3d7e4880115cebfbc459534b5e19b753_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d7e4880115cebfbc459534b5e19b753_JaffaCakes118
Size

368KB
MD5

3d7e4880115cebfbc459534b5e19b753
SHA1

24bd26125bbada7aedb2b33de47fda2d5f4b4e2b
SHA256

3b3ebe5a3a4b4cbb57fd878c7deb696127a6b55c7dca6136c1dee6fe6c26dd11
SHA512

9475a6609389d9e3e1a135a4b78dbe0a2b99a808ae0cd11e67836fd7f24db17c95e29046026ad15f36beb6dce56608bd1c43e012936cb263af68c2315d16ee63
SSDEEP

6144:qLIY+qb/avQHQldoWmDRcftpL8bkpaiNxWVIVGCbJGlHXpcC3PEI+lnM27BLzV/k:osw/avQHQldoWmDRcfT5RZ3C3mSEM+L+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d7e4880115cebfbc459534b5e19b753_JaffaCakes118

Files

3d7e4880115cebfbc459534b5e19b753_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d8423f609d35f30e04798fab467fdb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
SetFocus
CallMsgFilterA
PeekMessageW
LoadImageA
CheckMenuItem
GetClipboardData
IsDlgButtonChecked
SetForegroundWindow
EmptyClipboard
DestroyMenu
RemovePropA
FindWindowA
SetWindowLongW
CharPrevA
FindWindowExW
PostThreadMessageA
ScreenToClient
GetUserObjectInformationW
ScrollWindow
GetWindowTextLengthA
GetDlgItem
LoadMenuW
RemoveMenu
DrawTextA
IsWindowEnabled
GetDlgItemTextA
WindowFromDC
SetCaretBlinkTime

urlmon

URLOpenBlockingStreamA
URLOpenPullStreamW
HlinkGoBack
CoGetClassObjectFromURL
RegisterMediaTypeClass
CoInternetParseUrl
MkParseDisplayNameEx
CoInternetCreateSecurityManager
ReleaseBindInfo
CreateAsyncBindCtx
WriteHitLogging
URLDownloadToCacheFileW
CreateFormatEnumerator
HlinkNavigateMoniker
FindMediaType
SetSoftwareUpdateAdvertisementState
CoInternetCreateZoneManager
CoInternetCompareUrl
HlinkSimpleNavigateToString
GetClassFileOrMime
FindMimeFromData
HlinkGoForward
UrlMkGetSessionOption
ObtainUserAgentString
CreateAsyncBindCtxEx
UrlMkSetSessionOption
RegisterMediaTypes
IsLoggingEnabledA
IsAsyncMoniker
HlinkSimpleNavigateToMoniker
GetClassURL
CoInternetGetSession
HlinkNavigateString
IsValidURL
CoInternetQueryInfo
CopyBindInfo
URLDownloadToCacheFileA
CopyStgMedium

imm32

ImmGetCandidateWindow
ImmSetOpenStatus
ImmSetCandidateWindow
ImmGetDescriptionW
ImmGetProperty
ImmSetCompositionFontW
ImmIsIME
ImmSetConversionStatus
ImmSetStatusWindowPos
ImmGetCompositionFontA
ImmGetDefaultIMEWnd
ImmGetConversionStatus
ImmAssociateContext
ImmInstallIMEW
ImmGetStatusWindowPos
ImmCreateContext
ImmUnregisterWordW
ImmGetOpenStatus
ImmGetCandidateListW
ImmSetCompositionWindow
ImmSetCompositionStringW
ImmGetGuideLineW
ImmInstallIMEA

imagehlp

ImagehlpApiVersion
ImageNtHeader
ImageRvaToVa
SymInitialize
MapDebugInformation
ImageDirectoryEntryToData
GetImageConfigInformation
ImageGetCertificateData
SymGetLineNext
SymSetSearchPath
ImageUnload
ImageRvaToSection
SearchTreeForFile
FindExecutableImage
SymGetSearchPath
RemoveRelocations
ImageEnumerateCertificates
SymLoadModule
SymEnumerateSymbols
SymUnDName
CheckSumMappedFile
BindImage
UnMapAndLoad
SymGetSymFromAddr
MapFileAndCheckSumA
UnmapDebugInformation
EnumerateLoadedModules

