34ba6d11ae909cf7c3fa554118982cd9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34ba6d11ae909cf7c3fa554118982cd9_JaffaCakes118
Size

272KB
MD5

34ba6d11ae909cf7c3fa554118982cd9
SHA1

0bac34e79a07ec68476ed762ebcb093fc034e249
SHA256

716d39d4b03cb8d73b94a1ff98d29cbf56b1e76b1df4f439b1385b684fddaace
SHA512

e303788d95afed1d3994f93a606ee1ecccbd84a5591206b178b97ed9b7827e79d4b877b6c94dcda40c610f14144aa202f310a84f1863429f7f92924294362220
SSDEEP

3072:czfeg3/ULz3EflUc1y4AerMsK2O40uLAVY7bH/uH+5OxsXFyBErdwBthbRIV2:cz3/U8dWeFU4puH+ExIyqSH2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
34ba6d11ae909cf7c3fa554118982cd9_JaffaCakes118

Files

34ba6d11ae909cf7c3fa554118982cd9_JaffaCakes118
.exe windows:5 windows x86 arch:x86

39b28bb211c48183ac342d9e6bf230da

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
GetOEMCP
GetDateFormatA
EnumResourceLanguagesW
GlobalAlloc
GetDateFormatW
GetVolumeInformationW
GetCurrentProcessId
SetEnvironmentVariableA
GetPrivateProfileStringW
GlobalFlags
HeapAlloc
CopyFileW
GetDriveTypeW
ExpandEnvironmentStringsW
GetModuleFileNameW
GetLocaleInfoA
lstrcatW
IsBadWritePtr
InitializeCriticalSection
QueryPerformanceFrequency
FindNextFileW
FreeEnvironmentStringsA
DeleteCriticalSection
SetStdHandle
FreeEnvironmentStringsW
LocalReAlloc
GetTempPathW
ExitProcess
WritePrivateProfileStringW
GetCurrentProcess
GetStringTypeW
GetVersion
LCMapStringA
RtlUnwind
QueryPerformanceCounter
FindFirstFileW
lstrcmpW
GetLocalTime
TlsGetValue
FormatMessageW
GetFullPathNameW
HeapDestroy
CreateFileW
VirtualQuery
GetACP
IsBadCodePtr
IsValidCodePage
GetFileSize
GetStartupInfoW
ReadFile
SetUnhandledExceptionFilter
GetCurrentThread
WaitForMultipleObjects
LockResource
GetTickCount
LockFile
FindClose
GetTimeFormatW
LocalAlloc
GetLocaleInfoW
HeapSize
GetCurrentThreadId
CreateProcessW
HeapReAlloc
VirtualProtect
CreateDirectoryW
GetVersionExA
DeleteFileW
DuplicateHandle
HeapCreate
LCMapStringW
SetHandleCount
FileTimeToSystemTime
LoadResource
TlsFree
WriteFile
GetEnvironmentStringsW
TerminateProcess
GlobalFree
IsBadReadPtr
GetSystemTimeAsFileTime
LoadLibraryW
GlobalFindAtomW
GetFileType
CompareStringA
MapViewOfFile
FileTimeToLocalFileTime
GlobalAddAtomA
CancelWaitableTimer
ActivateActCtx
VirtualProtectEx
OpenWaitableTimerA
OpenWaitableTimerW
CancelIo
VirtualFree
SizeofResource
MulDiv
RaiseException
VirtualAlloc
TlsAlloc
GetCPInfo
GetPrivateProfileSectionW
GetEnvironmentStrings
lstrcmpA
InterlockedDecrement
SetEndOfFile
GlobalHandle
lstrcpyW
GlobalDeleteAtom
UnhandledExceptionFilter
GetStringTypeA
GetCommandLineA
GetUserDefaultLCID
CreateWaitableTimerW
GetModuleHandleW
TlsSetValue
SetFileAttributesW
LeaveCriticalSection
SetFilePointer
InterlockedIncrement
InterlockedExchange
EnterCriticalSection
GetTimeZoneInformation
CompareStringW
UnmapViewOfFile
UnlockFile
GetStdHandle
GetFileTime
GetVersionExW
lstrcpynW
GetFileAttributesW
FlushFileBuffers
GetSystemInfo
GetTimeFormatA
SetWaitableTimer
SetErrorMode
HeapFree
CloseHandle
GetFileAttributesA
GetStartupInfoA
MultiByteToWideChar
SetLastError
LocalFree
lstrcpyA
lstrcpynA
GetLastError
LoadLibraryA
CreateMutexA
GetModuleFileNameA
GetProcAddress
lstrlenW
GetFullPathNameA
GetModuleHandleA
FreeLibrary
WideCharToMultiByte
AreFileApisANSI
GetThreadLocale
lstrlenA

