3d4b4d42d94209bda0864737a018c7c6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d4b4d42d94209bda0864737a018c7c6_JaffaCakes118
Size

316KB
MD5

3d4b4d42d94209bda0864737a018c7c6
SHA1

6719b4510f2061fb9acf1c1cf059300f05779323
SHA256

7266977ddf59bd2388c505fddea0e8f5128bb055813886cedc0d17fbff9c62de
SHA512

b5edab984e97faeb59c195b285da068020816e7e302897e7bd5ee47a70d241501c56b09725af3c9ea47dcca8b2a5af58c7e2c505cd255e8ce33470e1d7f1f804
SSDEEP

6144:HE7QzjbxRqkBIoC3gc3ZIZCOkHS5Ezd13UIhoPfpHTLa6LiOE:HE7IjbfqkL4pI2y5e3RGpCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d4b4d42d94209bda0864737a018c7c6_JaffaCakes118

Files

3d4b4d42d94209bda0864737a018c7c6_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3cd34457fd00d96da1e5e564e0973e53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
VerQueryValueA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

gdi32

GetTextExtentExPointW
LPtoDP
CreateCompatibleBitmap
SetBkMode
CreateFontIndirectW
Polyline
StretchDIBits
GetDeviceCaps
DeleteObject
GetMapMode
GetTextExtentPoint32W
BitBlt
SetViewportOrgEx
RestoreDC
SaveDC
CreateSolidBrush
SetMapMode
PtInRegion
SelectClipRgn
GetTextMetricsW
CreateRectRgn
SetTextAlign
DPtoLP
DeleteDC
ExcludeClipRect
CreateCompatibleDC
GetViewportOrgEx
CreateEllipticRgn
SetBkColor
CreatePen
CombineRgn
CreatePolygonRgn
IntersectClipRect
SelectObject
GetObjectW

user32

GetDC
GetFocus
ReleaseCapture
DestroyMenu
CharPrevA
GetKeyState
MessageBeep
GetClipboardData
InvalidateRect
ShowScrollBar
RegisterWindowMessageW
SetClipboardData
LoadBitmapW
LoadCursorW
IntersectRect
PostMessageW
GetKeyboardState
GetWindowLongW
KillTimer
DrawFrameControl
CloseClipboard
ShowWindow
HideCaret
GetAsyncKeyState
TrackPopupMenu
GetCapture
GetSystemMetrics
SetScrollInfo
OemToCharW
InsertMenuW
FindWindowExW
GetWindowTextW
GetScrollInfo
IsRectEmpty
SetWindowRgn
IsWindowVisible
ReleaseDC
DestroyWindow
CreateWindowExW
FindWindowW
MoveWindow
SetCapture
SetCursor
SetWindowTextW
LockWindowUpdate
SetFocus
DrawEdge
SetTimer
mouse_event
DrawTextExW
GetClassLongW
SendMessageA
SetWindowPos
SystemParametersInfoW
InflateRect
SendMessageW
FillRect
MessageBoxA
EnableScrollBar
BringWindowToTop
GetCursor
GetParent
SetForegroundWindow
MessageBoxW
SetWindowLongW
DrawTextW
GetComboBoxInfo
DrawFocusRect
OpenClipboard
FrameRect
PtInRect
GetClientRect
GetSysColor
BeginPaint
SetClassLongW
EqualRect
ScreenToClient
WindowFromPoint
GetWindowRect
PostMessageA
CreatePopupMenu
GetCursorPos
CharUpperA
OffsetRect
UnionRect
RegisterClipboardFormatW
EndPaint
GetWindowDC

kernel32

WideCharToMultiByte
HeapFree
OutputDebugStringW
ReleaseMutex
LoadLibraryExA
WriteFile
FormatMessageA
CreateMutexA
lstrcmpiA
HeapAlloc
FindResourceW
GlobalLock
lstrcpyW
DeleteCriticalSection
GlobalUnlock
CloseHandle
CreateEventA
SetFileTime
GetCommandLineW
SetErrorMode
GlobalAlloc
GetModuleHandleW
FreeLibrary
GlobalFree
FindFirstFileA
ReadFile
GetProcessHeap
OpenMutexA
EnterCriticalSection
WaitForMultipleObjects
GetDateFormatA
lstrlenA
GlobalMemoryStatus
DeleteFileA
LocalFree
CreateFileA
lstrcpynA
MulDiv
SetFilePointer
WaitForSingleObject
GetCurrentThreadId
GetACP
GetFileTime
CompareStringW
CopyFileA
FindNextFileA
HeapReAlloc
LeaveCriticalSection
GlobalSize
FindClose
GetModuleHandleA
GetShortPathNameA
VirtualAllocEx

shlwapi

PathRemoveFileSpecA

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetFileInfoW
ShellExecuteW

comdlg32

GetOpenFileNameW

comctl32

ImageList_Draw
ImageList_GetIconSize

oleaut32

SysAllocStringLen
SysAllocStringByteLen
OleLoadPicture
SysFreeString

advapi32

RegEnumKeyExA
RegSetValueExA
ImpersonateSelf
SetSecurityDescriptorDacl
RevertToSelf
InitializeSecurityDescriptor
RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ole32

RegisterDragDrop
IsEqualGUID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance
CoUninitialize
CoInitializeEx
DoDragDrop
RevokeDragDrop

atmlib

ATMFinish
ATMGetNtmFields
ATMGetVersionExA
ATMGetOutlineA
ATMMakePSSA
ATMAddFontEx
ATMMakePSSW
ATMSetFlags

kbdbu

KbdLayerDescriptor

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 282KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cd34457fd00d96da1e5e564e0973e53

Headers

File Characteristics

Imports

version

gdi32

user32

kernel32

shlwapi

shell32

comdlg32

comctl32

oleaut32

advapi32

ole32

atmlib

kbdbu

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 282KB - Virtual size: 1.6MB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 282KB - Virtual size: 1.6MB

.rsrc
Size: 7KB - Virtual size: 6KB