheFileA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

wininet

InternetOpenA
InternetCloseHandle
InternetGetConnectedState
DeleteUrlCacheEntry
HttpSendRequestA
InternetReadFile
InternetOpenUrlA
HttpOpenRequestA
InternetConnectA
HttpAddRequestHeadersA

Sections

.text
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f188d8523226d1909e2f6a9ef36e7fb4

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

version

wininet

Sections

.text Size: 256KB - Virtual size: 254KB

.rdata Size: 64KB - Virtual size: 61KB

.data Size: 24KB - Virtual size: 73KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 256KB - Virtual size: 254KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 24KB - Virtual size: 73KB

.rsrc
Size: 16KB - Virtual size: 12KB