0d5c3605eced8767167bbc7e5e0d03c0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d5c3605eced8767167bbc7e5e0d03c0_JaffaCakes118
Size

208KB
MD5

0d5c3605eced8767167bbc7e5e0d03c0
SHA1

fffc697dd47c87c11be02cfaca6eded931ea061b
SHA256

2edb43b30d9c9352247a692a795c82a949ae4b7870cda625de901943696b0f03
SHA512

c8abd896acf5c7371ab3ea109fdee45168e132cffc46f4423b0787a28b76672dfd6ec8845f76ca7522abd01b7897939311f5fb603365dfbe667dc6c33c1c4ab6
SSDEEP

3072:kIt5hHi2vmugiI3q9PpRNMcoGI4YNeuLAGZ/H/G6KCC5EDGDFwpwv2Vi:kMKfQVpXVoJ4uBG6KC5y+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5c3605eced8767167bbc7e5e0d03c0_JaffaCakes118

Files

0d5c3605eced8767167bbc7e5e0d03c0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3d41c67a451e6e28741067d06f5905cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetPrivateProfileSectionW
GetCPInfo
TlsAlloc
VirtualAlloc
RaiseException
MulDiv
SizeofResource
VirtualFree
GetFileSize
GetPrivateProfileIntW
GetOEMCP
GetDateFormatA
EnumResourceLanguagesW
GlobalAlloc
GetDateFormatW
GetVolumeInformationW
GetCurrentProcessId
SetEnvironmentVariableA
GetPrivateProfileStringW
GlobalFlags
HeapAlloc
CopyFileW
GetDriveTypeW
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLocaleInfoA
lstrcatW
IsBadWritePtr
InitializeCriticalSection
QueryPerformanceFrequency
FindNextFileW
FreeEnvironmentStringsA
DeleteCriticalSection
SetStdHandle
FreeEnvironmentStringsW
LocalReAlloc
GetTempPathW
ExitProcess
WritePrivateProfileStringW
GetCurrentProcess
GetStringTypeW
GetVersion
LCMapStringA
RtlUnwind
QueryPerformanceCounter
FindFirstFileW
lstrcmpW
GetLocalTime
TlsGetValue
FormatMessageW
GetFullPathNameW
HeapDestroy
lstrcmpA
VirtualQuery
GetACP
IsBadCodePtr
IsValidCodePage
GetThreadLocale
GetStartupInfoW
ReadFile
SetUnhandledExceptionFilter
GetCurrentThread
WaitForMultipleObjects
LockResource
GetTickCount
LockFile
FindClose
GetTimeFormatW
LocalAlloc
GetLocaleInfoW
HeapSize
GetCurrentThreadId
CreateProcessW
HeapReAlloc
VirtualProtect
CreateDirectoryW
GetVersionExA
DeleteFileW
DuplicateHandle
HeapCreate
LCMapStringW
SetHandleCount
FileTimeToSystemTime
LoadResource
TlsFree
WriteFile
GetEnvironmentStringsW
TerminateProcess
GlobalFree
IsBadReadPtr
GetSystemTimeAsFileTime
LoadLibraryW
GlobalFindAtomW
GetFileType
CompareStringA
MapViewOfFile
FileTimeToLocalFileTime
CancelWaitableTimer
GetProcessHeap
ActivateActCtx
GetEnvironmentVariableA
OpenWaitableTimerW
AddAtomW
CancelIo
InterlockedDecrement
SetEndOfFile
GlobalHandle
lstrcpyW
GlobalDeleteAtom
UnhandledExceptionFilter
GetStringTypeA
GetCommandLineA
GetUserDefaultLCID
CreateWaitableTimerW
GetModuleHandleW
TlsSetValue
SetFileAttributesW
LeaveCriticalSection
SetFilePointer
InterlockedIncrement
InterlockedExchange
EnterCriticalSection
GetTimeZoneInformation
CompareStringW
UnmapViewOfFile
UnlockFile
GetStdHandle
GetFileTime
GetVersionExW
lstrcpynW
GetFileAttributesW
FlushFileBuffers
GetSystemInfo
GetTimeFormatA
SetWaitableTimer
SetErrorMode
HeapFree
CloseHandle
GetFileAttributesA
GetStartupInfoA
MultiByteToWideChar
SetLastError
LocalFree
lstrcpyA
lstrcpynA
GetLastError
LoadLibraryA
CreateMutexA
GetModuleFileNameA
GetProcAddress
lstrlenW
GetFullPathNameA
GetModuleHandleA
FreeLibrary
WideCharToMultiByte
AreFileApisANSI
CreateFileW
lstrlenA

