0c1dc8315c1a8148a1fa5e6d32231af0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c1dc8315c1a8148a1fa5e6d32231af0_JaffaCakes118
Size

849KB
MD5

0c1dc8315c1a8148a1fa5e6d32231af0
SHA1

3fa4bc4888f21b355df5ae5d7eb36a156e5f4b38
SHA256

233b17575bc8b65a6cce0684e3f644d5c09ba0237b1f6bac9146999452efedef
SHA512

5f1e8041443821eb8a6528f70d636e9576f8bdc21437cab1ea97713a7e16b4e74d5b3bd9bf1dfaaa7274d472f9fb4052dbdf1276a586c6898b5b4579b809fd62
SSDEEP

24576:lY0W5kkt1O2fJlDQQicWBIlrn4E0V0fr/QUr6DFUPdhTs/Dx:lY6aO2/fiRBIlL0VKr/+Qvg7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c1dc8315c1a8148a1fa5e6d32231af0_JaffaCakes118

Files

0c1dc8315c1a8148a1fa5e6d32231af0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ec4a52e13846392aa5e9302443efd50c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InitializeCriticalSection
SetEnvironmentVariableA
LockResource
GetVersionExA
GetACP
WriteConsoleA
FreeEnvironmentStringsA
FileTimeToSystemTime
GlobalFree
GetCurrentThread
VirtualFree
GetConsoleMode
HeapDestroy
InterlockedDecrement
GetSystemInfo
DuplicateHandle
LeaveCriticalSection
FreeResource
WriteFile
UnhandledExceptionFilter
SizeofResource
GetLastError
GetStartupInfoA
GetThreadLocale
GlobalReAlloc
FileTimeToLocalFileTime
InterlockedExchange
GetWindowsDirectoryA
GetVersion
SetStdHandle
GetFileTime
LCMapStringA
LocalReAlloc
UnlockFile
GetLocaleInfoA
QueryPerformanceCounter
SetLastError
FlushFileBuffers
EnterCriticalSection
InterlockedIncrement
TlsFree
RaiseException
TerminateProcess
SetFileTime
GlobalUnlock
GetCommandLineA
FindClose
LoadResource
GlobalLock
VirtualQuery
MulDiv
lstrlenA
CreateFileA
SetFilePointer
GlobalDeleteAtom
GlobalHandle
GetProcessHeap
ExitProcess
GetModuleFileNameA
GetSystemDirectoryA
EnumResourceLanguagesW
Sleep
TlsAlloc
GlobalFlags
GetConsoleOutputCP
GlobalAlloc
SetEndOfFile
SystemTimeToFileTime
HeapReAlloc
HeapFree
GetFileType
lstrcmpA
RtlUnwind
SetHandleCount
GetTimeZoneInformation
GetStdHandle
ReadFile
SetErrorMode
HeapAlloc
GetSystemTimeAsFileTime
FreeLibrary
HeapCreate
GetStringTypeA
ConvertDefaultLocale
GetConsoleCP
LockFile
VirtualAlloc
SetUnhandledExceptionFilter
GetCurrentThreadId
IsDebuggerPresent
GetCurrentProcessId
DeleteCriticalSection
TlsGetValue
GetEnvironmentStrings
LocalFileTimeToFileTime
HeapSize
CompareStringA
GetCommandLineW
TlsSetValue
lstrcpyA
GetSystemTime
LocalFree
GetModuleHandleA
GetOEMCP
FindAtomA
AddAtomA
LocalAlloc
LoadLibraryA
GetProcAddress
lstrcatA
GetFileSize
GetTickCount

