04fad3891f829145e375f328ebc3df49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

04fad3891f829145e375f328ebc3df49_JaffaCakes118
Size

1.6MB
MD5

04fad3891f829145e375f328ebc3df49
SHA1

3e030576bff5b5fae3c1c5c50cacb625e7b2d997
SHA256

aeb6f9472309b92c743b1b418778fc0636bdc438c7148c42959d61e3cedfcf92
SHA512

526de60f99d88ba524dca0815e7659f936cdf156e1420462e1e0c70c4566e09fc3630bc6c2ddd1a3288b7b22cf5a563548483739d2d75c92de462426c5fbabe3
SSDEEP

49152:21z4q2R/NysLYBVL7nseK0qt6nYMMMMMMMMMMDMWMMMMMMMMM3h:GkLRlDSseKft6nYMMMMMMMMMMDMWMMM1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04fad3891f829145e375f328ebc3df49_JaffaCakes118

Files

04fad3891f829145e375f328ebc3df49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8a2c8ce882e74222d2793357d997beb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord6
ImageList_Destroy
ImageList_Create
InitCommonControlsEx
ImageList_AddMasked

shlwapi

PathQuoteSpacesA
PathIsRootA
PathMatchSpecA
SHCopyKeyA
SHAutoComplete
PathIsDirectoryA

imm32

ImmReleaseContext
ImmGetCompositionStringW
ImmGetContext
ImmSetCompositionFontA
ImmNotifyIME
ImmSetCompositionWindow

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

ExpandEnvironmentStringsA
GetFullPathNameA
GetLongPathNameA
LocalFree
FormatMessageA
GetLastError
LockResource
SizeofResource
LoadResource
FindResourceA
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceCounter
OutputDebugStringA
IsDBCSLeadByteEx
DebugBreak
DeleteCriticalSection
InitializeCriticalSection
GlobalSize
GetTickCount
GetUserDefaultLCID
GetStringTypeExA
LCMapStringA
GlobalUnlock
GetStringTypeA
GetCurrentProcessId
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LoadLibraryW
HeapSize
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetOEMCP
GetCPInfo
GetProcessHeap
GetCommandLineA
GetSystemTimeAsFileTime
GetModuleFileNameW
GetTempPathA
GetFileType
WriteConsoleW
HeapAlloc
HeapReAlloc
CreateThread
GetCurrentThreadId
ExitThread
RtlUnwind
RaiseException
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedDecrement
InterlockedIncrement
FindFirstFileA
FindClose
CreateFileA
WideCharToMultiByte
GlobalAlloc
GlobalFree
SetErrorMode
GetModuleHandleA
GetProcAddress
EnumSystemCodePagesA
GetCPInfoExA
SetFileAttributesA
GetModuleFileNameA
CopyFileA
DeleteFileA
MultiByteToWideChar
GetNumberFormatA
InterlockedCompareExchange
GetFileTime
GetFileAttributesA
CompareFileTime
GetACP
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
MulDiv
GetVersionExA
CreatePipe
GetStartupInfoA
CreateProcessA
PeekNamedPipe
Sleep
GetExitCodeProcess
InterlockedExchange
WaitForSingleObject
SetEndOfFile
GetFileSize
WriteFile
SetFilePointer
ReadFile
CloseHandle
GetConsoleCP
GetConsoleMode
GetWindowsDirectoryA
LCMapStringW
LoadLibraryA
FreeLibrary
GetStdHandle
GlobalLock
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
GetStringTypeW

