022ffd9b23c3df3ceb24c3c0e3d7aa25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

022ffd9b23c3df3ceb24c3c0e3d7aa25_JaffaCakes118
Size

776KB
MD5

022ffd9b23c3df3ceb24c3c0e3d7aa25
SHA1

030df04b35e1b415258a8a3692c32120215158a9
SHA256

e708a43f59261e20d39e193214e16ff3eb2f48cf66ea58392cfa7dca6c31d152
SHA512

4f6923ce8ab0dd6ea6c680f8e04ff46b9534ad5cf69fe230d4dca80609f7a89843cb9496790f1027df67fc84977780fc802a8f762efbde05f362ff766f3efa1d
SSDEEP

12288:5N09VGMc4HRZd/vR8jyahDcIcG2PLHt5uP+sgcQugcbF4rHY:5NGO4HRn6uaeqSC+shgK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
022ffd9b23c3df3ceb24c3c0e3d7aa25_JaffaCakes118

Files

022ffd9b23c3df3ceb24c3c0e3d7aa25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

56b25f786d34390b8bf0fdc8d6c643db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\assia\mekjq\olhkeeto\ebtxkqibhj\xaft.pdb

Imports

oleaut32

LoadTypeLi

kernel32

HeapCreate
GetLocalTime
CompareStringW
GlobalFree
GetOEMCP
UnhandledExceptionFilter
RtlUnwind
EnterCriticalSection
InterlockedDecrement
GetACP
GetModuleHandleA
SetUnhandledExceptionFilter
DeleteCriticalSection
GetFileAttributesA
GetCurrentDirectoryA
MulDiv
GetFullPathNameA
RaiseException
SetEnvironmentVariableA
VirtualQuery
CloseHandle
LCMapStringA
LeaveCriticalSection
FreeEnvironmentStringsW
TerminateProcess
WriteFile
SetFilePointer
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetProcAddress
HeapDestroy
LCMapStringW
CreateMutexA
GetSystemTime
SetHandleCount
GetFileType
VirtualAlloc
IsBadCodePtr
ReadFile
HeapReAlloc
GetCPInfo
GetModuleFileNameA
TlsAlloc
InitializeCriticalSection
GetVersion
TlsSetValue
MultiByteToWideChar
WideCharToMultiByte
GetStringTypeW
InterlockedIncrement
HeapFree
FindFirstFileA
FreeEnvironmentStringsA
QueryPerformanceCounter
GetStartupInfoA
TlsGetValue
SetStdHandle
GetCurrentProcess
LoadLibraryA
GetStringTypeA
ExitProcess
CompareStringA
GetTimeZoneInformation
SetLastError
GetCurrentProcessId
GetLastError
VirtualFree
GetEnvironmentStrings
HeapAlloc
GetCurrentThreadId
GetStdHandle
FlushFileBuffers
GetTickCount
InterlockedExchange
GetCommandLineA

advapi32

RegQueryValueExA
RegOpenKeyExA
OpenSCManagerA
CreateServiceA
RegDeleteValueA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenServiceA
ControlService

winmm

mixerSetControlDetails
mixerOpen
waveOutGetDevCapsA
mixerClose

ole32

StgOpenStorageOnILockBytes
WriteClassStg
OleDuplicateData
OleSaveToStream
CoFreeUnusedLibraries
CoRevokeClassObject
CLSIDFromProgID
CoTaskMemFree

