286b4d52c20315f86c81f952ced5b427_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

286b4d52c20315f86c81f952ced5b427_JaffaCakes118
Size

155KB
MD5

286b4d52c20315f86c81f952ced5b427
SHA1

eb5b2ead381ac3197da794cf999a09bfbcedf7ff
SHA256

1a25ed1177b71bda108b6d0a54b584aa57c4c42c367d5fcc9f7043bf141d825b
SHA512

972722e302432a17870036097c040a0edfc70b009dca03e455bf09696ddbe167060cda8a2a6764f2f8507217ed7d4bdad0e6cea633d94db92388186538cd4318
SSDEEP

3072:/uv2RLe0Py9jCngy7xA6gJNQqMuvNYD/5SnQ+KrVe2TGyMW2+8G5ojviuSct:/qCg9jUdeJNkqLQhbxl5ojv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
286b4d52c20315f86c81f952ced5b427_JaffaCakes118

Files

286b4d52c20315f86c81f952ced5b427_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4106cc9a5e17e393784af62b99fe5fba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor
ImageList_DrawEx
ImageList_Destroy
ImageList_Write
ImageList_Read
ImageList_Add
ImageList_Create
ImageList_DragShowNolock
ImageList_Draw
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read
ImageList_Remove
ImageList_DragShowNolock
ImageList_Write
ImageList_Write
ImageList_Add
ImageList_Read
ImageList_DrawEx
ImageList_Remove
ImageList_DragShowNolock
ImageList_Write
ImageList_Create
ImageList_Read
ImageList_DragShowNolock

advapi32

RegDeleteValueA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
GetLengthSid
RegEnumKeyA
RegQueryInfoKeyA
RegEnumKeyA
RegLoadKeyA
RegEnumKeyExA

ole32

MkParseDisplayName
CoRegisterClassObject
CoRevokeClassObject
GetHGlobalFromStream
CoTaskMemFree
StgOpenStorage
CLSIDFromString
OleRegGetUserType
StgCreateDocfileOnILockBytes
CoCreateInstanceEx
CreateOleAdviseHolder
StgOpenStorage
OleCreateStaticFromData
CoReleaseMarshalData
CoGetMalloc
GetHGlobalFromStream
CoCreateGuid
CoFreeUnusedLibraries
OleCreateStaticFromData
CreateStreamOnHGlobal
CoCreateInstanceEx
CoDisconnectObject
CLSIDFromString
CreateStreamOnHGlobal
ReleaseStgMedium
CoGetObjectContext
CLSIDFromProgID
CoRevokeClassObject
CoFreeUnusedLibraries
CoReleaseMarshalData
CLSIDFromString
ReleaseStgMedium
CoRegisterClassObject
CoUnmarshalInterface
CreateBindCtx
StringFromIID
OleRun
CLSIDFromString
CoFreeUnusedLibraries

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
FindTextA
GetOpenFileNameA
ChooseColorA
ChooseColorA
GetOpenFileNameA
GetFileTitleA

version

VerFindFileA
GetFileVersionInfoA
GetFileVersionInfoA
VerInstallFileA
VerQueryValueA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoA

user32

GetClassNameA
ScreenToClient
MapVirtualKeyA
WaitMessage
GetClipboardData
SetWindowPos
PeekMessageW
GetKeyboardLayoutList
SetPropA
EnumThreadWindows
DestroyWindow
CheckMenuItem
PostMessageA
GetParent
CreateWindowExA
GetSysColor
GetWindowPlacement
DeleteMenu
DispatchMessageA
MoveWindow
FindWindowA
PeekMessageA
GetWindow
DrawIcon
MsgWaitForMultipleObjects
SetWindowsHookExA
TranslateMessage
RemovePropA
ShowWindow
IntersectRect
PtInRect
EqualRect
IsChild
SetWindowPlacement
IsWindowEnabled
GetDesktopWindow
GetWindowLongA
RedrawWindow
EnableWindow
GetLastActivePopup
LoadStringA
GetKeyNameTextA
GetWindowLongW
GetDC
EmptyClipboard
GetMenuState
EnableScrollBar
DefFrameProcA
MessageBeep
GetCursor
GetMenuItemID
SetScrollInfo
GetLastActivePopup
EndPaint
ScreenToClient
IsWindow
DestroyCursor
DefWindowProcA
GetPropA
SetWindowPos
DefFrameProcA
EnumThreadWindows
CharNextW
GetMessagePos
SetParent
TrackPopupMenu
GetClientRect
KillTimer
GetKeyboardType
PeekMessageW
IsDialogMessageW
GetCapture
CharNextA
GetIconInfo
GetSystemMetrics
RegisterClassA
ShowScrollBar
BeginPaint
DefMDIChildProcA
ScrollWindow
GetWindowLongW
EqualRect
SetMenu
SetClipboardData
RegisterClipboardFormatA
RemovePropA
SetCursor
GetTopWindow
GetKeyState
RemoveMenu
GetMessagePos
EnableWindow
SetWindowTextA
EnumWindows
LoadStringA
LoadCursorA
LoadIconA
EnumChildWindows
GetCursorPos
SetScrollInfo
DestroyIcon
SetParent
ReleaseCapture
GetParent
GetKeyNameTextA
DefMDIChildProcA
PtInRect
SetRect
IsWindowUnicode
IsDialogMessageA
GetDC
CreateMenu
CharNextA
WindowFromPoint
SetMenuItemInfoA
DestroyMenu
SetWindowPlacement
GetMenuStringA
GetKeyboardState
DrawEdge
SetWindowsHookExA
LoadKeyboardLayoutA
GetWindowTextA
GetSysColorBrush
CallNextHookEx
GetActiveWindow
ShowOwnedPopups
SetCursor
GetSubMenu
UpdateWindow
MapWindowPoints
CreatePopupMenu
SetScrollPos
DrawMenuBar
DefFrameProcA
IsWindow
GetScrollInfo
IsDialogMessageW
GetClassInfoA
LoadStringA
DrawIconEx
CreateIcon
GetClientRect
GetWindowPlacement
KillTimer
RedrawWindow
GetCursor
LoadBitmapA
GetFocus
FindWindowA
wsprintfA
IsIconic
ClientToScreen
GetClassLongA
SetScrollInfo
IsChild
EnumWindows
GetSystemMenu
OpenClipboard
GetKeyboardLayoutList
FillRect
CreateWindowExA
GetCursorPos
GetKeyboardLayout
GetWindowTextA
SetClipboardData
GetKeyState
GetSubMenu
IsWindowUnicode
MapWindowPoints
EqualRect
DrawTextA
DestroyWindow
LoadIconA
SetMenu
ReleaseCapture
GetMenuItemInfoA
MsgWaitForMultipleObjects
DefMDIChildProcA
GetClipboardData
GetKeyboardState
EnableWindow
DrawIcon
GetClassInfoA