user32

UnhookWindowsHookEx
CreatePopupMenu
SetCapture
EqualRect
GetWindowRgn
InvalidateRgn
GetActiveWindow
SetWindowPos
BeginPaint
TrackPopupMenu
SendDlgItemMessageA
GetMessageTime
DestroyWindow
SetWindowRgn
ReleaseCapture
KillTimer
ScreenToClient
OffsetRect
GetWindowPlacement
SetScrollPos
SetTimer
UnregisterClassA
ShowOwnedPopups
GetTopWindow
GetCapture
SetScrollInfo
GetWindowThreadProcessId
GetMessagePos
IsWindowEnabled
DestroyMenu
GetMenuItemID
ScrollWindow
GetNextDlgGroupItem
InflateRect
GetMenuCheckMarkDimensions
ShowWindow
ReleaseDC
GetMenuItemCount
SetForegroundWindow
SetRectEmpty
EndDialog
GetScrollPos
SetRect
LockWindowUpdate
MapDialogRect
GetDesktopWindow
GetKeyState
EnableMenuItem
GetDlgCtrlID
GetSystemMetrics
GetClientRect
WindowFromPoint
GetLastActivePopup
PostQuitMessage
CallNextHookEx
SetFocus
PtInRect
SetCursor
GetWindowRect
GetNextDlgTabItem
GetDC
GetWindow
SetActiveWindow
ValidateRect
SystemParametersInfoA
ClientToScreen
DeleteMenu
SetMenu
GetMenuState
IsWindowVisible
TranslateMessage
GetFocus
CopyRect
IntersectRect
UnpackDDElParam
GetMenu
CheckMenuItem
GetCursorPos
GetWindowDC
BeginDeferWindowPos
GetSubMenu
GetForegroundWindow
UpdateWindow
FillRect
IsWindow
AdjustWindowRectEx
GetScrollRange
MapWindowPoints
IsZoomed
IsRectEmpty
GetDlgItem
SetWindowContextHelpId
DrawIcon
MessageBeep
MoveWindow
GetScrollInfo
EndPaint
RedrawWindow
GetSystemMenu
BringWindowToTop
GetSysColorBrush
GetSysColor
GetDCEx
GetParent
IsIconic
SetParent
InvalidateRect
DeferWindowPos
ShowScrollBar
EndDeferWindowPos
DestroyIcon
ReuseDDElParam
IsChild
SetScrollRange
SetMenuItemBitmaps

gdi32

GetDeviceCaps
SelectClipRgn
CombineRgn
BitBlt
GetPixel
PatBlt
CreateCompatibleBitmap
SetViewportExtEx
ScaleViewportExtEx
IntersectClipRect
GetClipBox
PtVisible
RestoreDC
SetTextColor
CreateSolidBrush
SetBkMode
SetWindowExtEx
CreateRectRgnIndirect
CreatePatternBrush
DPtoLP
ExtSelectClipRgn
GetTextColor
CreateEllipticRgn
DeleteDC
RectVisible
CreateBitmap
SetRectRgn
GetStockObject
Ellipse
ScaleWindowExtEx
Escape
CreateCompatibleDC
SelectObject
GetRgnBox
OffsetRgn
GetMapMode
DeleteObject
OffsetViewportOrgEx
GetBkColor
SetBkColor
StretchDIBits
SaveDC
CreateRectRgn
ExcludeClipRect
SetViewportOrgEx
SetMapMode
GetWindowExtEx

advapi32

RegCloseKey
SetFileSecurityW

shell32

DragFinish

ole32

OleInitialize
CreateILockBytesOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard
CoRevokeClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoRegisterMessageFilter
OleUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID

oleaut32

VariantInit
SysAllocString
OleCreateFontIndirect
VariantTimeToSystemTime
SafeArrayDestroy
SysFreeString
SystemTimeToVariantTime
SysAllocStringLen
VariantCopy
SysStringLen
VariantClear
OleLoadPicture
VariantChangeType

comctl32

ImageList_LoadImageW

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathFindExtensionW
PathFileExistsW
PathStripToRootW
PathIsUNCW

wldap32

ord201

userenv

UnloadUserProfile

Sections

.text
Size: 474KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 343KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec4a52e13846392aa5e9302443efd50c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

wldap32

userenv

Sections

.text Size: 474KB - Virtual size: 473KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 343KB - Virtual size: 362KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 474KB - Virtual size: 473KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 343KB - Virtual size: 362KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 3KB - Virtual size: 3KB