0a0a261425027e88b65622bcfbb36b3f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a0a261425027e88b65622bcfbb36b3f_JaffaCakes118
Size

785KB
MD5

0a0a261425027e88b65622bcfbb36b3f
SHA1

ae8d83c96d9b0823566d11ed481b636c90a94e54
SHA256

69a787ccc972ad16b5f4e2821aa9d3d0b54a0cc274dd6c535d7d4c1061a1b8f2
SHA512

4ecaa03f5ae4e01810ef579fd8ac85ce78d9521e99ec378146e76c8c70d3ddb6baa4311a53c02b1f7565b60d7fb514d48e46ad6b68a582607113dc31645d6f62
SSDEEP

12288:YC53Kc9iFp5n/xIERCwIUcPK9BotseXBtLRdiuv4B4MnKBpD2mqrvFz:/6oi5p0wI/PK4tbbFizKBpiVz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a0a261425027e88b65622bcfbb36b3f_JaffaCakes118

Files

0a0a261425027e88b65622bcfbb36b3f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a62130d7e4dd0ad27fa43b8faaa51c5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\seyeaao\woo

Imports

user32

MessageBeep
EndDialog
DefWindowProcW
RegisterClassW
ShowWindow
GetFocus
CloseClipboard
SetWindowTextW
SetScrollInfo
RedrawWindow
DrawFocusRect
CreateWindowExW
CharNextW
LoadIconW
GetForegroundWindow
WaitMessage
GetMenu
GetSysColor
CreatePopupMenu
RegisterClassExW
SetClipboardData
DrawTextW
DeferWindowPos
DestroyWindow
GetWindowThreadProcessId
UnhookWindowsHookEx
CreateDialogParamW
GetWindow
IsIconic
UnpackDDElParam
InflateRect
GetMenuItemInfoW
SystemParametersInfoW
GetSubMenu
SetDlgItemTextW
LoadBitmapW
GetDC
ModifyMenuW
LoadCursorW
GetClassInfoExW
InsertMenuW
MessageBoxW
SetMenuDefaultItem
SetActiveWindow
GetClassLongW
KillTimer
SetCapture
SetCursor
MoveWindow
SendMessageW
GetKeyState
UpdateWindow
DestroyCursor
DestroyIcon
DispatchMessageW
GetSystemMetrics
InvalidateRgn
GetActiveWindow
UnregisterClassA

advapi32

AddAccessAllowedAce
FreeSid
RegCloseKey
OpenProcessToken
RegOpenKeyExA
RegQueryValueA

comctl32

ImageList_Destroy
ImageList_GetImageCount
ImageList_ReplaceIcon
_TrackMouseEvent
InitCommonControlsEx

wininet

HttpSendRequestW
InternetCloseHandle
InternetCrackUrlW
InternetReadFile
InternetGetLastResponseInfoW
HttpOpenRequestW
HttpQueryInfoW

kernel32

GetFullPathNameA
lstrlenA
FlushFileBuffers
FileTimeToLocalFileTime
GetCommandLineW
VirtualFree
HeapCreate
GetLastError
TerminateProcess
LCMapStringA
InterlockedDecrement
GetCurrentProcess
LeaveCriticalSection
GetFileSize
GetModuleHandleA
VirtualAlloc
GetThreadLocale
InterlockedIncrement
HeapFree
TlsAlloc
VirtualProtect
HeapAlloc
InterlockedExchange
GetProcAddress
LockResource
DeleteCriticalSection
HeapReAlloc
TlsGetValue
GetEnvironmentStringsW
SetEnvironmentVariableW
QueryPerformanceCounter
LoadLibraryW
CompareStringA
ResumeThread
GlobalDeleteAtom
LCMapStringW
GetCPInfo
SetStdHandle
GetEnvironmentStrings
GetSystemTime
SetHandleCount
SetThreadPriority
FreeEnvironmentStringsA
GlobalFree
GetSystemTimeAsFileTime
SetEnvironmentVariableA
SetEvent
WaitForSingleObject
GetDateFormatA
UnmapViewOfFile
GetOEMCP
SetLastError
lstrcpynA
GetCommandLineA
ExitProcess
lstrlenW
RaiseException
LoadLibraryA
MapViewOfFile
GetStartupInfoA
InitializeCriticalSection
CompareStringW
GetTempPathW
SizeofResource
OpenProcess
GetFileType
GetStringTypeW
OutputDebugStringA
FreeEnvironmentStringsW
lstrcmpiW
GetACP
HeapSize
WideCharToMultiByte
GlobalAlloc
GetProcessHeap
DuplicateHandle
MultiByteToWideChar
GetVersionExA
CreateDirectoryA
TlsFree
GetModuleHandleW
CreateToolhelp32Snapshot
GetTickCount
GetTimeZoneInformation
WriteFile
VirtualQuery
GetCurrentProcessId
GetStringTypeA
lstrcpynW
GetCurrentThreadId
GetStdHandle
IsBadCodePtr
GetModuleFileNameW
CreateThread
GetLocaleInfoA
CloseHandle
MulDiv
GetTimeFormatA
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
CreateMutexW
FindClose
GlobalUnlock
TerminateThread
SetErrorMode
GetModuleFileNameA
FindFirstFileW
HeapDestroy
UnhandledExceptionFilter
TlsSetValue
RtlUnwind
GetStartupInfoW
LocalFree
FreeLibrary
EnterCriticalSection
SuspendThread
GetSystemInfo

