3873e9c48611f30cdbdaae2351badd7b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3873e9c48611f30cdbdaae2351badd7b_JaffaCakes118
Size

360KB
MD5

3873e9c48611f30cdbdaae2351badd7b
SHA1

ceeb0cb8b6e61cba268c2bf300736979e88ab491
SHA256

a748becdb2c21697c7bdc39cb2bad24c3cb3ecb20e432b1878fa9f05bcb74b82
SHA512

0ccfdf2e5cb5ed44ffb777e1c61ced77262145d6e93332a3dfac631b4999203e4ef8e3b6274bd4abd9a6de2ec8da1f1e90886be32ceac5b9214458ec6b84c369
SSDEEP

6144:ZC7EO2S2Hu4uN6AOnToEN0lPBTEgFqE0tIjrUB4UKBIkvc2RRVIZd:ZwD2SEuN6pc3PBwxE0Ojox6Ioc2RRVIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
3873e9c48611f30cdbdaae2351badd7b_JaffaCakes118

Files

3873e9c48611f30cdbdaae2351badd7b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

531ff3faf0a7b01959a81f7f41b61b21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
SetWindowLongA
DispatchMessageA
IsDialogMessageA
CreateDialogIndirectParamA
DefWindowProcW
SendMessageW
InvalidateRect
LoadImageW
EndDialog
GetWindowLongA
PeekMessageA
TranslateMessage
GetDlgItem
SetDlgItemTextA
GetDesktopWindow
GetClientRect
GetWindowRect
MoveWindow
CharNextA
CharUpperA
wsprintfA
ReleaseDC
LoadImageA
GetDC
EndPaint
CreateDialogParamA
BeginPaint
DialogBoxIndirectParamA
MessageBoxA
DestroyWindow
CharLowerA
GetParent
GetWindowTextLengthA
GetWindowTextA
GetWindowPlacement
DrawIcon
DestroyIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
EnableWindow
GetDlgItemTextA
GetWindow
SetCursor
UpdateWindow
GetClassInfoA
wvsprintfA
LoadStringA
GetSystemMetrics
SetRect
FindWindowA
IntersectRect
SubtractRect
CharPrevA
WaitForInputIdle
ClientToScreen
SetWindowPos
GetWindowDC
ShowWindow
DialogBoxParamA
MsgWaitForMultipleObjects
DefWindowProcA
PostMessageA
KillTimer
PostQuitMessage
SetTimer
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
GetMessageA
ExitWindowsEx
SendDlgItemMessageA
IsWindow
CharLowerBuffA
OpenClipboard
TrackPopupMenu
AppendMenuW
CreatePopupMenu
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
CreateDialogParamW
SetWindowTextW
SetForegroundWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
GetWindowLongW
CharNextW
GetClassInfoW
FindWindowExW
SetWindowLongW
DrawTextW

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
PrintDlgW
ChooseColorW
FindTextW

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc
Shell_NotifyIconW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteExW

advapi32

RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA

gdi32

GetStockObject
CreateFontIndirectW
RealizePalette
SelectPalette
UnrealizeObject
GetObjectA
CreateHalftonePalette
CreatePalette
GetSystemPaletteEntries
GetDIBColorTable
GetTextExtentPoint32A
CreateFontIndirectA
CreateCompatibleDC
CreateDIBitmap
TranslateCharsetInfo
CreateCompatibleBitmap
GetDeviceCaps
DeleteObject
GetObjectW
CreateDIBSection
GetTextExtentPoint32W
SetTextAlign
EndDoc
StartDocW
SetMapMode
Polyline
SetBkColor
SelectObject
SelectClipRgn
RectInRegion
SetTextColor
GetTextMetricsW
GetBkMode
GetBkColor
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
BitBlt
CreatePen
ExtTextOutW
LineTo
Rectangle
RestoreDC
SaveDC
SetROP2
MoveToEx
SetBkMode
EndPage
CreateFontA
DeleteDC
StartPage

comctl32

ImageList_Destroy
InitCommonControlsEx
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
CreateToolbarEx
CreatePropertySheetPageW
CreateStatusWindowW
ImageList_DrawEx
PropertySheetW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

netapi32

NetWkstaTransportAdd

shlwapi

ColorHLSToRGB
UrlUnescapeW
ColorRGBToHLS

kernel32

GetLastError
CompareStringA
GetPrivateProfileStringA
GetVersionExA
GlobalLock
GlobalAlloc
GetUserDefaultLangID
GetModuleFileNameA
RtlUnwind
GetAtomNameA
DeleteFileA
HeapReAlloc
CloseHandle
lstrlenW
WideCharToMultiByte
GlobalUnlock
GlobalFree
MultiByteToWideChar
GetPrivateProfileIntA
CreateProcessA
CreateFileA
SetErrorMode
CompareStringW
HeapAlloc
GetSystemTimeAsFileTime
HeapFree
GetTimeFormatA
GetDateFormatA
GetCommandLineA
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
WriteFile
GetStdHandle
RaiseException
GetTimeZoneInformation
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
HeapSize
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
Sleep

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

531ff3faf0a7b01959a81f7f41b61b21

Headers

DLL Characteristics

File Characteristics

Imports

user32

comdlg32

shell32

advapi32

gdi32

comctl32

version

netapi32

shlwapi

kernel32

Sections

.text Size: 110KB - Virtual size: 110KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 6KB - Virtual size: 336KB

.tls Size: 512B - Virtual size: 384B

.rsrc Size: 196KB - Virtual size: 196KB

.text
Size: 110KB - Virtual size: 110KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 6KB - Virtual size: 336KB

.tls
Size: 512B - Virtual size: 384B

.rsrc
Size: 196KB - Virtual size: 196KB