kernel32

GetACP
SetThreadLocale
SetEvent
GetStringTypeW
GlobalFindAtomA
LocalReAlloc
ReadFile
GetModuleHandleW
WriteFile
LocalFree
GetDateFormatA
WaitForSingleObject
GetFullPathNameA
VirtualAlloc
HeapDestroy
SizeofResource
GetVersionExA
lstrcmpA
SetFilePointer
WriteFile
GetDateFormatA
GetProcAddress
GetModuleHandleW
VirtualAlloc
GetFullPathNameA
SetEndOfFile
CreateEventA
ReadFile
GetCurrentThreadId
GetVersion
DeleteFileA
GetThreadLocale
GlobalAlloc
EnterCriticalSection
GlobalFindAtomA
CloseHandle
LocalFree
GetProcessHeap
HeapDestroy
CreateFileA
HeapAlloc
GetFullPathNameA
GetCommandLineA
lstrcpyA
LoadLibraryA
GetVersionExA
VirtualAlloc
ExitThread
GetProcAddress
LockResource
LoadResource
LocalAlloc
ExitProcess
GetModuleHandleA
FindClose
LoadResource
MoveFileA
FreeLibrary
GetProcAddress
SetThreadLocale
GetTickCount
GetProcessHeap
SetHandleCount
FormatMessageA
MoveFileExA
HeapAlloc
GetModuleHandleA
GetCurrentThreadId
VirtualFree
Sleep
WaitForSingleObject
GetSystemDefaultLangID
VirtualAlloc
lstrcpyA
lstrlenW
GetDiskFreeSpaceA
CreateThread
SetEndOfFile
SetEvent
VirtualQuery
DeleteCriticalSection
CreateFileA
HeapDestroy
GetLastError
GetModuleHandleA
SetThreadLocale
GlobalAlloc
Sleep
FreeResource

shlwapi

SHStrDupA
SHQueryInfoKeyA
SHGetValueA
PathIsDirectoryA
SHEnumValueA
SHQueryValueExA
PathIsContentTypeA
SHEnumValueA
SHDeleteKeyA
SHQueryInfoKeyA
SHSetValueA
SHGetValueA
SHStrDupA
SHEnumValueA
SHDeleteKeyA
SHSetValueA
PathIsContentTypeA
SHGetValueA

shell32

SHGetFolderPathA
SHGetSpecialFolderLocation
DragQueryFileA
SHGetDiskFreeSpaceA
SHGetSpecialFolderLocation
SHGetDesktopFolder
Shell_NotifyIconA
SHGetFileInfoA
SHGetFolderPathA

gdi32

CreateCompatibleDC
CreatePenIndirect
CreateBitmap
SaveDC
GetBitmapBits
SelectPalette
LineTo
GetClipBox
CreateDIBitmap
BitBlt
GetPixel

oleaut32

OleLoadPicture
VariantChangeType
VariantCopyInd
GetErrorInfo
SysStringLen
SafeArrayUnaccessData

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4106cc9a5e17e393784af62b99fe5fba

Headers

File Characteristics

Imports

comctl32

advapi32

ole32

comdlg32

version

user32

kernel32

shlwapi

shell32

gdi32

oleaut32

Sections

.text Size: 68KB - Virtual size: 67KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 73KB - Virtual size: 73KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 68KB - Virtual size: 67KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 73KB - Virtual size: 73KB

.rsrc
Size: 10KB - Virtual size: 9KB