277507c248860480159c07d2eda2db53_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

277507c248860480159c07d2eda2db53_JaffaCakes118
Size

199KB
MD5

277507c248860480159c07d2eda2db53
SHA1

d7417725fae2c80468db2c84d6e43014ee069edd
SHA256

019919ebbc41c8176225b2938515ce1b67a6b43af15ffdcafd0d8296bb582d36
SHA512

ccdf742ee4896a95878c56dca42f8ecce588da97c1ec5e340a1df7aa4f7aec88e35105a9f550e4a717b320c3f577d4967284ea316007f8281d2e500db2a191b8
SSDEEP

3072:ncfuYvRCB3FoXZB+HZtekBgSJpUbRT8O4oCe3UVg3dtuwmMxD8ti1xDjFAcfvir7:ncfuYvk3oKrDBgiMAE1+3MggNFASv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
277507c248860480159c07d2eda2db53_JaffaCakes118

Files

277507c248860480159c07d2eda2db53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77132630146736d0f7a34fe19962b81e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

SysAllocStringLen
GetErrorInfo
SafeArrayUnaccessData
VariantChangeType
SafeArrayPtrOfIndex
VariantCopyInd
SysStringLen
OleLoadPicture
VariantCopyInd
GetErrorInfo
SafeArrayGetElement
SafeArrayGetUBound
SysReAllocStringLen
SysAllocStringLen
SysAllocStringLen
OleLoadPicture
SafeArrayPtrOfIndex
SafeArrayUnaccessData
VariantCopyInd
GetErrorInfo
VariantChangeType
SafeArrayCreate
SysFreeString
SysStringLen
SysReAllocStringLen
SafeArrayGetElement
SysAllocStringLen
OleLoadPicture
GetErrorInfo
VariantChangeType
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayGetUBound
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayUnaccessData
SysAllocStringLen
VariantChangeType
SysReAllocStringLen
OleLoadPicture

user32

ScrollWindow
EnumWindows
InsertMenuA
GetDesktopWindow
GetForegroundWindow
IsWindowUnicode
GetWindowDC
MoveWindow
OpenClipboard
EnableScrollBar
FrameRect
GetWindowRect
GetMessagePos
MapVirtualKeyA
WaitMessage
AdjustWindowRectEx
ReleaseCapture
GetSubMenu
GetMenuItemCount
CreatePopupMenu
CallWindowProcA
CheckMenuItem
InflateRect
GetSysColorBrush
UpdateWindow
EnumChildWindows
CloseClipboard
DrawMenuBar
MessageBeep
GetDesktopWindow
SendMessageA
GetScrollRange
ShowScrollBar
IsZoomed
GetDlgItem
ShowWindow
DispatchMessageW
UnhookWindowsHookEx
GetWindowLongW
CheckMenuItem
DefMDIChildProcA
GetKeyState
EnableWindow
GetClassNameA
PeekMessageA
EndPaint
MsgWaitForMultipleObjects
CharUpperBuffA
FillRect
ChildWindowFromPoint
SetParent
MoveWindow
GetClipboardData
MessageBeep
RegisterWindowMessageA
GetCapture
PostQuitMessage
LoadIconA
DefMDIChildProcA
GetMenuStringA
GetWindowRect
SetMenu
IsRectEmpty
GetSysColor
EndPaint
SetWindowPos
SendMessageW
RemoveMenu
InvalidateRect
DrawEdge
SetActiveWindow
GetWindowTextA
IntersectRect
InflateRect
GetClassNameA
GetSubMenu
SetScrollInfo
CheckMenuItem
GetClassNameA
DestroyIcon
RemovePropA
SetWindowLongW
GetSysColor
UpdateWindow
GetSystemMenu
CallNextHookEx
ShowScrollBar
GetMessagePos
GetMenuItemInfoA
GetWindowDC
GetMenuStringA
GetKeyState
MapVirtualKeyA
KillTimer
ScrollWindow
GetKeyNameTextA
GetLastActivePopup
SetWindowsHookExA
TrackPopupMenu
SetMenuItemInfoA
CreateWindowExA
DefMDIChildProcA
EnumThreadWindows
IsDialogMessageW
GetClassNameA
RegisterClassA
GetWindowLongA
DispatchMessageW
SendMessageW
PostQuitMessage
DefMDIChildProcA
GetMenuStringA
CreatePopupMenu
CreateMenu
GetActiveWindow
IsWindowEnabled
CreateIcon
EnableWindow
GetFocus
WaitMessage
ClientToScreen
GetKeyboardLayout
PostMessageA
SetPropA
MessageBoxA
GetWindowLongW
ActivateKeyboardLayout
CharUpperBuffA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA
VerFindFileA
VerQueryValueA

