01539fd46ec292aedd5f4aebd1c2e864_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01539fd46ec292aedd5f4aebd1c2e864_JaffaCakes118
Size

130KB
MD5

01539fd46ec292aedd5f4aebd1c2e864
SHA1

e339bc72ae9e17f5089bb5f5323ec42a770917ea
SHA256

06001e097eb7d059223da2ab2eee4fbecc56b79473bb2c4a0fe76fa81c315d5a
SHA512

37c903b501f5a91e309228f515ebad105bf692191d99f2095ce0e87673466090ba1d520330062a95395ca47d697faeba3ff968d1fffcad127ebf5483fa937c88
SSDEEP

3072:/48nT1UmRVF9eXY8TyXppmpZWlAS2V2s/ck9yvZR3d2kP:/48T1UmRVFoI8TxWv/skkABR3d2kP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WinObjEx/WinObjEx.exe

Files

01539fd46ec292aedd5f4aebd1c2e864_JaffaCakes118
.zip
WinObjEx/ReadMe.txt
WinObjEx/WinObjEx.chm
.chm
WinObjEx/WinObjEx.exe
.exe windows:4 windows x86 arch:x86

4c1f849db5c1653a036a69b5a4fb55fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
GetVersionExA
LoadLibraryA
FormatMessageW
LocalAlloc
DuplicateHandle
GetModuleHandleA
GetProcAddress
LocalFree
LoadLibraryExA
GetSystemDirectoryA
FormatMessageA
lstrcpyA
GetVersion
SetHandleInformation
lstrcmpiA
SetLastError
lstrcatA
DeleteFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentDirectoryA
CreateFileA
WriteFile
CloseHandle
DeviceIoControl
FileTimeToSystemTime
FileTimeToLocalFileTime
lstrlenA
HeapAlloc
GetCurrentProcess
SetEvent
Sleep
CreateProcessA
GetModuleFileNameA
CreateEventA
OpenEventA
GetProcessHeap
WideCharToMultiByte
HeapReAlloc
MultiByteToWideChar
VirtualFree
Beep
VirtualAlloc
ExitProcess
GetCommandLineA
WaitForMultipleObjects
GetTickCount
SetUnhandledExceptionFilter
HeapFree
FreeLibrary
EnumResourceNamesA
OpenProcess
LCMapStringA
GetStringTypeW
SetFilePointer
GetStringTypeA
GetStdHandle
LCMapStringW
TerminateProcess
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
MulDiv
GetOEMCP
GetLastError

user32

SetScrollInfo
GetDesktopWindow
DialogBoxParamA
GetMenu
PostQuitMessage
GetWindowDC
GetMenuItemCount
GetSubMenu
OpenWindowStationW
GetScrollPos
ShowScrollBar
SetScrollPos
DrawTextW
InflateRect
DrawFocusRect
DrawEdge
IsRectEmpty
DestroyIcon
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
SetWindowTextW
EnumWindowStationsA
GetDlgItemTextA
OpenWindowStationA
EnumDesktopsA
SetDlgItemTextW
MessageBoxW
GetParent
SetDlgItemTextA
CloseWindowStation
ValidateRect
FillRect
SetForegroundWindow
LoadIconA
SendMessageW
EndDialog
DestroyMenu
SendDlgItemMessageA
EnableMenuItem
DestroyCursor
PtInRect
InvalidateRect
SetCapture
SetCursor
LoadImageA
UpdateWindow
GetSysColorBrush
DrawStateA
GetClassInfoExA
RegisterClassExA
GetWindowRect
SetWindowPos
GetDlgItem
CreateWindowExA
CallWindowProcA
GetWindowLongA
BeginPaint
DrawTextA
EndPaint
KillTimer
GetDC
ReleaseDC
GetFocus
SetWindowLongA
SendMessageA
GetCursorPos
GetClientRect
ScreenToClient
MapWindowPoints
MoveWindow
ShowWindow
DestroyWindow
ClientToScreen
SetFocus
PostMessageA
SetTimer
DefWindowProcA
UnregisterClassA
GetDoubleClickTime
LoadCursorA
GetSysColor
LoadBitmapA
LoadAcceleratorsA
RegisterClassA
CheckMenuItem
CheckMenuRadioItem
GetMenuState
GetSystemMetrics
SystemParametersInfoA
IntersectRect
EqualRect
OffsetRect
SetWindowPlacement
GetWindowPlacement
EnumWindows
GetWindowTextA
MessageBoxA
wsprintfW
wsprintfA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetWindowTextLengthA
GetWindowTextW
SetWindowTextA
EnableWindow
IsWindow
FindWindowA
GetWindowThreadProcessId
WaitForInputIdle
IsIconic
GetDlgCtrlID
GetAsyncKeyState
GetUserObjectInformationA
AppendMenuA
EnumChildWindows
CreatePopupMenu
WindowFromPoint
TrackPopupMenuEx
ReleaseCapture
FindWindowExA
DeleteMenu
GetPropA
SetPropA
SetMenuItemInfoA
RemovePropA
RemoveMenu
IsMenu
InsertMenuItemA
CopyRect
GetMenuStringA
GetMenuItemInfoA
GetIconInfo
FrameRect
DrawMenuBar
DrawIconEx

