3a5bf233ba2fa810edd2f3052b88d071_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3a5bf233ba2fa810edd2f3052b88d071_JaffaCakes118
Size

22KB
MD5

3a5bf233ba2fa810edd2f3052b88d071
SHA1

3c2e12c6169843a0a53c82494d3647b6c4910bee
SHA256

ab5c3ac785cfc7a0f0e5f8a8f745388feb1328d97453c564b5154574677869dc
SHA512

e61b9cfe0f992fcfceea0a9511f46f0dc990466581a6cc4a81ac15a0e50e3e5f953522786bfd779d209921edfb93d0539eebb12f1d312ca41ee880232e2a93e6
SSDEEP

384:YVLguHqPzO91djmV7SuC15pCWtwlPIlAp/UiBqwS+lHPVXL8nX8ihuFnC+RQ:YVcuD91djmts3wFIlF+pVeMWuFF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a5bf233ba2fa810edd2f3052b88d071_JaffaCakes118

Files

3a5bf233ba2fa810edd2f3052b88d071_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4279b53d8aff75d3bd0e0e55bc8686dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
RestoreDC
CreateCompatibleDC
GetObjectA
DeleteObject
SetBkColor
DeleteDC
SelectPalette
SetTextColor
GetTextMetricsA
MoveToEx
UnrealizeObject
ExtTextOutA
SaveDC
SelectObject
RealizePalette
GetDeviceCaps
CreateFontIndirectA
LineTo
SelectClipRgn
CreatePen
CreateSolidBrush
GetStockObject
CreateDIBitmap
GetTextExtentPointA
GetSystemPaletteEntries
CreatePalette
CreateRectRgn

advapi32

RegOpenKeyExW
RegOpenKeyExA
CloseServiceHandle
RegCreateKeyExA
OpenProcessToken
RegDeleteKeyA
OpenThreadToken
RegQueryValueExW
RegDeleteValueA
RegDeleteValueW
InitializeSecurityDescriptor
RegQueryValueExA
GetTokenInformation
RegEnumKeyExA
FreeSid
RegSetValueExA
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegCloseKey
RegCreateKeyExW
RegEnumValueW
AllocateAndInitializeSid

kernel32

VirtualAlloc
ReleaseSemaphore
SetFileAttributesA
CreateFileMappingA
GetComputerNameW
GetTempPathA
GetWindowsDirectoryW
ExpandEnvironmentStringsA
GetCommandLineW
LoadResource
LoadLibraryExA
IsValidCodePage
FileTimeToLocalFileTime
RaiseException
ExitProcess
FindResourceA
GetCurrentProcess
IsDBCSLeadByte
AddAtomW
GetCurrentDirectoryW
CloseHandle
GetExitCodeProcess
CreateMutexW
lstrcatW
LockResource
OutputDebugStringW
DeviceIoControl
CreateFileMappingW
SetThreadPriority
CreateMutexA
CreateProcessW
GetLastError
WriteConsoleW
ResumeThread
OpenProcess
VirtualFree
RemoveDirectoryW
IsBadCodePtr
SizeofResource
CopyFileW
FindNextFileA

oleaut32

SafeArrayCreate
VariantClear
SafeArrayUnaccessData
SysReAllocStringLen
GetActiveObject
SafeArrayAccessData
SysAllocStringByteLen
VariantChangeTypeEx
VariantInit
VariantCopy
CreateErrorInfo
SafeArrayPutElement
SafeArrayGetLBound
SafeArrayGetElement
SysAllocStringLen
VariantCopyInd
LoadTypeLib
LoadTypeLibEx
RegisterTypeLib
OleLoadPicture
SetErrorInfo
SafeArrayPtrOfIndex
SysStringByteLen
SysFreeString
GetErrorInfo
SafeArrayGetUBound

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerLanguageNameA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerFindFileW

shell32

DllGetVersion
RestartDialog
PathResolve
DragFinish
PathQualify
DriveType
DllInstall
DAD_DragMove
DllCanUnloadNow
SHChangeNotifyDeregister
GetFileNameFromBrowse
DragAcceptFiles
DAD_DragEnterEx
SHStartNetConnectionDialogW
PickIconDlg
Shell_MergeMenus
SHDefExtractIconW
SHILCreateFromPath
DllRegisterServer
IsLFNDrive
SHChangeNotifyRegister
Shell_GetImageLists
PifMgr_OpenProperties
DllGetClassObject
SHGetSetSettings
SHCoCreateInstance
IsNetDrive
DllUnregisterServer
Shell_GetCachedImageIndex

msvcrt

_except_handler3
wcscmp
fopen
_initterm
_wtoi
_local_unwind2
_vsnwprintf
swprintf
wcsncmp
__dllonexit
realloc
wcslen
malloc
wcscpy
rand
_itow
_iob
_adjust_fdiv
_wcsicmp
free
_onexit
wcsncpy
fwrite

rpcrt4

MesHandleFree
NdrByteCountPointerUnmarshall
DllGetClassObject
CStdStubBuffer_CountRefs
NdrAsyncClientCall
NdrByteCountPointerBufferSize
CreateStubFromTypeInfo
NDRSContextMarshallEx
NDRSContextMarshall
MesDecodeIncrementalHandleCreate
NdrConformantStructBufferSize
NdrClientInitialize
DceErrorInqTextW
MesBufferHandleReset
DllRegisterServer
MesInqProcEncodingId
NdrAllocate
MesEncodeFixedBufferHandleCreate
NDRCContextBinding
NdrAsyncServerCall
MesIncrementalHandleReset
NDRCContextMarshall
NDRcopy
NdrByteCountPointerFree

user32

SetCursor
SetTimer
PostMessageW
SendMessageW
DefWindowProcA
ShowWindow
UpdateWindow
SetWindowLongW
CreateWindowExA
wsprintfW
LoadStringW
EnableWindow
GetDC
CharNextA
GetWindowLongA
KillTimer
GetSysColor
DestroyWindow
MessageBoxA
wsprintfA
GetSystemMetrics
GetDesktopWindow
DispatchMessageA
EndPaint
GetClientRect
InvalidateRect
SetWindowPos
SendMessageA
GetDlgItem
EndDialog
MessageBoxW
CharNextW
TranslateMessage

Sections

.textbss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 446B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 1024B - Virtual size: 965B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4279b53d8aff75d3bd0e0e55bc8686dd

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

oleaut32

version

shell32

msvcrt

rpcrt4

user32

Sections

.textbss Size: - Virtual size: 12KB

.text Size: 512B - Virtual size: 446B

.idata Size: 6KB - Virtual size: 6KB

.data Size: 5KB - Virtual size: 4KB

.rdata Size: 6KB - Virtual size: 5KB

.debug Size: 1024B - Virtual size: 965B

.rsrc Size: 2KB - Virtual size: 2KB

.textbss
Size: - Virtual size: 12KB

.text
Size: 512B - Virtual size: 446B

.idata
Size: 6KB - Virtual size: 6KB

.data
Size: 5KB - Virtual size: 4KB

.rdata
Size: 6KB - Virtual size: 5KB

.debug
Size: 1024B - Virtual size: 965B

.rsrc
Size: 2KB - Virtual size: 2KB