2b31ff7381fa1c727b384434bda3f2e0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b31ff7381fa1c727b384434bda3f2e0_JaffaCakes118
Size

464KB
MD5

2b31ff7381fa1c727b384434bda3f2e0
SHA1

a3233ffd3e90930b7aa45ba753586bf178dd061a
SHA256

2ec732fbb86763eaa34fe3b466d290bbd2b0b544d951f20b8e8eb89cfa1600d7
SHA512

3627876b255658a4ab268dff26d770d4c94187d443074cdb1b39ecabe8e3a0f0e617b6dd66c6162e25e1c4db1394cb59dcadb7a01953432dd5abf69851bbe268
SSDEEP

6144:cd2WNlt7n2fDs+GF3kX++qb/zQmTxVSLS7k6r9NVzqahELeMdCTYuMKq0ZINSvo5:cdwQ7pICMuMK7ZIr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b31ff7381fa1c727b384434bda3f2e0_JaffaCakes118

Files

2b31ff7381fa1c727b384434bda3f2e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e3fb0d59f887d043ed6f9c0711863ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

TransparentBlt

comctl32

ord17
_TrackMouseEvent

hccutils

LoadSTRING
LoadICON
LoadBITMAP
StretchBitmap
FindResources
LoadCURSOR

kernel32

lstrlenA
GetShortPathNameA
GetModuleFileNameA
lstrcpyA
lstrcatA
WideCharToMultiByte
InterlockedIncrement
GetSystemInfo
GlobalMemoryStatus
GetLocaleInfoA
GetSystemDefaultLCID
GetWindowsDirectoryA
LocalAlloc
LocalFree
MulDiv
CreateFileA
ReadFile
GetFileSize
SetFilePointer
DeleteFileA
GetTempFileNameA
GetTempPathA
WriteFile
GetTimeFormatA
GetDateFormatA
MultiByteToWideChar
GetStringTypeW
GetStringTypeA
SetEnvironmentVariableA
CompareStringW
CompareStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
HeapSize
TerminateProcess
HeapReAlloc
HeapAlloc
RaiseException
HeapFree
ExitProcess
GetVersion
GetStartupInfoA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
lstrlenW
InitializeCriticalSection
GetCommandLineA
lstrcmpiA
CreateMutexA
GetLastError
DeleteCriticalSection
HeapDestroy
CloseHandle
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
SearchPathA
GetVersionExA
lstrcpynA
CreateProcessA
GetModuleHandleA
Sleep
InterlockedDecrement
LoadLibraryA
GetProcAddress
GetCurrentProcess
FreeLibrary
SetStdHandle
FlushFileBuffers

user32

DrawFocusRect
GetDlgItemTextA
SetDlgItemTextA
MessageBoxA
MapVirtualKeyA
RegisterHotKey
UnregisterHotKey
GetIconInfo
ScreenToClient
GetWindowDC
FillRect
RedrawWindow
PostQuitMessage
EnumWindows
SetTimer
SetWindowRgn
GetFocus
IsWindowVisible
GetClassNameA
EnumDisplaySettingsA
EnableWindow
GetDlgItem
GetWindowTextA
MoveWindow
MapWindowPoints
GetSysColorBrush
SetFocus
EndDialog
IsWindow
GetWindowRect
SetWindowPos
TrackPopupMenu
KillTimer
DrawFrameControl
SendMessageA
SetWindowTextA
IsWindowEnabled
ShowWindow
DialogBoxParamA
CreateDialogParamA
DefWindowProcA
DestroyMenu
CreatePopupMenu
AppendMenuA
FindWindowA
PostMessageA
PeekMessageA
TranslateMessage
MsgWaitForMultipleObjectsEx
DispatchMessageA
FrameRect
GetClientRect
EndPaint
BeginPaint
InflateRect
GetSystemMetrics
DrawEdge
RegisterClassA
RegisterWindowMessageA
GetActiveWindow
GetKeyNameTextA
CharNextA
GetClassInfoExA
RegisterClassExA
ReleaseCapture
InvalidateRect
LoadCursorA
SetCursor
SetCapture
GetParent
IntersectRect
GetDC
DrawTextA
ReleaseDC
PtInRect
UnionRect
CreateWindowExA
DestroyWindow
GetDlgCtrlID
GetCursorPos
wsprintfA
CallWindowProcA
GetWindowLongA
SetWindowLongA

gdi32

SetPixel
SelectClipRgn
CreateCompatibleDC
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetDeviceCaps
TextOutA
GetObjectA
SelectObject
SetStretchBltMode
StretchBlt
CreateFontIndirectA
CreatePatternBrush
GetPixel
DeleteObject
CreateRoundRectRgn
DeleteDC
Polyline
GetTextExtentPoint32A
CreateSolidBrush
CreatePen
Rectangle
SetTextColor
SetBkMode
SetROP2
GetStockObject
CreateCompatibleBitmap

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteExA

ole32

CoUninitialize
CoRevokeClassObject
CoInitialize
CoRegisterClassObject
CoCreateInstance
CLSIDFromProgID

oleaut32

SysAllocString
SysAllocStringByteLen
SysStringByteLen
LoadTypeLi
RegisterTypeLi
SysStringLen
SysFreeString
VariantClear
SysAllocStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiClassGuidsFromNameA

Sections

.text
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bunjqqs
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0e3fb0d59f887d043ed6f9c0711863ba

Headers

File Characteristics

Imports

msimg32

comctl32

hccutils

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

version

setupapi

Sections

.text Size: 360KB - Virtual size: 359KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 44KB - Virtual size: 93KB

.rsrc Size: 32KB - Virtual size: 32KB

bunjqqs Size: - Virtual size: 4KB

.text
Size: 360KB - Virtual size: 359KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 44KB - Virtual size: 93KB

.rsrc
Size: 32KB - Virtual size: 32KB

bunjqqs
Size: - Virtual size: 4KB