gdi32

GetObjectA
SelectObject
SetBkMode
GetStockObject
GetTextExtentPoint32A
GetTextMetricsA
SetTextColor
CreateFontA
DeleteDC
GetPixel
CreateCompatibleBitmap
CreateCompatibleDC
CreatePen
GetClipBox
GetTextColor
BitBlt
CreateBrushIndirect
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
GetDeviceCaps
CreateSolidBrush
SetBkColor
Rectangle
RestoreDC
SaveDC
SetPixel
DeleteObject
ExtTextOutA
CreateFontIndirectA

advapi32

MapGenericMask
StartServiceA
CreateServiceA
CloseServiceHandle
DeleteService
QueryServiceStatus
OpenServiceA
OpenSCManagerA
ControlService
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
GetKernelObjectSecurity
SetKernelObjectSecurity
EnumServicesStatusW
EnumDependentServicesA
OpenServiceW
RegOpenKeyExW
QueryServiceConfigA
AllocateAndInitializeSid
FreeSid
EqualSid
GetTokenInformation
OpenProcessToken
SetServiceStatus
RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
LookupPrivilegeValueA
StartServiceCtrlDispatcherA

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

ShellExecuteA
ShellExecuteExA

comctl32

ImageList_Create
ord17
ImageList_Draw
PropertySheetW
CreatePropertySheetPageW
ImageList_ReplaceIcon
ImageList_Destroy
InitCommonControlsEx
ImageList_GetIcon
ImageList_LoadImageA
ord6
ImageList_SetBkColor

ntdll

ZwQuerySection
ZwQueryDirectoryFile
ZwOpenSymbolicLinkObject
ZwQuerySemaphore
ZwQueryEvent
ZwQueryInformationFile
ZwQuerySymbolicLinkObject
ZwOpenDirectoryObject
ZwQueryDirectoryObject
ZwQueryObject
RtlTimeToTimeFields
ZwQueryTimer
ZwQueryMutant
ZwQueryKey
ZwQueryIoCompletion
ZwOpenSection
ZwOpenSemaphore
ZwOpenMutant
ZwOpenIoCompletion
ZwOpenJobObject
ZwOpenKey
RtlUnwind
ZwOpenEventPair
ZwCreateMutant
ZwClose
ZwQuerySystemInformation
ZwQueryInformationJobObject
ZwOpenFile
ZwOpenEvent
RtlInitUnicodeString

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c1f849db5c1653a036a69b5a4fb55fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

shell32

comctl32

ntdll

Sections

.text Size: 116KB - Virtual size: 114KB

.data Size: 28KB - Virtual size: 33KB

.rsrc Size: 148KB - Virtual size: 145KB

.text
Size: 116KB - Virtual size: 114KB

.data
Size: 28KB - Virtual size: 33KB

.rsrc
Size: 148KB - Virtual size: 145KB