27e3763b4c6e7aa2f1577c759d7ad45c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27e3763b4c6e7aa2f1577c759d7ad45c_JaffaCakes118
Size

556KB
MD5

27e3763b4c6e7aa2f1577c759d7ad45c
SHA1

487dfe6373ae902b299b4393f4018a93f07b1399
SHA256

ffa5e5d2ba2677202deb4e19e25b9ef963cb5f5d0a014db6d63bc1879e187601
SHA512

d71c5a783864d1565c9574e7cb00aabc4c446f93eee101f0136d29b865631db9686f469f96b7b31cc1383e2a9cf1e3c635051efb1d694536d61663b413fa40ca
SSDEEP

6144:6cKPERgc8V1unrnnd+/K/rsTuAN9yB9xRurDG7PcHItDZRjh9OJHfTb:6cKPEOc8irnw/WsJ9Eu+4HIN9SJ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27e3763b4c6e7aa2f1577c759d7ad45c_JaffaCakes118

Files

27e3763b4c6e7aa2f1577c759d7ad45c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a2281592ca3eaeb80cd96f985e1763af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindNextUrlCacheEntryA
FindCloseUrlCache
HttpQueryInfoA
InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle
DeleteUrlCacheEntry
InternetGetConnectedState
InternetCrackUrlA
InternetSetStatusCallback
FindFirstUrlCacheEntryA

comctl32

ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_ReplaceIcon
PropertySheetA
ImageList_Draw
ord17
ImageList_Destroy

winmm

PlaySoundA

shlwapi

PathCompactPathA

kernel32

HeapAlloc
GetCurrentProcess
HeapFree
GetProcessHeap
GetPrivateProfileIntA
Sleep
GetShortPathNameA
GetPrivateProfileStringA
SetFilePointer
MapViewOfFile
UnmapViewOfFile
MoveFileExA
SetEndOfFile
FreeLibrary
MulDiv
GetProcAddress
SetFileAttributesA
GetTempFileNameA
LoadLibraryA
CreateFileMappingA
GetModuleHandleA
GetVersionExA
GetLocalTime
GetDiskFreeSpaceA
SetEvent
CreateEventA
CreateThread
FindResourceA
LoadResource
LockResource
VirtualFree
VirtualAlloc
GetVersion
GetSystemTimeAsFileTime
GetLocaleInfoA
GetNumberFormatA
CompareFileTime
GetTimeFormatA
FindFirstChangeNotificationA
FileTimeToSystemTime
FileTimeToLocalFileTime
CreateProcessA
SearchPathA
CreateMutexA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
RaiseException
ExitProcess
HeapSize
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetTickCount
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
GetFileInformationByHandle
FindNextFileA
GetProfileStringA
FindClose
RemoveDirectoryA
FindFirstFileA
GetVolumeInformationA
QueryPerformanceCounter
ExpandEnvironmentStringsA
SetErrorMode
lstrcpyA
CopyFileA
WaitForSingleObject
DeleteFileA
CloseHandle
MoveFileA
lstrcmpiA
ReadFile
WriteFile
GetFileSize
CreateFileA
GetLastError
lstrlenA
GetTempPathA
GetModuleFileNameA
lstrcatA
GetSystemDirectoryA
GetFileAttributesA
GetWindowsDirectoryA
lstrcpynA
lstrlenW
MultiByteToWideChar
HeapReAlloc
InitializeCriticalSection
GetStringTypeA
GetDriveTypeA
GetLogicalDrives
lstrcmpA
HeapDestroy
HeapCreate
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDateFormatA

user32

CloseClipboard
EmptyClipboard
OpenClipboard
CheckRadioButton
GetDlgItemTextA
SetCapture
GetKeyState
GetFocus
GetClientRect
DrawEdge
GetCapture
CreateWindowExA
GetSysColorBrush
ReleaseCapture
GetDlgCtrlID
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageA
DispatchMessageA
InvalidateRgn
ClientToScreen
GetSubMenu
SetForegroundWindow
DeleteMenu
GetParent
LoadMenuA
TrackPopupMenuEx
MessageBoxA
SetMenuDefaultItem
DestroyMenu
CopyRect
DestroyWindow
CreateDialogParamA
IsWindowEnabled
LockWindowUpdate
RedrawWindow
FillRect
DrawTextA
DrawIconEx
SetRect
GetMenuItemInfoA
FindWindowA
GetMenuItemCount
GetSystemMetrics
RegisterClassA
IsWindowVisible
GetCursorPos
DefWindowProcA
CreateDialogIndirectParamA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
IsIconic
PostQuitMessage
GetMessageA
LoadImageA
SetMenuItemInfoA
DestroyIcon
DrawFrameControl
InvalidateRect
SetCursor
ScreenToClient
GetWindowRect
GetDC
DrawFocusRect
GetWindowTextA
SetWindowLongA
GetWindowLongA
ReleaseDC
GetSysColor
SetWindowPos
SystemParametersInfoA
CallWindowProcA
LoadCursorA
GetDesktopWindow
CharUpperA
GetWindow
PostMessageA
SendDlgItemMessageA
SetTimer
KillTimer
LoadStringA
wsprintfA
SendMessageA
GetDlgItem
EndDialog
CheckDlgButton
ShowWindow
IsDlgButtonChecked
SetWindowTextA
UpdateWindow
EnableWindow
DialogBoxParamA
SetDlgItemTextA
FrameRect
SetFocus

gdi32

PatBlt
CreateFontA
BitBlt
TextOutA
GetDeviceCaps
DeleteDC
ExcludeClipRect
CreateBitmap
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetTextExtentPoint32A
SetTextColor
SelectObject
GetStockObject
GetObjectA
DeleteObject
ExtTextOutA
CreateFontIndirectA

winspool.drv

OpenPrinterA
GetPrinterDataA
ClosePrinter

comdlg32

GetOpenFileNameA

advapi32

RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
ControlService
GetLengthSid
GetUserNameA
AddAce
RegSetKeySecurity
FreeSid
OpenSCManagerA
AllocateAndInitializeSid
InitializeAcl
QueryServiceStatus
RegGetKeySecurity
SetSecurityDescriptorDacl
StartServiceA
InitializeSecurityDescriptor
RegDeleteKeyA
CopySid
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
OpenProcessToken
CloseServiceHandle
OpenServiceA
GetSidIdentifierAuthority
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetMalloc
SHAddToRecentDocs
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
Shell_NotifyIconA
SHBrowseForFolderA
SHFileOperationA
SHGetFileInfoA
ShellExecuteA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

Sections

.text
Size: 240KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2281592ca3eaeb80cd96f985e1763af

Headers

File Characteristics

Imports

wininet

comctl32

winmm

shlwapi

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 240KB - Virtual size: 238KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 64KB - Virtual size: 82KB

.rsrc Size: 216KB - Virtual size: 212KB

.text
Size: 240KB - Virtual size: 238KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 64KB - Virtual size: 82KB

.rsrc
Size: 216KB - Virtual size: 212KB