fe9d8363c7fb000c03941c9ee26ace2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe9d8363c7fb000c03941c9ee26ace2c_JaffaCakes118
Size

3.0MB
MD5

fe9d8363c7fb000c03941c9ee26ace2c
SHA1

81c60916e5c021e36b0c54a6a7164c13b3cef9e1
SHA256

8a0bc61b278b80799cf1b22806e9e1026e2c7c66872a03e9e783c6163aa5eac7
SHA512

fce267fe111fb4c5ade3e56ac67b2866c95206b2a1f0fbbe7a1f09ef4d0575b26d7e6c6a33a364fd57f39bc083630bcbff98f264faaf92594dcc38aee03a41ba
SSDEEP

49152:tIB7XojBn0u1YVx3FDegVYgS9Vn3XDe+HiV:6ojBADTVkV3XDe+HiV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe9d8363c7fb000c03941c9ee26ace2c_JaffaCakes118

Files

fe9d8363c7fb000c03941c9ee26ace2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e14fd3f99e2a076e542e72fed98917cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetFileSecurityA
RegDeleteValueA
GetUserNameA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueA
RegCreateKeyA
GetFileSecurityA

mpr

WNetGetUserA

widge32

ord295
ord30
ord43
ord33
ord99
ord75

implode

explode
implode

kernel32

GetStartupInfoA
GetSystemTime
GetLocalTime
ExitProcess
RtlUnwind
GetTimeZoneInformation
LocalReAlloc
TlsSetValue
GetCPInfo
GetACP
RaiseException
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
TlsGetValue
GlobalFlags
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
IsBadCodePtr
VirtualFree
VirtualAlloc
VirtualLock
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryA
FindResourceA
lstrcpynA
Sleep
DeleteFileA
TlsAlloc
HeapDestroy
SizeofResource
InterlockedExchange
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
FindNextFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetStringTypeExA
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
FlushFileBuffers
DuplicateHandle
SetLastError
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
lstrcpyA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
lstrcmpA
lstrcatA
GlobalGetAtomNameA
InterlockedDecrement
InterlockedIncrement
LocalAlloc
GetVolumeInformationA
_lread
_lopen
_lclose
GetModuleHandleA
TerminateThread
CreateThread
DeviceIoControl
GetPrivateProfileIntA
WriteFile
ReadFile
SetFilePointer
UnlockFile
LockFile
WideCharToMultiByte
lstrlenW
FreeResource
GlobalHandle
MulDiv
CreateFileA
LocalFree
OutputDebugStringA
LoadResource
LockResource
MultiByteToWideChar
SearchPathA
DebugBreak
GlobalReAlloc
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalSize
FreeLibrary
GlobalAddAtomA
GetUserDefaultLCID
GetLocaleInfoA
GetFileAttributesA
SetCurrentDirectoryA
GetShortPathNameA
lstrlenA
GetPrivateProfileStringA
WritePrivateProfileStringA
FormatMessageA
GetVersionExA
GetDiskFreeSpaceA
GetModuleFileNameA
GlobalMemoryStatus
LoadLibraryA
GetProcAddress
GetTickCount
GetProfileStringA
GetDriveTypeA
SetErrorMode
WinExec
TerminateProcess
GetExitCodeProcess
GetProcessVersion
GetVersion
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
GetLastError
CreateMutexA
WaitForSingleObject
GetCurrentProcessId
ReleaseMutex
MapViewOfFile
OpenMutexA
VirtualQueryEx
HeapAlloc
GetCurrentProcess
OpenProcess
GetSystemInfo
GetProcessHeap
HeapFree
OpenFileMappingA
CreateFileMappingA
MapViewOfFileEx
UnmapViewOfFile
CloseHandle
SetStdHandle
GetCommandLineA
ExitThread
GetOEMCP

