0252943605003f18b33010491a1a95b6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0252943605003f18b33010491a1a95b6_JaffaCakes118
Size

345KB
MD5

0252943605003f18b33010491a1a95b6
SHA1

01158e7529b21878460285a6dac6d0d1979045e2
SHA256

2959e936b6e7e13a436a2abf4c6d258523924fb625d40544789126c7f54733b4
SHA512

72e6bcc04a80a9bcb277bef5b5ceac4685a507d25b545c3f3618600d932ede702ce8f5c601fb3ffbca3e1a382374e999d1b01090cc40fb56e39e1c7766d0f19f
SSDEEP

6144:wul3JU9ThrPjbnZhQQqwZbebQ3KFbpnp9Puqy5fMy8dLgIBYGSex:wulUhrMQ5ZbuSKjuLupgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
0252943605003f18b33010491a1a95b6_JaffaCakes118

Files

0252943605003f18b33010491a1a95b6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4623bd6a6afe337759dc4d5e35454e00

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetClientRect
BeginPaint
DefWindowProcA
FillRect
InvalidateRect
EnableWindow
GetDC
LoadImageA
SetWindowLongA
DrawTextA
EndPaint
SendMessageA
GetScrollRange
DeleteMenu
FindWindowA
CharToOemBuffW
GetMessageA
SetFocus
IsWindowUnicode
KillTimer
MessageBoxW
DialogBoxParamW
CreateDialogParamW
GetWindowTextW
GetWindowTextLengthW
PostMessageA
CreateWindowExW
RegisterClassW
GetWindowTextA
GetWindowTextLengthA
LoadStringW
LoadStringA
CharToOemA
CharLowerW
CharUpperW
CharLowerA
CharUpperA
CharPrevExA
SetWindowTextW
DefWindowProcW
GetWindowWord
SetWindowWord
SetRect
LoadCursorW
GetLastActivePopup
PostMessageW
SendMessageW
SetDlgItemTextW
OemToCharA
GetWindowLongW
SetWindowLongW
GetKeyState
PeekMessageW
TranslateMessage
DispatchMessageW
GetParent
SendDlgItemMessageW
UpdateWindow
GetDlgItemTextW
SetActiveWindow
AnyPopup
GetWindow
ScrollDC
GetGuiResources
GetProcessWindowStation
GetWindowDC
OpenIcon
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
ShowWindow

shell32

SHBrowseForFolderA
CommandLineToArgvW

ole32

CreateILockBytesOnHGlobal
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

advapi32

GetFileSecurityW
RegDeleteValueW

gdi32

SetViewportOrgEx
GetTextCharsetInfo
PlayMetaFile
PatBlt
GetObjectW
GetLogColorSpaceA
Pie
RoundRect
ScaleViewportExtEx
GetWindowExtEx
GetBkColor
SelectClipPath
SaveDC
TranslateCharsetInfo
CombineTransform
GetEnhMetaFileDescriptionW
GetCharWidthFloatW
SetBitmapDimensionEx
GetDIBits
GetCharWidth32A
GetFontData
GetTextExtentPointA

dbghelp

UnDecorateSymbolName

crypt32

CryptMsgGetParam
CryptHashToBeSigned
CertFreeCertificateContext

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

netapi32

NetConnectionEnum

kernel32

GetLocaleInfoA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
HeapCreate
HeapDestroy
HeapReAlloc
FatalAppExitA
InitializeCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForMultipleObjects
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetModuleFileNameW
AreFileApisANSI
LoadLibraryExW
LoadLibraryW
FormatMessageA
LocalFree
FormatMessageW
SetFileAttributesW
RemoveDirectoryW
MoveFileW
CreateDirectoryW
DeleteFileW
GetFullPathNameW
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SearchPathW
GetTempPathW
GetTempFileNameW
RaiseException
GetLocaleInfoW
GetDiskFreeSpaceExW
GetLogicalDriveStringsA
GetLogicalDriveStringsW
FindFirstFileW
FindNextFileW
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
CreateFileW
SetEndOfFile
CreateEventA
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
GetVersionExA
GetCommandLineW
HeapAlloc
HeapFree
GetProcessHeap
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
GetCurrentThread
TerminateProcess
IsDebuggerPresent
GetConsoleMode
LocalFileTimeToFileTime
DosDateTimeToFileTime
LocalAlloc
GlobalHandle
GlobalMemoryStatus
GetVersionExW
GetSystemTime
CreateProcessW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetVolumeInformationW
FlushFileBuffers
GetConsoleCP
SetStdHandle
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
CompareStringA
SetEnvironmentVariableA
CompareStringW
OpenFile
ExitThread
SetPriorityClass
SetFilePointerEx
lstrcmpW
CreateEventW
EnumResourceNamesW
InterlockedIncrement
HeapSetInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
FindResourceExW
ReleaseSemaphore
GetSystemDirectoryW
GetModuleHandleW
GetWindowsDirectoryW
GetExitCodeProcess
GetLocalTime
GetEnvironmentVariableW
GetDriveTypeW
GetStartupInfoW
SetFileValidData
ConvertFiberToThread
GetTempPathA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
MulDiv
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
WaitForSingleObject
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA
CloseHandle
GetVersion
GetSystemDirectoryA
lstrcatA
lstrlenA
GetTempFileNameA
CreateFileA
RemoveDirectoryA
CreateProcessA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
LoadLibraryA
SetErrorMode
GetCommandLineA
SetFileTime
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
CreateDirectoryA
GetLastError
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
ConvertThreadToFiber
GetFileInformationByHandle
RtlCaptureStackBackTrace
SetLastError
DeleteAtom

Sections

.rnjkbsr
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kjghfui
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UIKYHGT
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4623bd6a6afe337759dc4d5e35454e00

Headers

DLL Characteristics

File Characteristics

Imports

user32

shell32

ole32

advapi32

gdi32

dbghelp

crypt32

comctl32

version

netapi32

kernel32

Sections

.rnjkbsr Size: 4KB - Virtual size: 4KB

.kjghfui Size: 6KB - Virtual size: 5KB

.UIKYHGT Size: 4KB - Virtual size: 4KB

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 12KB - Virtual size: 339KB

.rsrc Size: 207KB - Virtual size: 207KB

.rnjkbsr
Size: 4KB - Virtual size: 4KB

.kjghfui
Size: 6KB - Virtual size: 5KB

.UIKYHGT
Size: 4KB - Virtual size: 4KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 12KB - Virtual size: 339KB

.rsrc
Size: 207KB - Virtual size: 207KB