gdi32

GetPaletteEntries
SetAbortProc
CreateDCW
StretchBlt
EndPage
ExcludeClipRect
GetRgnBox
EndDoc
CreateBrushIndirect
GetTextColor
PolyBezier
GetMapMode
CreateRectRgnIndirect
SetBkColor
SetBkMode
SelectObject
EnumFontFamiliesExW
CreatePalette
CreateEllipticRgn
OffsetViewportOrgEx
ScaleViewportExtEx
CombineRgn
ExtSelectClipRgn
SelectPalette
PatBlt
AbortDoc
CreatePen
CreatePolygonRgn
GetObjectW
RealizePalette
RectVisible
SetROP2
CreatePatternBrush
GetDeviceCaps
SetTextColor
SetBrushOrgEx
OffsetRgn
SetMapMode
SaveDC
GetPixel
CreateDIBSection
CreateRectRgn
GetTextExtentPoint32W
StrokePath
SelectClipRgn
GetTextMetricsA
SetViewportOrgEx
ExtFloodFill
Arc
CreateCompatibleBitmap
GetClipBox
CreateCompatibleDC
GetViewportExtEx
ExtTextOutW
GetBkMode
BeginPath
SetViewportExtEx
SetStretchBltMode
SetWindowOrgEx
GetTextMetricsW
GetWindowExtEx
CreateSolidBrush
GetStockObject
Escape
BitBlt
RoundRect
StretchDIBits
Ellipse
GetRegionData
CreateFontIndirectW
EqualRgn
SetPixel
ExtCreatePen
DPtoLP
StartPage
GetDIBits
Polyline
IntersectClipRect
GetBkColor
CreateBitmap
RestoreDC
Polygon
ScaleWindowExtEx
PtInRegion
DeleteDC
PtVisible
TextOutW
SetPolyFillMode
MoveToEx
DeleteObject
RectInRegion
SetWindowExtEx
SetTextAlign
EndPath
GdiFlush
LineTo
Rectangle

ole32

OleCreateStaticFromData
OleIsCurrentClipboard
CLSIDFromProgID
OleInitialize
CreateBindCtx
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
WriteClassStg
OleGetClipboard
OleLockRunning
StgIsStorageFile
CreateFileMoniker
StgIsStorageILockBytes
GetHGlobalFromILockBytes
CoTaskMemFree
CoGetClassObject
CoDisconnectObject
GetClassFile
CreateGenericComposite
WriteClassStm
StgCreateDocfile
StgCreateDocfileOnILockBytes
OleSaveToStream
OleSetContainedObject
CoTaskMemAlloc
OleSetClipboard
CoFreeUnusedLibraries

shell32

SHGetMalloc
ord155
ShellExecuteA
SHBrowseForFolderA
SHChangeNotify
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragQueryFileA
DragAcceptFiles
ExtractIconA
SHGetPathFromIDListA
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 478KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a62130d7e4dd0ad27fa43b8faaa51c5e

Headers

File Characteristics

PDB Paths

Imports

user32

advapi32

comctl32

wininet

kernel32

gdi32

ole32

shell32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 478KB - Virtual size: 477KB

.data Size: 104KB - Virtual size: 128KB

.rsrc Size: 113KB - Virtual size: 112KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 478KB - Virtual size: 477KB

.data
Size: 104KB - Virtual size: 128KB

.rsrc
Size: 113KB - Virtual size: 112KB