user32

MapWindowPoints
WaitMessage
GetWindowDC
TabbedTextOutA
GrayStringA
SetParent
IntersectRect
IsRectEmpty
CharUpperA
DestroyCursor
GetSysColorBrush
InsertMenuA
GetMenuStringA
DestroyIcon
CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
GetDCEx
LockWindowUpdate
InvertRect
GetTabbedTextExtentA
GetForegroundWindow
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
MapDialogRect
CreateWindowExA
SetWindowPos
DestroyWindow
TranslateMDISysAccel
DefMDIChildProcA
UnionRect
FrameRect
LoadBitmapA
HideCaret
SetRectEmpty
WinHelpA
EmptyClipboard
SetClipboardData
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
RegisterClipboardFormatA
DdeDisconnect
DdeCreateStringHandleA
DdeClientTransaction
DdeFreeStringHandle
DdeUninitialize
GetLastActivePopup
DefWindowProcA
LoadIconA
CopyRect
ShowScrollBar
LoadCursorA
BeginPaint
SetRect
EndPaint
InflateRect
DrawEdge
GetScrollPos
RemoveMenu
CreatePopupMenu
BringWindowToTop
ReuseDDElParam
SetCursor
UnpackDDElParam
DefFrameProcA
ClientToScreen
OffsetRect
SetMenuItemBitmaps
ModifyMenuA
GetCursorPos
WindowFromPoint
DispatchMessageA
TranslateMessage
PostQuitMessage
GetDesktopWindow
MoveWindow
GetSystemMetrics
PeekMessageA
SetCursorPos
ShowCursor
ClipCursor
SetScrollRange
SetScrollPos
GetClassNameA
EnumChildWindows
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetWindowLongA
GetSysColor
FillRect
CallWindowProcA
SendDlgItemMessageA
SetDlgItemInt
GetDlgItemInt
SetDlgItemTextA
GetWindowTextLengthA
GetDlgItemTextA
GetWindowTextA
SetWindowTextA
GetCapture
GetTopWindow
GetWindow
FindWindowA
PostThreadMessageA
GetWindowThreadProcessId
GetParent
IsWindowEnabled
WaitForInputIdle
IsWindow
MessageBeep
MessageBoxA
RedrawWindow
GetClientRect
IsZoomed
SetWindowLongA
SetActiveWindow
SetFocus
SetCapture
GetAsyncKeyState
RegisterWindowMessageA
GetDC
DrawTextA
ReleaseDC
InvalidateRect
IsIconic
SetForegroundWindow
ScreenToClient
IsWindowVisible
DeleteMenu
GetMenuItemCount
GetMenuItemID
IsMenu
GetMenuState
AppendMenuA
PostMessageA
DestroyMenu
GetMenu
wsprintfA
DrawMenuBar
TranslateAcceleratorA
LoadAcceleratorsA
ShowOwnedPopups
wvsprintfA
DrawFocusRect
LoadStringA
GetMenuCheckMarkDimensions
SetMenu
LoadMenuA
GetIconInfo
DrawIcon
IsChild
ChildWindowFromPoint
CheckMenuItem
GetWindowRect
UpdateWindow
GetKeyState
GetSystemMenu
EnableMenuItem
ReleaseCapture
GetDlgItem
ShowWindow
GetFocus
SendMessageA
KillTimer
SetTimer
EnableWindow
IsDialogMessageA
SystemParametersInfoA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
GetScrollRange
GetClassInfoA
RegisterClassA
GetSubMenu
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
PtInRect
GetMessageA
GetUpdateRect
ValidateRect
DrawTextExA
ShowCaret
ExcludeUpdateRgn
UnregisterClassA
IsWindowUnicode
DefDlgProcA

gdi32

SetBkMode
SelectObject
CreateDIBitmap
CreateCompatibleDC
EndPage
GetEnhMetaFileBits
CopyEnhMetaFileA
GetTextMetricsA
TextOutA
Escape
SetAbortProc
BitBlt
DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
PatBlt
GetStockObject
Rectangle
Polyline
SetPixel
Ellipse
Polygon
CreatePen
CreateSolidBrush
CreateRectRgn
Arc
LineTo
MoveToEx
RoundRect
ExtTextOutA
SetBkColor
SetTextColor
GetTextExtentPoint32A
DeleteEnhMetaFile
DeleteMetaFile
CreateEnhMetaFileA
CreateMetaFileA
CloseMetaFile
CloseEnhMetaFile
SetWindowExtEx
SetWindowOrgEx
GetMetaFileBitsEx
CopyMetaFileA
CreateICA
StartDocA
CreateDCA
EndDoc
GetTextExtentPointA
GetObjectA
GetEnhMetaFileDescriptionA
GetEnhMetaFileHeader
SetEnhMetaFileBits
EnumEnhMetaFile
CreatePenIndirect
GetCurrentObject
CreateBrushIndirect
PlayEnhMetaFileRecord
RestoreDC
SaveDC
SetWinMetaFileBits
GetMetaFileA
GetEnhMetaFileA
GetCharWidthA
GetCharABCWidthsA
CreateFontIndirectA
GetMapMode
SetTextAlign
GetTextCharacterExtra
CreateBitmap
StretchDIBits
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
SetRectRgn
CombineRgn
CreateRectRgnIndirect
DPtoLP
GetViewportOrgEx
LPtoDP
GetTextColor
GetBkColor
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetBkMode
GetROP2
GetTextFaceA
GetWindowOrgEx
DeleteDC
AbortDoc
StartPage

comdlg32

PrintDlgA
GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA
ChooseColorA
GetFileTitleA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

ExtractIconA
DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteA
SHGetFileInfoA

comctl32

ImageList_Add
ImageList_GetImageInfo
ImageList_GetImageCount
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

OleUninitialize
CoFreeUnusedLibraries
CoRevokeClassObject
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
WriteClassStm
OleFlushClipboard
OleIsCurrentClipboard
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CoCreateInstance
WriteClassStg
ReadClassStg
OleInitialize
CLSIDFromString
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
ReadClassStm

oleaut32

OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e14fd3f99e2a076e542e72fed98917cf

Headers

File Characteristics

Imports

advapi32

mpr

widge32

implode

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.rdata Size: 264KB - Virtual size: 264KB

.data Size: 93KB - Virtual size: 272KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.rdata
Size: 264KB - Virtual size: 264KB

.data
Size: 93KB - Virtual size: 272KB

.rsrc
Size: 3KB - Virtual size: 3KB