4c2296677a6cb2080c292185c377204f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c2296677a6cb2080c292185c377204f_JaffaCakes118
Size

731KB
MD5

4c2296677a6cb2080c292185c377204f
SHA1

4278162107721888cc4734cffccef67490157ced
SHA256

fd179cf953da5dc308c3253d25f0300d3a030cbb749d48e6652aa05e6882fc77
SHA512

097da36213a620ee8cc802dff64534102764b29c5db539de84314196c8427d19dfc5357aeb68ab3b59846ba4447dc0520c36574098e8ad4c7cf685abb325f4fb
SSDEEP

12288:3M+ZdkmHubeaCo6zAO0s2A/sUQBJ8lISVacsb0z:3McpTo6zhL0BOl3kc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
4c2296677a6cb2080c292185c377204f_JaffaCakes118

Files

4c2296677a6cb2080c292185c377204f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5e3df5164492dbdad9aba1734d78933

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
HeapSize
SetStdHandle
CreateThread
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
GetDateFormatA
GetTimeFormatA
PeekNamedPipe
GetFileType
TerminateProcess
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
GlobalFlags
SetErrorMode
VirtualProtect
TlsFree
LocalReAlloc
HeapCreate
VirtualFree
LCMapStringA
IsBadWritePtr
GetOEMCP
GetStringTypeA
GetCurrentDirectoryA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
HeapAlloc
GetDriveTypeA
SetEnvironmentVariableA
SetFilePointer
GetFileInformationByHandle
InterlockedDecrement
GlobalSize
CreateFileA
InterlockedExchange
GetACP
GetLocaleInfoA
FindClose
GetTimeZoneInformation
MulDiv
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
LocalAlloc
LocalLock
LocalUnlock
SetThreadPriority
FreeResource
WaitForMultipleObjects
ResetEvent
QueryPerformanceFrequency
QueryPerformanceCounter
GetLocalTime
GetOverlappedResult
WriteFile
GetProcessHeap
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetCurrentThread
lstrcmpiA
ConvertDefaultLocale
HeapFree
lstrlenA
IsBadReadPtr
TerminateThread
DeviceIoControl
Beep
SetLastError
IsBadCodePtr
LocalFree
ReadFile
InterlockedIncrement
SetUnhandledExceptionFilter
GetCurrentProcessId
ExitProcess
SetEvent
ResumeThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetThreadLocale
SetThreadLocale
GlobalAlloc
GlobalFree
SetConsoleCtrlHandler
GlobalLock
GlobalUnlock
GetCurrentProcess
LoadLibraryA
FreeLibrary
RaiseException
GetFileSize
GetTickCount
GetCurrentThreadId
GetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
CloseHandle
Sleep
LoadResource
LockResource
SizeofResource
GetVersion
EnumResourceLanguagesW
GlobalDeleteAtom
GetVersionExA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
ReleaseMutex
DuplicateHandle
UnlockFile
LockFile
FlushFileBuffers
SuspendThread
lstrcmpA
SetEndOfFile
CreateHardLinkA
CancelDeviceWakeupRequest
GetTapeParameters
CreateIoCompletionPort
DefineDosDeviceA
SetMessageWaitingIndicator
GetConsoleTitleW
GetCommModemStatus
SetConsoleCursorInfo
GetStringTypeExW
UnmapViewOfFile
lstrcpyA
DosDateTimeToFileTime
Process32Next
GetProcAddress
lstrcatA
FindFirstFileA
FindNextFileA
DeleteFileA
OpenProcess
Thread32Next
CreateToolhelp32Snapshot
Process32First
Thread32First
GetModuleHandleW