winmm

midiStreamOut
waveOutUnprepareHeader
midiOutGetErrorTextW
waveOutGetDevCapsA
PlaySoundW
waveOutGetID
joyGetPosEx
waveOutGetErrorTextA
midiOutUnprepareHeader
joySetCapture
sndPlaySoundA
mixerGetLineInfoA
mixerClose
midiInGetErrorTextW
midiStreamStop
midiInGetDevCapsA
joyGetDevCapsA
waveOutGetDevCapsW
mciSendCommandW
CloseDriver
mmioCreateChunk
waveInClose
midiInClose
waveOutReset
mciSendStringW
waveOutSetVolume
midiInGetDevCapsW
DefDriverProc
PlaySoundA
waveOutPause
mixerOpen
mixerGetLineInfoW
waveOutClose
timeEndPeriod
mciGetErrorStringW
midiInGetErrorTextA
mciSetYieldProc
waveInGetID
midiInUnprepareHeader
auxGetDevCapsA
mmioSendMessage
waveInStart
midiInAddBuffer
midiOutCacheDrumPatches
auxSetVolume

rasapi32

RasHangUpA
RasSetEntryPropertiesW
RasCreatePhonebookEntryA
RasDeleteEntryW
RasSetEntryPropertiesA
RasEnumDevicesW
RasRenameEntryA
RasEditPhonebookEntryW
RasDeleteEntryA
RasGetConnectStatusW
RasGetEntryPropertiesA
RasGetProjectionInfoA
RasGetProjectionInfoW
RasSetEntryDialParamsA
RasGetErrorStringA
RasGetEntryPropertiesW
RasCreatePhonebookEntryW
RasSetEntryDialParamsW
RasGetEntryDialParamsA
RasEditPhonebookEntryA

shlwapi

PathRemoveBlanksA
SHQueryValueExW
PathRenameExtensionW
PathBuildRootA
PathFileExistsA
PathFindOnPathA
StrCmpW
PathParseIconLocationW
StrPBrkA
PathMatchSpecA
PathIsUNCServerShareW
PathRemoveExtensionW

gdi32

GetTextCharsetInfo
Polygon
EnumFontFamiliesExW
TextOutA
PatBlt
GetPixel
EndPath
Ellipse
SetROP2
CombineRgn
GetBkColor
SetBkMode
CreateDCW
DPtoLP
Rectangle
CreateDIBSection
SetMapMode
EnumFontFamiliesA
ExtCreateRegion
GetGlyphOutlineW
EndDoc
SetPolyFillMode
CreateDCA
GetObjectA
SelectPalette
PolyBezierTo
RestoreDC
GetRgnBox
SetAbortProc
CopyEnhMetaFileW
SetWindowExtEx
StartPage
GetTextFaceA
GetDIBColorTable
FillRgn
DeleteObject
ScaleViewportExtEx
EndPage
ExtSelectClipRgn
CreateFontA
GetObjectType
CreateSolidBrush
ResizePalette
OffsetClipRgn
SelectClipRgn
StrokePath
StartDocA
Pie
CreateEllipticRgn
SwapBuffers
DeleteDC
StartDocW
SetPixelFormat
CreateRoundRectRgn
GetTextExtentPoint32W
GetBrushOrgEx
GetObjectW
SetStretchBltMode
SetViewportExtEx
SetRectRgn
SaveDC
GetTextAlign
GetKerningPairsA
SetWinMetaFileBits
MoveToEx
SetTextCharacterExtra
ScaleWindowExtEx
GetWindowOrgEx
Polyline
SetTextAlign
SetBkColor
BeginPath
ExtFloodFill
GetTextColor
CreateFontW
GetStockObject
StretchBlt
GetEnhMetaFilePaletteEntries
LPtoDP
GetBitmapBits
PlayEnhMetaFile
SetDIBColorTable
ExtCreatePen
GetEnhMetaFileBits
IntersectClipRect
DeleteEnhMetaFile
RectVisible
SetWorldTransform
GetTextExtentPoint32A
GetNearestPaletteIndex

mpr

WNetAddConnection3W
WNetCancelConnectionW
WNetCancelConnection2W
WNetCancelConnection2A
WNetOpenEnumA
WNetAddConnection3A

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 473KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d8423f609d35f30e04798fab467fdb6

Headers

File Characteristics

Imports

user32

urlmon

imm32

imagehlp

winmm

rasapi32

shlwapi

gdi32

mpr

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 473KB

.rsrc Size: 228KB - Virtual size: 227KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 473KB

.rsrc
Size: 228KB - Virtual size: 227KB