2e3e7d483c6753a7b581005770a4d2c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e3e7d483c6753a7b581005770a4d2c0_JaffaCakes118
Size

384KB
MD5

2e3e7d483c6753a7b581005770a4d2c0
SHA1

d993ce34ec6279af9f8f7d3e0b6dee3f29a6ab8a
SHA256

61f043c34bb7943a1832a0813bf7912104577e06a83f62e83b13e20d62c59fa0
SHA512

76ce7f007389cb7ff9d7e02f69a5d5df34a99befe3d07e74d424d15f0b55b5b5deb9e2ee34a07d57d9ea4bf16c22daab631e8a23f9ec31f85318d1072871e2b0
SSDEEP

3072:2N+1bxu1X6DlTeC172eE4DoK+NSmVxy06/CouevZGBy/WRvPPjmw41+NNgoxKuoy:o+1s6Teey74Dlmny0oyf9yPEjvLpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e3e7d483c6753a7b581005770a4d2c0_JaffaCakes118

Files

2e3e7d483c6753a7b581005770a4d2c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2ca21b71ee1f83ea142307f3e168d889

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetEnvironmentVariableA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetProfileStringA
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetFileType
SetStdHandle
GetACP
HeapSize
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
GetTimeZoneInformation
RaiseException
GetCommandLineA
GetStartupInfoA
RtlUnwind
WritePrivateProfileStringA
SetErrorMode
GetFileTime
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
SizeofResource
GlobalFlags
GlobalAlloc
lstrcmpA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
DuplicateHandle
SetLastError
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
MulDiv
InterlockedDecrement
InterlockedIncrement
GetVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcatA
CreateDirectoryA
CopyFileA
FormatMessageA
LocalFree
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
ExitProcess
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CloseHandle
GetCurrentProcess
GetLastError
HeapAlloc
HeapFree
GetVersionExA
FindFirstFileA
GetFileAttributesA
SetFileAttributesA
RemoveDirectoryA
DeleteFileA
FindNextFileA
FindClose
LoadLibraryA
FreeLibrary
GetCurrentThreadId
GetTickCount
Sleep
GetModuleFileNameA
lstrlenA

user32

GetWindowDC
ReleaseDC
GetDC
ClientToScreen
InvalidateRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
BeginPaint
GetMenuItemID
MessageBeep
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
EnableWindow
GetWindowRect
GetClassNameA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
RegisterClipboardFormatA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsIconic
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
PostThreadMessageA
MapVirtualKeyA
AnimateWindow
KillTimer
FindWindowExA
EnumChildWindows
keybd_event
PostMessageA
FindWindowA
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetSubMenu
GetSystemMetrics
GetClientRect
DefDlgProcA
IsWindowUnicode
SetTimer
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharUpperA
MapDialogRect
SetWindowContextHelpId
CharNextA
GetSysColorBrush
LoadCursorA
PtInRect
DestroyMenu
LoadStringA
SetCursor
PostQuitMessage
GetDesktopWindow
GetMessageA
TranslateMessage
SetPropA
InflateRect
ValidateRect
GetCursorPos

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
GetMapMode
PatBlt
DeleteObject
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DPtoLP
LPtoDP
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
PtVisible
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

CreateServiceA
RegSetValueExA
RegCreateKeyExA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
RegCloseKey
ChangeServiceConfig2A
CloseServiceHandle
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
CoUninitialize
CoInitialize
OleFlushClipboard
OleIsCurrentClipboard
CoCreateInstance

olepro32

ord253

oleaut32

SysAllocString
SysFreeString
VariantCopy
SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SysAllocStringByteLen
VariantChangeType
VariantTimeToSystemTime
VariantClear

wsock32

closesocket
gethostbyname
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
htonl
accept
WSAGetLastError
WSASetLastError
WSACleanup
htons
bind
connect
ioctlsocket
WSAStartup

wininet

InternetSetStatusCallback
InternetSetOptionExA
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetCloseHandle
InternetOpenA
InternetCanonicalizeUrlA
InternetCrackUrlA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ca21b71ee1f83ea142307f3e168d889

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 20KB - Virtual size: 40KB

.rsrc Size: 112KB - Virtual size: 109KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 20KB - Virtual size: 40KB

.rsrc
Size: 112KB - Virtual size: 109KB