user32

GetClassInfoExW
CheckMenuItem
CopyRect
CallWindowProcW
InvalidateRgn
GetAsyncKeyState
GetClassNameW
GetKeyState
SystemParametersInfoA
GetMessagePos
PeekMessageW
ClientToScreen
DrawTextExW
SetFocus
EndDialog
GetTopWindow
WinHelpW
IntersectRect
IsWindowVisible
IsWindowUnicode
wsprintfW
CharUpperA
GetFocus
GetForegroundWindow
AdjustWindowRectEx
GetWindow
CreateWindowExW
IsRectEmpty
IsChild
MessageBoxW
GrayStringW
GetClassInfoW
SendDlgItemMessageW
SetWindowTextW
GetWindowTextLengthW
GetActiveWindow
SetCursor
IsWindowEnabled
RegisterWindowMessageW
GetPropW
SetWindowLongW
SetWindowPos
GetWindowDC
UnregisterClassW
SetWindowContextHelpId
SetDlgItemTextW
GetNextDlgGroupItem
TranslateMessage
GetWindowTextW
GetSysColorBrush
BeginPaint
TabbedTextOutW
MapDialogRect
GetClassLongW
SetActiveWindow
GetMenuCheckMarkDimensions
MapWindowPoints
WindowFromPoint
DispatchMessageW
SendDlgItemMessageA
InvalidateRect
DrawTextW
ScreenToClient
SetPropW
GetDesktopWindow
GrayStringA
OffsetRect
SetRect
GetWindowRect
EnableWindow
IsZoomed
PtInRect
DrawTextA
ReleaseCapture
RemovePropW
RegisterClassW
GetNextDlgTabItem
EqualRect
ValidateRect
PostMessageW
GetWindowPlacement
CreateDialogIndirectParamW
EndPaint
GetCapture
GetMenuState
FillRect
GetParent
GetSystemMenu
SendMessageA
GetDlgCtrlID
GetSystemMetrics
SetCapture
UpdateWindow
SetForegroundWindow
GetWindowTextA
SetWindowTextA
EnumChildWindows
PostQuitMessage
GetMessageTime
IsDialogMessageW
SetMenuItemBitmaps
GetDlgItemTextW
GetWindowLongW
DefWindowProcA
IsWindow
TabbedTextOutA

gdi32

GetObjectW
CreateDIBSection
DeleteDC
TextOutW
CreateCompatibleDC
SetBkColor
CreateBitmap
CreateRectRgnIndirect
GetTextExtentPoint32W
GetClipBox
SetDIBColorTable
SetMapMode
GetDeviceCaps
ExtTextOutW
TextOutA
GetViewportExtEx
AbortDoc
GetStockObject
CheckColorsInGamut
AngleArc
ColorCorrectPalette
CancelDC
AnimatePalette
BeginPath
GetWindowExtEx
SaveDC
DeleteObject
RectVisible
PtVisible
CreatePalette
PtInRegion
CreatePolygonRgn
LPtoDP
GetTextColor
SetPixel
CombineRgn
CreateRectRgn
BitBlt
CreateFontIndirectA
RestoreDC
Polyline
GetObjectA
SetRectRgn
DPtoLP

comdlg32

GetSaveFileNameW
GetOpenFileNameW
GetFileTitleW

shell32

SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
SHBindToParent
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteA
SHGetFolderLocation
SHFileOperationW

comctl32

ImageList_Destroy
PropertySheetW
ImageList_ReplaceIcon
ord17
ImageList_SetBkColor
ImageList_AddMasked
ImageList_Create
CreatePropertySheetPageW
_TrackMouseEvent
InitCommonControlsEx
DestroyPropertySheetPage

shlwapi

PathStripToRootW
StrRetToBufW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

mpr

WNetCancelConnectionW
WNetAddConnection2W

oledlg

OleUIBusyW

gdiplus

GdiplusStartup
GdipGetImagePaletteSize
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipBitmapUnlockBits
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipGetImageWidth
GdipGetImagePalette
GdipCloneImage
GdipFree
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdiplusShutdown
GdipAlloc
GdipDeleteGraphics

msvcrt

__CxxFrameHandler
_except_handler3
_mbscmp
_exit
exit
_strdup
_adjust_fdiv
__set_app_type
_mbsicmp
_onexit
_XcptFilter
__p__fmode
_setmbcp
_initterm
?terminate@@YAXXZ
_vsnprintf
__dllonexit
_controlfp
_splitpath
__p__commode
_acmdln
free
__setusermatherr
_CxxThrowException
__getmainargs
??1type_info@@UAE@XZ
_CIsin

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39b28bb211c48183ac342d9e6bf230da

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

comctl32

shlwapi

version

mpr

oledlg

gdiplus

msvcrt

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 39KB - Virtual size: 43KB

.rsrc Size: 135KB - Virtual size: 135KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 39KB - Virtual size: 43KB

.rsrc
Size: 135KB - Virtual size: 135KB

.reloc
Size: 13KB - Virtual size: 12KB