0133d03188ce09d17b7e6f0b05bd70d7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0133d03188ce09d17b7e6f0b05bd70d7_JaffaCakes118
Size

212KB
MD5

0133d03188ce09d17b7e6f0b05bd70d7
SHA1

e3996579bba30ba9ec2765e923e8208a49904759
SHA256

7b2034825006be9b4215c7656d6d13fab289b57f35f8f42428e478506dcd8050
SHA512

7f3a74701b236fab171ade8991e36dba51aefe20ee01caa892408085eb5c2570520aa80347a18c98cd38d073a3a47bcb426a494553aac50bfcf0835c3ff97dbb
SSDEEP

3072:pfWybNrNhVdDQlz1PfC2bC9Pwr7NO/PM6q/mSgSKPRn4bzJRJ5/woBNQwb:pfW4NZMlz1PsZwr7NO84h4vJRJtLJb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0133d03188ce09d17b7e6f0b05bd70d7_JaffaCakes118

Files

0133d03188ce09d17b7e6f0b05bd70d7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

343c30ef8a903d7cf75d92be63e6bdf1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetDateFormatA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetSystemDefaultLangID
WideCharToMultiByte
GetCurrentThreadId
GetFileSize
GetLocalTime
GetComputerNameA
CreateDirectoryA
lstrlenA
FindFirstFileA
FindNextFileA
FindClose
RtlUnwind
LoadLibraryA
GetModuleFileNameA
GetVersion
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetLastError
GlobalUnlock
lstrcpyA
GlobalLock
GlobalAlloc
lstrcatA
GetProcAddress
SetStdHandle
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
SetEndOfFile
SetHandleCount
ReadFile
GlobalFree
GetCurrentProcess
GetCommandLineA
CloseHandle
FreeLibrary
WriteFile
CreateFileA
lstrcmpiA
DeleteFileA
CopyFileA
SetFilePointer
GetWindowsDirectoryA
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetFileType
lstrcmpA
OpenFile
GetEnvironmentStringsW
GetEnvironmentStrings

user32

SendMessageA
wsprintfA
SetWindowTextA
GetDesktopWindow
SetWindowPos
GetSystemMetrics
SetFocus
GetFocus
EndDialog
EndPaint
BeginPaint
GetParent
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItemTextA
CheckRadioButton
GetDlgItem
DialogBoxParamA
ReleaseDC
GetDC
BringWindowToTop
ShowWindow
IsChild
SetWindowsHookExA
WinHelpA
PostQuitMessage
PostMessageA
FindWindowA
LoadIconA
RegisterClassExA
TranslateMessage
DispatchMessageA
GetMessageA
CreateWindowExA
GetClassInfoA
RegisterClassA
LoadCursorA
SetCursor
MessageBoxA
EnableWindow
InvalidateRect
UpdateWindow
SetTimer
CallNextHookEx
GetDlgCtrlID
DefWindowProcA
UnregisterClassA
DrawTextExA
KillTimer
CreateDialogParamA
DestroyWindow
GetWindowRect
CallWindowProcA
GetWindowLongA
GetClientRect
IsWindowEnabled

gdi32

StartPage
SetPixel
CreatePalette
GetObjectA
DeleteDC
StretchBlt
SetStretchBltMode
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
TextOutA
GetTextExtentPoint32A
SetBkMode
SetTextColor
CreateDIBitmap
RealizePalette
SelectPalette
GetStockObject
GetPixel
EndDoc
EndPage
StretchDIBits
StartDocA
GetDeviceCaps
DeleteObject
BitBlt
CreateFontIndirectA

comdlg32

GetSaveFileNameA
CommDlgExtendedError
GetOpenFileNameA
PrintDlgA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

SHGetMalloc
SHAppBarMessage
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

ord17
InitCommonControlsEx

winmm

timeGetTime
mciSendCommandA
mmioOpenA
mmioDescend
mmioSeek
mmioCreateChunk
mmioRead
mmioWrite
mmioAscend
mmioClose

msacm32

acmDriverOpen
acmDriverDetailsA
acmDriverEnum
acmDriverClose
acmStreamClose
acmStreamUnprepareHeader
acmStreamPrepareHeader
acmStreamSize
acmStreamOpen
acmFormatSuggest
acmMetrics
acmStreamConvert

japi

_Close_JPEG_Compressor@0
_Init_JPEG_Compressor@4
_Start_JPEG_Compress@16
_Compress_One_Line@8
_End_JPEG_Compress@0
_Init_JPEG_Decompressor@4
_Start_JPEG_Decompress@16
_End_JPEG_Decompress@0
_Close_JPEG_Decompressor@0
_Decompress_One_Line@4

japi2

_Decompress_One_Line_IJG@4
_End_JPEG_Decompress_IJG@0
_Start_JPEG_Decompress_IJG@16
_Init_JPEG_Decompressor_IJG@4
_Close_JPEG_Decompressor_IJG@0

superpixelsengine

_OpenSuperPixelsModule@8
_ApplySuperPixelsEngine@8
_CloseSuperPixelsModule@0

Exports

Exports

Acquire
CheckTwainInterface
InitTwain
SelectSource

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

343c30ef8a903d7cf75d92be63e6bdf1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

msacm32

japi

japi2

superpixelsengine

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 244KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 244KB

.rsrc
Size: 36KB - Virtual size: 33KB