shell32

Shell_NotifyIconA
SHFileOperationA
SHGetFolderPathA
SHGetDesktopFolder
SHGetFolderPathA
SHFileOperationA
SHGetSpecialFolderLocation
SHGetFileInfoA
Shell_NotifyIconA
DragQueryFileA

kernel32

GetOEMCP
GetProcAddress
GetCommandLineW
GetModuleHandleA
LoadLibraryExA
lstrlenW
ExitThread
LoadLibraryA
ExitProcess
IsBadReadPtr
VirtualAlloc
GetLastError
IsBadHugeReadPtr
GetCommandLineA
GetCommandLineW
SetHandleCount
InitializeCriticalSection
MoveFileA
GetFullPathNameA
EnterCriticalSection

comctl32

ImageList_Write
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_Draw
ImageList_Write
ImageList_Remove
ImageList_Write
ImageList_Add
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Draw
ImageList_Draw
ImageList_GetBkColor
ImageList_Create
ImageList_Write
ImageList_DragShowNolock
ImageList_Add
ImageList_Remove
ImageList_Destroy
ImageList_DragShowNolock
ImageList_Create
ImageList_Add

ole32

OleCreateStaticFromData
CLSIDFromProgID
CoRegisterClassObject
CoGetObjectContext
CoGetMalloc
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetObjectContext
OleRun
CoDisconnectObject
CoGetMalloc
CoTaskMemFree
MkParseDisplayName
CoUnmarshalInterface
ReleaseStgMedium
CreateStreamOnHGlobal
CoReleaseMarshalData
PropVariantClear
CoDisconnectObject
OleRun
CoUninitialize
CreateBindCtx
CoUnmarshalInterface
CoUninitialize
CoRegisterClassObject
CoFreeUnusedLibraries
CLSIDFromString
CoCreateInstanceEx
CoDisconnectObject
StgCreateDocfileOnILockBytes

shlwapi

SHQueryValueExA
SHGetValueA
SHEnumValueA
SHDeleteKeyA
PathFileExistsA
PathIsDirectoryA
SHDeleteValueA
SHQueryInfoKeyA
PathGetCharTypeA
SHStrDupA
SHEnumValueA
SHSetValueA
PathFileExistsA
SHDeleteKeyA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueA
GetUserNameA
GetLengthSid
RegQueryValueExA
GetUserNameA
RegLoadKeyA
RegEnumKeyA
RegEnumValueA
GetUserNameA
RegQueryInfoKeyA
RegQueryValueA

msvcrt

exit
wcstol
srand
rand
tan
sin
pow
rand
wcscspn
atan
exp
strlen
atan
atol
malloc
srand
clock
memcpy

comdlg32

FindTextA
ChooseColorA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA
FindTextA
ChooseColorA
GetSaveFileNameA
GetSaveFileNameA
ChooseColorA
FindTextA
GetSaveFileNameA
GetOpenFileNameA
FindTextA
GetFileTitleA
ChooseColorA

gdi32

SaveDC
SetBkMode
CreateFontIndirectA
CreateCompatibleBitmap
CreateCompatibleDC

Sections

CODE
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77132630146736d0f7a34fe19962b81e

Headers

File Characteristics

Imports

oleaut32

user32

version

shell32

kernel32

comctl32

ole32

shlwapi

advapi32

msvcrt

comdlg32

gdi32

Sections

CODE Size: 176KB - Virtual size: 176KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 51KB

.bss Size: 2KB - Virtual size: 1KB

.rsrc Size: 5KB - Virtual size: 5KB

CODE
Size: 176KB - Virtual size: 176KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 51KB

.bss
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 5KB - Virtual size: 5KB