37a42553e0f4a9a5af7be1b6e40d2429_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37a42553e0f4a9a5af7be1b6e40d2429_JaffaCakes118
Size

190KB
MD5

37a42553e0f4a9a5af7be1b6e40d2429
SHA1

3b2f80653eb82434333023963360cf0beb8d33eb
SHA256

6fbb1315188ee43cb3443ae03112299efc84891a1632e986f51ccef277fb9bd1
SHA512

d32df6724072df38a7c6357039227fe88ac6b27fbb95e0be26a12fd2b60d55d184c4d31c35e65c0409fc3a0266178491e7f9ac0253813e383658480cc484e4f9
SSDEEP

3072:sK8j1nwgSzbVN/VtHwloKkPfsSHGAYpUfekp/NxbokvUCpmIaGA6jNCHsf:sK8jtwgSzb7VtHwloK6sSHGlifeOg+UE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37a42553e0f4a9a5af7be1b6e40d2429_JaffaCakes118

Files

37a42553e0f4a9a5af7be1b6e40d2429_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ac9accae1fc0d4ca977f8782cfc8f33c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
lstrcmpW
lstrcmpiW
lstrcpyA
lstrcatW
lstrcpynA
lstrcpynW
lstrlenA
lstrlenW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
UnmapViewOfFile
UnhandledExceptionFilter
TerminateThread
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
SetFilePointer
SetEvent
SetEnvironmentVariableW
ReadFile
QueryPerformanceCounter
MultiByteToWideChar
MoveFileW
MoveFileExW
MapViewOfFile
LocalUnlock
LocalReAlloc
LocalLock
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
IsBadReadPtr
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryW
GetVersionExA
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetTickCount
GetTempPathW
GetTempFileNameW
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemDefaultLangID
GetSystemDefaultLCID
GetStartupInfoW
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLastError
GetFileSize
GetDateFormatW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
EnterCriticalSection
DuplicateHandle
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateFileW
CreateFileMappingW
CreateEventW
CreateEventA
CloseHandle
lstrcpyW
AreFileApisANSI

user32

PostMessageA
PostMessageW
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPos
SetWindowTextA
SetWindowTextW
ShowCaret
ShowScrollBar
ShowWindow
SystemParametersInfoA
TranslateMessage
UnionRect
UpdateWindow
WinHelpA
WinHelpW
wsprintfW
LoadIconW
LoadIconA
LoadCursorW
LoadCursorA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
IsDialogMessageA
InvertRect
InvalidateRect
IntersectRect
HideCaret
GetWindowTextW
PeekMessageW
GetWindowLongW
GetWindowLongA
GetWindow
GetUserObjectInformationW
GetThreadDesktop
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetProcessWindowStation
GetParent
GetMessageA
GetKeyboardLayoutList
GetKeyboardLayout
GetFocus
GetDlgItemTextW
GetDlgItem
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClientRect
GetClassInfoExW
GetCapture
GetActiveWindow
FindWindowW
FindWindowExW
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumClipboardFormats
EndPaint
EndDialog
EnableWindow
EnableScrollBar
EmptyClipboard
DrawTextW
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFocusRect
DrawEdge
DrawAnimatedRects
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DestroyWindow
LoadMenuW
OpenClipboard
OffsetRect
MsgWaitForMultipleObjects
ActivateKeyboardLayout
AttachThreadInput
BeginPaint
CallWindowProcW
ClientToScreen
CloseClipboard
CopyRect
CreateCaret
CreateDialogParamA
CreateDialogParamW
CreateWindowExA
MessageBoxW
MessageBoxA
MessageBeep
MapWindowPoints
LoadStringW
GetWindowRect
LoadStringA
DestroyCaret
DeleteMenu
DefWindowProcW
DefWindowProcA
DefDlgProcW
DefDlgProcA
CreateWindowExW
PeekMessageA

gdi32

OffsetRgn
PatBlt
Polyline
Rectangle
RestoreDC
SaveDC
GetTextMetricsW
SetBitmapBits
SetBkColor
SetBkMode
SetTextColor
StretchBlt
TranslateCharsetInfo
GetTextExtentPointW
GetTextExtentPointA
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentExPointW
GetStockObject
GetRgnBox
GetObjectW
GetObjectA
GetFontData
GetBitmapBits
FillRgn
ExtTextOutW
ExtTextOutA
EnumFontFamiliesW
EnableEUDC
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreatePolygonRgn
CreatePen
CreateFontIndirectW
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
SelectObject
BitBlt

comdlg32

GetOpenFileNameW
ChooseFontW
GetSaveFileNameW

advapi32

RegEnumValueW
GetUserNameW
OpenProcessToken
OpenThreadToken
RegCloseKey
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
GetUserNameA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA

shell32

ShellAboutW
CommandLineToArgvW
ExtractIconExW

ole32

StringFromGUID2
CoUninitialize
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CLSIDFromString

shlwapi

PathAppendW
PathRemoveFileSpecW
StrCmpW
PathFindFileNameW
PathQuoteSpacesW
StrToIntW

comctl32

ImageList_Draw
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx

msvcrt

__argc
__argv
__dllonexit
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_vsnwprintf
_wcmdln
_wtoi
exit
free
malloc
qsort
strncpy
toupper
wcschr
wcscmp
wcsrchr
wcsstr
wcstok
wcstol
_XcptFilter
__CxxFrameHandler

imm32

ImmAssociateContext
ImmConfigureIMEW
ImmCreateContext
ImmDestroyContext
ImmEnumRegisterWordW
ImmEscapeW
ImmGetCompositionStringW
ImmGetConversionStatus
ImmIsIME
ImmRegisterWordW
ImmSetCompositionStringW
ImmSetConversionStatus

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac9accae1fc0d4ca977f8782cfc8f33c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

comctl32

msvcrt

imm32

Sections

.text Size: 43KB - Virtual size: 43KB

.data Size: 144KB - Virtual size: 144KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 43KB - Virtual size: 43KB

.data
Size: 144KB - Virtual size: 144KB

.rsrc
Size: 1KB - Virtual size: 1KB