36795d98b44693351a8bf9e68d62a9d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

36795d98b44693351a8bf9e68d62a9d3_JaffaCakes118
Size

1.7MB
MD5

36795d98b44693351a8bf9e68d62a9d3
SHA1

322fb0ae830eeccfcab84bf314a77b9f852fb0db
SHA256

52753e4c5575ea3fd90a97abe0b00bb931e5f9299fc9f139d250c0f19f0e75b0
SHA512

9beb2fe8cbf42e9fb3ad341c790298686d372dc367f68e0a6750d3248e0a52599fc3ef22ac500e9be5cb4b7e58a7d462206fed2c9a6135e6259834052e6908a9
SSDEEP

24576:F0aeNUGTFZDhIhtSbIDmGvHHG5ymSkssiJwhSKR76hc:EjnhIhIIDZHHGeKhSK9S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36795d98b44693351a8bf9e68d62a9d3_JaffaCakes118

Files

36795d98b44693351a8bf9e68d62a9d3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e583b8bda5b9b2b1239fca4600bfe2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
GetFileType
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProfileStringA
GetStdHandle
SetHandleCount
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetACP
GetTimeZoneInformation
HeapReAlloc
HeapSize
TerminateProcess
ExitThread
CreateThread
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
CreateDirectoryA
RtlUnwind
HeapAlloc
HeapFree
GetTickCount
SizeofResource
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GlobalAlloc
GetCurrentThread
GlobalFree
CreateFileA
GetFileTime
GetFileSize
GetFileAttributesA
lstrcmpA
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
lstrcpynA
FormatMessageA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
SetLastError
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetTempPathA
DeleteFileA
CreateMutexA
GetLastError
ReleaseMutex
FreeLibrary
LoadLibraryA
GetProcAddress
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion
IsBadCodePtr
GetVersionExA

user32

CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
SetParent
RegisterClipboardFormatA
PostThreadMessageA
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
IsWindowVisible
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
CharNextA
IntersectRect
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
IsIconic
DrawIcon
GetSystemMenu
LoadIconA
MessageBoxA
SetForegroundWindow
FindWindowA
SetWindowPos
SetTimer
KillTimer
LoadCursorA
RedrawWindow
FrameRect
LoadImageA
DrawStateA
OffsetRect
GetClientRect
InflateRect
DrawFocusRect
GetWindowRect
PostMessageA
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetMenuItemInfoA
ReleaseCapture
EnableWindow
GetSubMenu
GrayStringA
TabbedTextOutA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
CharUpperA
SetCapture
LockWindowUpdate
GetDCEx
GetWindowPlacement
ModifyMenuA
GetMenuItemCount
AppendMenuA
GetSystemMetrics
GetDesktopWindow
GetDC
DrawTextA
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
FillRect
DrawEdge
SetRect
GetClassNameA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
EndDialog
CreateDialogIndirectParamA
LoadStringA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
MapWindowPoints
PtInRect
SetRectEmpty
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
UpdateWindow
DestroyMenu
SendDlgItemMessageA

gdi32

GetTextExtentPointA
GetCurrentObject
CreateFontA
CreateDCA
CreateRectRgnIndirect
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
CreateBitmap
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetCharWidthA
GetTextMetricsA
GetTextColor
GetBkColor
LPtoDP
SetBkColor
SetTextColor
GetStockObject
Escape
PatBlt
ExtTextOutA
TextOutA
GetObjectA
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
RectVisible
PtVisible
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetBkMode
CreateDIBitmap
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExA

comctl32

ImageList_GetIcon
ImageList_AddMasked
ImageList_Draw
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Destroy
ImageList_Create
ImageList_GetImageCount
ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
VariantCopy
VariantChangeType
SysAllocString
SysAllocStringByteLen
SysStringLen

urlmon

URLDownloadToFileA

winmm

PlaySoundA

cximage

?Decode@CxImage@@QAE_NPAVCxFile@@K@Z
??1CxMemFile@@UAE@XZ
?Destroy@CxImage@@QAE_NXZ
??0CxMemFile@@QAE@PAEK@Z
?LoadResource@CxImage@@QAE_NPAUHRSRC__@@KPAUHINSTANCE__@@@Z
?GetHeight@CxImage@@QBEKXZ
?Draw@CxImage@@QAEJPAUHDC__@@JJJJPAUtagRECT@@_N@Z
?GetWidth@CxImage@@QBEKXZ
?Save@CxImage@@QAE_NPBDK@Z
?SetJpegQuality@CxImage@@QAEXE@Z
??0CxImage@@QAE@K@Z
?Load@CxImage@@QAE_NPBDK@Z

Sections

.text
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e583b8bda5b9b2b1239fca4600bfe2b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

urlmon

winmm

cximage

Sections

.text Size: 236KB - Virtual size: 232KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 20KB - Virtual size: 35KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.tc Size: 200KB - Virtual size: 200KB

.text
Size: 236KB - Virtual size: 232KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 20KB - Virtual size: 35KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.tc
Size: 200KB - Virtual size: 200KB