user32

IsClipboardFormatAvailable
GetClipboardData
ShowCaret
CreateCaret
DestroyCaret
HideCaret
SetCaretPos
GetUpdateRgn
MsgWaitForMultipleObjects
GetMessageTime
IsChild
DrawAnimatedRects
GetDesktopWindow
PeekMessageA
LoadStringA
CharPrevA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetMenuState
GetMenuItemID
CallWindowProcA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetScrollInfo
LoadIconA
RegisterClassA
SetClipboardViewer
ChangeClipboardChain
PostQuitMessage
ShowOwnedPopups
GetKeyState
GetActiveWindow
SystemParametersInfoA
GetWindowPlacement
IsZoomed
OemToCharBuffA
CharToOemBuffA
IsCharAlphaNumericA
CharNextA
GetMenu
wsprintfA
CheckMenuRadioItem
ModifyMenuA
IsDialogMessageA
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
DefWindowProcA
ClientToScreen
TrackPopupMenuEx
FindWindowExA
IsWindowEnabled
IsIconic
ShowWindowAsync
SetScrollInfo
ScrollWindow
SetTimer
KillTimer
GetKeyboardLayout
IsWindow
RegisterClassExA
SetWindowLongA
IsWindowVisible
UnregisterClassA
CheckMenuItem
EnableMenuItem
RemoveMenu
IsMenu
InvalidateRect
UpdateWindow
CreatePopupMenu
LoadBitmapA
ReleaseCapture
SetCapture
GetDC
GetDoubleClickTime
BeginPaint
EndPaint
AdjustWindowRectEx
InflateRect
DrawTextW
DrawTextA
DrawFocusRect
FillRect
RegisterClipboardFormatA
DialogBoxIndirectParamA
GetSysColorBrush
GetMenuStringA
GetWindowTextA
MapDialogRect
SetMenuDefaultItem
SetActiveWindow
GetWindowLongA
EnableWindow
GetDlgItem
ShowWindow
MoveWindow
SendMessageA
MapWindowPoints
GetWindowRect
DestroyCursor
SetCursor
ReleaseDC
GetSysColor
RedrawWindow
IsDlgButtonChecked
LoadMenuA
GetSubMenu
SetForegroundWindow
GetCursorPos
TrackPopupMenu
DestroyMenu
AppendMenuA
CheckDlgButton
MessageBeep
GetFocus
SetFocus
GetDlgCtrlID
GetDlgItemInt
SetDlgItemInt
CreateWindowExA
GetClientRect
GetSystemMetrics
SetWindowPos
DialogBoxParamA
CreateDialogParamA
PostMessageA
GetParent
EndDialog
PtInRect
GetMessagePos
ScreenToClient
LoadImageA
SetWindowTextA
GetDlgItemTextA
SetDlgItemTextA
MessageBoxA
SendDlgItemMessageA
DestroyWindow
LoadCursorA
GetMenuItemCount

gdi32

StartPage
StartDocA
GetTextMetricsA
SelectObject
CreateFontA
DPtoLP
SetMapMode
GetObjectA
AddFontResourceA
CreateCompatibleDC
SetBkMode
CreateFontIndirectA
GetStockObject
SetTextColor
SelectPalette
CreateCompatibleBitmap
GetNearestColor
Polygon
Rectangle
CreatePatternBrush
RoundRect
Ellipse
BitBlt
RealizePalette
IntersectClipRect
ExtTextOutW
GetTextExtentPoint32W
GetTextExtentExPointA
GetTextExtentExPointW
CombineRgn
CreateRectRgn
CreateBitmap
SetBkColor
SetTextAlign
ExtTextOutA
GetTextExtentPoint32A
CreatePen
MoveToEx
LineTo
EndPage
EndDoc
DeleteDC
GetDeviceCaps
CreateSolidBrush
CreatePalette
DeleteObject

comdlg32

GetSaveFileNameA
PrintDlgA
PageSetupDlgA
ChooseFontA
ChooseColorA
GetOpenFileNameA

advapi32

RegEnumValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey

shell32

SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHAppBarMessage
SHGetMalloc
SHBindToParent
DragQueryFileA
DragFinish
DragAcceptFiles
ShellExecuteExA
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHGetDesktopFolder
SHChangeNotify
ShellExecuteA
SHGetFileInfoA
ord25

ole32

RegisterDragDrop
ReleaseStgMedium
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
RevokeDragDrop
DoDragDrop
CoCreateInstance

Sections

.text
Size: 792KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a2c8ce882e74222d2793357d997beb8

Headers

File Characteristics

Imports

comctl32

shlwapi

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 792KB - Virtual size: 788KB

.rdata Size: 124KB - Virtual size: 122KB

.data Size: 44KB - Virtual size: 55KB

.rsrc Size: 644KB - Virtual size: 641KB

.text
Size: 792KB - Virtual size: 788KB

.rdata
Size: 124KB - Virtual size: 122KB

.data
Size: 44KB - Virtual size: 55KB

.rsrc
Size: 644KB - Virtual size: 641KB