03976348aa5d0e721d9a414fcbe8afa1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03976348aa5d0e721d9a414fcbe8afa1_JaffaCakes118
Size

224KB
MD5

03976348aa5d0e721d9a414fcbe8afa1
SHA1

3165747d0e1532092d87a8405b27e591faacfd9c
SHA256

d3905e67933a8f6f8891a0751a39caa36c5b39d4c99e188b46e04cd54baf3e43
SHA512

905d3fdc26ef0ff70219af0fe7bb73746b25326a4e3945a7edc25cb098843ca98b4cccf931f8c009dbcbcf8f63a142845d49e51352f37304ac6967173cc124e2
SSDEEP

6144:yvGxS6pg4xeWf3Bs+WTmDeFjykAd1dSbo108TyCO39OYM:yvGx5GAkCe8d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03976348aa5d0e721d9a414fcbe8afa1_JaffaCakes118

Files

03976348aa5d0e721d9a414fcbe8afa1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba0227038fe4048dd4a1b65f293d39ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\CAYFES\JBOHF\YGDD\SXY.PDB

Imports

oleaut32

LoadTypeLi

winmm

mmioClose
mmioDescend
mmioRead
mmioSeek
mmioWrite
mmioOpenA

advapi32

ControlService
OpenThreadToken
RegQueryValueExA
SetSecurityDescriptorOwner
GetLengthSid
RegOpenKeyA
GetTokenInformation
RegQueryValueA
AllocateAndInitializeSid
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
RegOpenKeyExA
CreateServiceA
DeleteService
CloseServiceHandle
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
RegCloseKey
RegEnumKeyA
RegDeleteKeyA

kernel32

GetSystemTimeAsFileTime
GetStringTypeW
GetVersion
CompareStringW
WideCharToMultiByte
GetCurrentProcess
WriteFile
GetStartupInfoA
GetOEMCP
HeapFree
GetACP
VirtualAlloc
EnterCriticalSection
GetStringTypeA
HeapDestroy
LCMapStringW
GetModuleHandleA
GetCurrentProcessId
CloseHandle
InitializeCriticalSection
CreateMutexA
VirtualQuery
GetModuleFileNameA
DeleteCriticalSection
RtlUnwind
HeapReAlloc
TlsGetValue
GetCommandLineA
InterlockedExchange
GetLocalTime
TlsAlloc
InterlockedDecrement
GetCurrentThread
SetStdHandle
FatalAppExitA
GetTickCount
GetProcAddress
SetHandleCount
LCMapStringA
GetFileType
FreeEnvironmentStringsW
QueryPerformanceCounter
SetEnvironmentVariableA
IsBadWritePtr
GetCurrentThreadId
FlushFileBuffers
TlsSetValue
ReadFile
HeapCreate
GetCPInfo
GetLastError
MultiByteToWideChar
HeapAlloc
FreeEnvironmentStringsA
GetStdHandle
TerminateProcess
SetLastError
ExitProcess
TlsFree
GetEnvironmentStrings
SetFilePointer
CompareStringA
VirtualFree
GetTimeZoneInformation
LeaveCriticalSection
InterlockedIncrement
UnhandledExceptionFilter
LoadLibraryA
GetEnvironmentStringsW
GetSystemTime

gdi32

MoveToEx
CreateSolidBrush
FillRgn
SetWindowOrgEx
GetTextFaceA
SetPolyFillMode
Escape
ExtFloodFill
SetStretchBltMode
SetBkMode
RestoreDC
SelectClipRgn
SetViewportOrgEx
GetNearestColor
CreatePen
SetDIBColorTable
StretchDIBits
BitBlt
SetTextAlign
GetTextCharsetInfo
RealizePalette
CreateDIBSection
CreateCompatibleBitmap
RectVisible
SetPixelV
GetPaletteEntries
GetTextMetricsA
SetROP2
DeleteObject
GetRgnBox
CreateBitmap
GetBkColor
SelectPalette
OffsetWindowOrgEx
Rectangle
GetDeviceCaps
CreateCompatibleDC
CreateDCA
SetWindowExtEx
PatBlt
SaveDC