shell32

ShellExecuteA
SHBrowseForFolderA

wsock32

WSACleanup

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

gdi32

CreateFontIndirectA
StretchBlt
GetTextFaceA
GetTextExtentPoint32W
TextOutW
RoundRect
BitBlt
SetTextAlign
ExtCreateRegion
CreateEllipticRgn
SetPixel
SetGraphicsMode
SelectClipRgn
PatBlt
FillPath
GetTextMetricsW
PolyBezier
CreateCompatibleDC
CreatePolygonRgn
EqualRgn
ExtCreatePen
GetBkColor
CombineRgn
SetWindowExtEx
SetWindowOrgEx
SetBkColor
Polyline
GetPixel
SetROP2
RealizePalette
SetPaletteEntries
DeleteDC
SetViewportExtEx
StretchDIBits
GetSystemPaletteEntries
SetStretchBltMode
GetNearestPaletteIndex
SaveDC
SetTextColor
GetTextCharsetInfo
ResizePalette
SetPolyFillMode
LineTo
GetCharABCWidthsW
SetDIBitsToDevice
CreatePen
GetWindowExtEx
GetGlyphOutlineA
GetClipRgn
Chord
GdiFlush
FillRgn
OffsetRgn
CreateBitmap
Arc
CreateDIBSection
GetDeviceCaps
GetRgnBox
GetTextMetricsA
SelectPalette
CreatePalette
GetStockObject
SelectObject
CreateFontIndirectW
Pie
CreateCompatibleBitmap
EndPath
BeginPath
MoveToEx
MaskBlt
StrokePath
PaintRgn
CreateRectRgnIndirect
CreateHatchBrush
SetBkMode
RestoreDC
CreateRectRgn
DeleteObject
GetDIBits
Ellipse
CreatePatternBrush
SetViewportOrgEx
GetRegionData
GetObjectA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_Remove
_TrackMouseEvent
ImageList_Destroy
ImageList_DragMove
ImageList_Create
ImageList_Add
ImageList_LoadImageA
ImageList_DragShowNolock
InitCommonControlsEx
ImageList_GetIconSize
ImageList_DragEnter
ImageList_Draw
ImageList_BeginDrag
ImageList_EndDrag
ImageList_SetBkColor
ImageList_GetIcon
ImageList_DragLeave
ImageList_GetImageInfo
ImageList_DrawEx

user32

DrawFocusRect
DrawTextA
GetDlgItem
UnregisterClassA
LockWindowUpdate
ReuseDDElParam
OffsetRect
GetActiveWindow
SetWindowTextA
EndDeferWindowPos
GetClientRect
GrayStringA
GetMessageTime
GetWindowTextLengthA
TranslateAcceleratorA
SendMessageA
CheckMenuItem
GetWindowLongA
InvalidateRect
WinHelpA
FillRect
ShowWindow
InflateRect
CreatePopupMenu
EndPaint
GetScrollRange
CharUpperA
SetWindowPos
wsprintfA
GetParent
CallWindowProcA
GetTopWindow
GetWindow
LoadAcceleratorsA
DefWindowProcA
GetSystemMetrics
SetRectEmpty
IsWindowEnabled
OpenClipboard
FindWindowA
LoadBitmapA
RegisterClassA
RegisterClassExA
UnionRect
RegisterWindowMessageA
LoadImageA
MessageBoxA
CreateCaret
TranslateMessage
LoadIconA
GetSubMenu
GetClassNameA
DrawFrameControl
CopyAcceleratorTableA
GetDC
SetCursorPos
BeginDeferWindowPos
DrawEdge
SetMenu
IsZoomed
DestroyIcon
ReleaseCapture
UpdateWindow
FrameRect
PeekMessageA
GetMenuItemInfoA
GetIconInfo
DestroyMenu
SetFocus
GetScrollInfo
SetCapture
SetMenuItemInfoA
GetKeyState
ScreenToClient
AppendMenuA
SetMenuItemBitmaps
CallNextHookEx
EnableMenuItem
SetWindowsHookExA
MessageBeep
DispatchMessageA
GetSysColor
EnumChildWindows
CharNextA
TrackPopupMenu
GetMenu
UnhookWindowsHookEx
SetDlgItemTextA
SetWindowLongA
GetClipboardData
GetCursorPos
LoadStringA
DrawIconEx
TrackPopupMenuEx
GetLastActivePopup
LoadCursorA
SetRect
InvalidateRgn
GetMenuCheckMarkDimensions
GetClipboardFormatNameA
EmptyClipboard
GetMessageA
CreateWindowExA
GetMenuStringA
IsWindowVisible
CreateDialogIndirectParamA
CopyIcon
DestroyCursor
KillTimer
ClientToScreen
BeginPaint
PostQuitMessage
GetMenuItemCount
RedrawWindow
GetWindowDC
HideCaret
DeferWindowPos
MapDialogRect
TabbedTextOutA
SetParent
SetTimer
GetClassLongA
GetNextDlgGroupItem
InsertMenuItemA
ReleaseDC
ModifyMenuA
IsMenu
DestroyWindow
IsChild
PostMessageA
GetFocus

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
ReplaceTextA
FindTextA

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

56b25f786d34390b8bf0fdc8d6c643db

Headers

File Characteristics

PDB Paths

Imports

oleaut32

kernel32

advapi32

winmm

ole32

shell32

wsock32

shlwapi

gdi32

comctl32

user32

comdlg32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 472KB - Virtual size: 470KB

.data Size: 104KB - Virtual size: 109KB

.rsrc Size: 120KB - Virtual size: 119KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 472KB - Virtual size: 470KB

.data
Size: 104KB - Virtual size: 109KB

.rsrc
Size: 120KB - Virtual size: 119KB