0324b8b0e85a23799527099529a6c88c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0324b8b0e85a23799527099529a6c88c_JaffaCakes118
Size

250KB
MD5

0324b8b0e85a23799527099529a6c88c
SHA1

e3e6c360adc0c3dd6a0f3c52e64d654cd53eaee4
SHA256

b377cf0020deefd68c26f6edb504566f99204aa0a5dbc663d7daf28f3679f08c
SHA512

808f7261cfa880fd636aa0231c926194f88600339e36cd4d9ad5d064d1c2f1f88bc28abb14375bfbf5e3cce99fe55f05060db845a0fab0a216ed2542d38f1030
SSDEEP

3072:wWL/N/jj0smJd87RabixuLb9JydBW7cBxmAtZDYNFystYSIr5h/Kl:ZpxmJd+fxuLbnyDuGZ0NFyRSIFgl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0324b8b0e85a23799527099529a6c88c_JaffaCakes118

Files

0324b8b0e85a23799527099529a6c88c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1f34faf437ae96ffea9443f65189d7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
SetLastError
GetCurrentThreadId
RaiseException
CreateDirectoryW
CreateDirectoryA
GetPrivateProfileStringW
LoadLibraryW
GetProcAddress
FreeLibrary
GetModuleFileNameA
CreateMutexA
GetPrivateProfileIntA
ReleaseMutex
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLocalTime
CreateFileA
WriteFile
CloseHandle
lstrcpyA
GetWindowsDirectoryA
WinExec
GlobalAlloc
GlobalLock
GlobalUnlock
SetFilePointer
ReadFile
GlobalFree
Sleep
ResetEvent
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
GetFileAttributesA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapCreate
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualQuery
GetSystemInfo
GetModuleHandleA
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
DeleteCriticalSection
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TerminateThread
FindClose
FindNextFileA
FindFirstFileA
GetLongPathNameA
WaitForSingleObject
GetUserDefaultLCID
GetLastError
CreateThread
WideCharToMultiByte
CreateEventA
SetEvent
GetTickCount
lstrlenA
InterlockedExchange
MultiByteToWideChar

user32

LoadImageA
CloseClipboard
SetClipboardData
EmptyClipboard
FillRect
FrameRect
DrawTextA
IsWindowEnabled
EnableWindow
KillTimer
SetTimer
GetDC
ReleaseDC
SendMessageA
PostMessageA
GetSystemMetrics
PtInRect
InflateRect
InvalidateRect
IsWindowVisible
ShowWindow
LoadCursorA
RegisterClassExA
CreateWindowExA
BeginPaint
EndPaint
DefWindowProcA
UpdateWindow
SetWindowPos
LoadBitmapA
GetWindowRect
ClientToScreen
ReleaseCapture
GetDlgCtrlID
SystemParametersInfoA
GetCapture
SetCapture
DrawFocusRect
DrawEdge
OpenClipboard
DestroyMenu
SetWindowTextA
IsZoomed
PostQuitMessage
SetMenu
LoadIconA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
SendMessageTimeoutA
SetForegroundWindow
MessageBoxA
GetKeyboardState
SetCursor
DestroyWindow
GetClassInfoExA
SetWindowLongA
GetClientRect
AdjustWindowRectEx
GetWindowLongA
GetMenu
IsWindow
CallWindowProcA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
MoveWindow
GetParent
UnregisterClassA

gdi32

SetTextColor
CreateFontIndirectA
CreateSolidBrush
SelectObject
DeleteObject
BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
CreateCompatibleBitmap
StretchBlt
SetBkMode
SetStretchBltMode
CreateDIBSection

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA

shell32

SHGetSpecialFolderPathW
DragQueryFileA
ShellExecuteA
ShellExecuteExA
SHGetSpecialFolderPathA
SHFileOperationA

ole32

CreateStreamOnHGlobal
StringFromGUID2

oleaut32

SysAllocString
VariantClear

shlwapi

PathFindExtensionA
PathFindExtensionW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_GetIconSize
ImageList_Destroy
ImageList_Draw
_TrackMouseEvent

gdiplus

GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipCreateBitmapFromStream
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectRect
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetCompositingQuality
GdipSetCompositingMode
GdipDeleteGraphics
GdipCreateFromHDC

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Picture
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WYCao
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1f34faf437ae96ffea9443f65189d7e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 6KB - Virtual size: 40KB

Picture Size: 512B - Virtual size: 4B

.WYCao Size: 61KB - Virtual size: 61KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 6KB - Virtual size: 40KB

Picture
Size: 512B - Virtual size: 4B

.WYCao
Size: 61KB - Virtual size: 61KB