ole32

CoRegisterMessageFilter
CoTaskMemFree
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoGetClassObject
OleRegGetUserType
CreateBindCtx
CoRegisterClassObject
OleGetClipboard
CoCreateInstance
ReleaseStgMedium
CreateItemMoniker

user32

EnableWindow
TrackPopupMenuEx
GetWindowThreadProcessId
GetScrollPos
GetTopWindow
GetSubMenu
CharUpperA
ClientToScreen
ScreenToClient
ShowScrollBar
EqualRect
DrawStateA
GetWindowTextA
AdjustWindowRectEx
PostThreadMessageA
IsChild
SetWindowRgn
PostQuitMessage
UnregisterClassA
PeekMessageA
GetActiveWindow
GetParent
CopyAcceleratorTableA
UnionRect
EndPaint
DestroyWindow
CloseClipboard
SetWindowLongA
GetWindowTextLengthA
RegisterClassA
HideCaret
SetCapture
OpenClipboard
GetClassNameA
SetMenuDefaultItem
GetMessageA
DestroyCursor
GetMessagePos
KillTimer
WinHelpA
LoadIconA
GrayStringA
GetIconInfo
CopyRect
EnumWindows
TrackPopupMenu
GetMenuStringA
SetRectEmpty
ValidateRect
SetForegroundWindow
SetWindowPos
RemovePropA
GetDlgItem
PtInRect
GetCapture
GetDlgCtrlID
MessageBoxA
ShowCaret
SetClipboardData
IsWindowEnabled
CreateDialogIndirectParamA
LoadMenuA
TranslateMessage
DrawIcon
IsRectEmpty
ModifyMenuA
CharNextA
ReleaseCapture
SetWindowContextHelpId
SetCursor
GetLastActivePopup
ReuseDDElParam
OffsetRect
SetActiveWindow
GetMessageTime
ReleaseDC
UpdateWindow
DefWindowProcA
DestroyIcon
RegisterClipboardFormatA
GetClientRect
IsClipboardFormatAvailable
IsWindowVisible
LoadStringA
SetWindowTextA
GetAsyncKeyState
EnableMenuItem
GetSysColorBrush
SetFocus
GetMenuItemCount
SetWindowsHookExA
BeginPaint
CreatePopupMenu
GetDesktopWindow
GetForegroundWindow
wvsprintfA
GetWindowDC
TabbedTextOutA
IsDialogMessageA
GetKeyState
DestroyAcceleratorTable
IsWindow
FillRect
UnhookWindowsHookEx
InflateRect
GetMenu
GetMenuState
WindowFromPoint
CreateIconIndirect
DrawTextA
ShowWindow
SendMessageA
GetSystemMenu
GetScrollInfo
GetCursorPos
SystemParametersInfoA
GetClassInfoA
SetTimer
SetRect
ScrollWindowEx
InvalidateRgn
DrawEdge
CheckMenuItem
FrameRect
GetWindowRect
SetMenuItemBitmaps
GetWindowLongA
GetNextDlgGroupItem
MsgWaitForMultipleObjects
CreateWindowExA
SetDlgItemTextA
GetFocus
DestroyMenu
GetSystemMetrics
RegisterClassExA
DrawMenuBar
EndDeferWindowPos
GetClassLongA
SetScrollRange
GetDC
MapDialogRect
GetDCEx
GetMenuItemID
GetWindowPlacement
MapWindowPoints
IsIconic
DrawFocusRect
DrawFrameControl
EndDialog
InvertRect
wsprintfA
GetWindow
LockWindowUpdate
SendDlgItemMessageA
BeginDeferWindowPos
LoadBitmapA
RedrawWindow
PostMessageA
SetParent
LoadCursorA

shell32

SHGetFileInfoA
SHGetDesktopFolder
DragFinish
Shell_NotifyIconA
ShellExecuteA
SHBrowseForFolderA

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba0227038fe4048dd4a1b65f293d39ef

Headers

File Characteristics

PDB Paths

Imports

oleaut32

winmm

advapi32

kernel32

gdi32

ole32

user32

shell32

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 48KB - Virtual size: 60KB

.rsrc Size: 44KB - Virtual size: 41KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 48KB - Virtual size: 60KB

.rsrc
Size: 44KB - Virtual size: 41KB