user32

EndPaint
CreateDialogIndirectParamW
GetWindowPlacement
PostMessageW
ValidateRect
EqualRect
GetNextDlgTabItem
RegisterClassW
RemovePropW
GetWindowDC
GetClassInfoExW
CheckMenuItem
CopyRect
CallWindowProcW
InvalidateRgn
GetAsyncKeyState
GetClassNameW
GetKeyState
SystemParametersInfoA
GetMessagePos
PeekMessageW
ClientToScreen
DrawTextExW
SetFocus
EndDialog
GetTopWindow
WinHelpW
IntersectRect
IsWindowVisible
IsWindowUnicode
wsprintfW
CharLowerW
SendDlgItemMessageW
SetWindowTextW
GetWindowTextLengthW
GetActiveWindow
SetCursor
IsWindowEnabled
RegisterWindowMessageW
GetPropW
SetWindowLongW
SetWindowPos
GetCapture
UnregisterClassW
SetWindowContextHelpId
SetDlgItemTextW
GetNextDlgGroupItem
TranslateMessage
GetWindowTextW
GetSysColorBrush
BeginPaint
TabbedTextOutW
MapDialogRect
GetClassLongW
SetActiveWindow
GetMenuCheckMarkDimensions
MapWindowPoints
WindowFromPoint
DispatchMessageW
SendDlgItemMessageA
InvalidateRect
DrawTextW
ScreenToClient
SetPropW
GetDesktopWindow
GrayStringA
OffsetRect
SetRect
GetWindowRect
EnableWindow
IsZoomed
PtInRect
DrawTextA
TabbedTextOutA
GetMenuState
PostQuitMessage
GetMessageTime
IsDialogMessageW
SetMenuItemBitmaps
GetWindowLongW
GetFocus
GetForegroundWindow
AdjustWindowRectEx
GetWindow
CreateWindowExW
ReleaseCapture
FillRect
GetParent
GetSystemMenu
SendMessageA
GetSystemMetrics
SetCapture
UpdateWindow
SetForegroundWindow
GetWindowTextA
SetWindowTextA
EnumChildWindows
IsRectEmpty
IsChild
MessageBoxW
GrayStringW
GetDlgItemTextW
GetClassInfoW
DefWindowProcA
IsWindow
GetDlgCtrlID

gdi32

GetObjectW
CreateDIBSection
DeleteDC
TextOutW
CreateCompatibleDC
SetBkColor
CreateBitmap
CreateRectRgnIndirect
ExtTextOutW
TextOutA
SetDIBColorTable
SetMapMode
GetDeviceCaps
DeleteObject
RestoreDC
GetViewportExtEx
GetWindowExtEx
SaveDC
GetTextExtentPoint32W
PtVisible
CreatePalette
PtInRegion
CreatePolygonRgn
LPtoDP
GetTextColor
RectVisible
SetPixel
CombineRgn
CreateRectRgn
BitBlt
CreateFontIndirectA
GetClipBox
Polyline
GetObjectA
SetRectRgn
DPtoLP

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

shell32

SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
SHBindToParent
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteA
SHGetFolderLocation
SHFileOperationW

comctl32

ImageList_Destroy
PropertySheetW
ImageList_ReplaceIcon
ord17
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Create
CreatePropertySheetPageW
_TrackMouseEvent
InitCommonControlsEx
DestroyPropertySheetPage

shlwapi

PathStripToRootW
StrRetToBufW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetCancelConnectionW
WNetAddConnection2W

oledlg

OleUIBusyW

gdiplus

GdiplusStartup
GdipGetImagePaletteSize
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipBitmapUnlockBits
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImagePalette
GdipCloneImage
GdipFree
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdiplusShutdown
GdipAlloc
GdipDeleteGraphics

msvcrt

__CxxFrameHandler
_except_handler3
_mbscmp
_exit
exit
_strdup
_adjust_fdiv
__set_app_type
_mbsicmp
_onexit
_XcptFilter
__p__fmode
_setmbcp
_initterm
?terminate@@YAXXZ
_vsnprintf
__dllonexit
_controlfp
_splitpath
__p__commode
_acmdln
free
__setusermatherr
_CxxThrowException
__getmainargs
??1type_info@@UAE@XZ
_CIsin

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d41c67a451e6e28741067d06f5905cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

comctl32

shlwapi

version

mpr

oledlg

gdiplus

msvcrt

Sections

.text Size: 78KB - Virtual size: 77KB

.text Size: 34KB - Virtual size: 34KB

.data Size: 30KB - Virtual size: 34KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 78KB - Virtual size: 77KB

.text
Size: 34KB - Virtual size: 34KB

.data
Size: 30KB - Virtual size: 34KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 13KB - Virtual size: 13KB