user32

wsprintfA
IsWindow
IsWindowVisible
TranslateMessage
FrameRect
UpdateWindow
InvalidateRect
CreatePopupMenu
CreateIconIndirect
CopyRect
InflateRect
OffsetRect
DrawFocusRect
GetClientRect
GetActiveWindow
GetNextDlgTabItem
GetParent
WindowFromPoint
GetDlgItem
DestroyWindow
MessageBoxA
DestroyMenu
DestroyCursor
SetCursor
GetSubMenu
SetWindowPos
MapWindowPoints
ScreenToClient
SetForegroundWindow
GetCursorPos
CloseClipboard
PtInRect
DrawEdge
DrawFrameControl
SetRect
GetCapture
SetCapture
ReleaseCapture
GetMessagePos
GetWindow
GetFocus
LockWindowUpdate
GetDCEx
GetNextDlgGroupItem
DeleteMenu
SetParent
UnpackDDElParam
ReuseDDElParam
SetMenu
InvalidateRgn
SetWindowContextHelpId
MapDialogRect
EndDialog
ShowOwnedPopups
IsWindowEnabled
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
GetDesktopWindow
GetSysColor
FillRect
GetClassNameA
GetIconInfo
GetDC
ReleaseDC
ClientToScreen
GetWindowRect
SetTimer
ExitWindowsEx
KillTimer
IsRectEmpty
UnhookWindowsHookEx
CallNextHookEx
EmptyClipboard
SetClipboardData
EnumWindows
GetSystemMetrics
RedrawWindow
OpenClipboard
CheckRadioButton
SendDlgItemMessageA
GetForegroundWindow
GetTopWindow
GetMessageTime
DestroyIcon
GetAsyncKeyState
ScrollDC
IsChild
ChildWindowFromPointEx
SubtractRect
UnionRect
GetLastActivePopup
WaitMessage
PostQuitMessage
CheckDlgButton
SetFocus
MoveWindow
BeginPaint
EndPaint
GetDialogBaseUnits
ShowWindow
GetWindowRgn
SetWindowRgn
ShowCursor
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
SetRectEmpty
GetWindowTextA
SetDlgItemTextA
SetWindowTextA
ScrollWindow
CheckMenuRadioItem
AdjustWindowRectEx
CopyIcon
ShowScrollBar
DrawIconEx
CopyImage
SetMenuDefaultItem
EqualRect
MessageBeep
FlashWindow
SetActiveWindow
BringWindowToTop
IsIconic
GetSystemMenu
RemoveMenu
GetMenuItemCount
EnableMenuItem
CheckMenuItem
CreateMenu
DrawIcon
IntersectRect
GetDoubleClickTime
GetSysColorBrush
GetKeyState
GetWindowDC
GetMenu
IsMenu
GetScrollInfo
IsZoomed
GetMenuItemID
GetMenuState
ValidateRect
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindowPlacement
SystemParametersInfoA
GetDlgCtrlID
SetWindowPlacement
SetScrollInfo
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
TrackPopupMenu
GetInputDesktop
GetGUIThreadInfo
GetMenuStringW
MapVirtualKeyA
UnregisterHotKey
GetMenuBarInfo
IsCharLowerA
CreateWindowExW
InsertMenuItemW
GetClipboardFormatNameW
DialogBoxParamA
OemKeyScan
EnableScrollBar
WinHelpA
GetWindowTextLengthW
UnhookWindowsHook
IsDialogMessageW
DdeInitializeW
SetKeyboardState
EnumDisplayMonitors
GetGuiResources
SetDoubleClickTime
GetMessageA
DispatchMessageA
PostThreadMessageA
CharNextA

gdi32

SetPixelV
SetBoundsRect
GetBitmapDimensionEx
SetBitmapDimensionEx
SetBkMode
CombineRgn
GetWindowOrgEx
GetViewportOrgEx
CreateRectRgn
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetMapMode
GetBkColor
GetBitmapBits
SetBitmapBits
CreateDIBSection
SetDIBColorTable
GdiFlush
CreateRectRgnIndirect
Rectangle
RealizePalette
CreatePalette
Ellipse
LPtoDP
CreateEllipticRgn
GetRgnBox
SelectPalette
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetPolyFillMode
CreatePolygonRgn
FillRgn
OffsetRgn
SetRectRgn
SaveDC
GetClipBox
ExtSelectClipRgn
SetStretchBltMode
SetDIBitsToDevice
RestoreDC
GetDIBits
PatBlt
CreatePen
CreateSolidBrush
Polygon
SetTextAlign
GetTextColor
CreateCompatibleBitmap
GetPixel
SetPixel
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
GetStockObject
DPtoLP
GetDeviceCaps
CreateBitmap
CreateBrushIndirect
DeleteObject
EngAssociateSurface
GdiGetLocalFont
EndPage
GdiConvertDC
GdiQueryTable
SwapBuffers
ColorCorrectPalette
EngGetPrinterDataFileName
FONTOBJ_cGetGlyphs
CreateMetaFileW
GdiStartDocEMF
GdiEntry16
StartDocA
GdiConvertBrush
SetEnhMetaFileBits
MaskBlt
GdiAddFontResourceW
CreateMetaFileA
GdiReleaseDC
GdiEntry14
SetDeviceGammaRamp
GetTextMetricsW
GetMetaFileW
FONTOBJ_pvTrueTypeFontFile
GetFontUnicodeRanges
EngReleaseSemaphore
TranslateCharsetInfo
SetLayoutWidth
SetMetaFileBitsEx
EngPlgBlt
GetCharABCWidthsI
GdiConvertBitmapV5
SetPixelFormat
EngLoadModule
ArcTo
SelectClipPath
GdiGetPageCount
GdiTransparentBlt
GdiStartPageEMF
StartDocW
GetEnhMetaFileA
GetEnhMetaFileW

advapi32

CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptReleaseContext
CryptGenRandom
RegCloseKey
RegOpenKeyW

shell32

SHGetMalloc
DragFinish
SHAppBarMessage
Shell_NotifyIcon
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetIconOverlayIndexW
SHGetFolderPathA
SHGetFolderLocation
FindExecutableW
ShellExecuteExW
SHIsFileAvailableOffline
SHInvokePrinterCommandW
ShellAboutA
ShellExecuteExA
DragQueryFileW
ExtractIconExA
SHBrowseForFolderW
SHGetFolderPathW
SHQueryRecycleBinW
ShellExecuteEx
ExtractAssociatedIconExA
SHGetFileInfo
DragAcceptFiles
CommandLineToArgvW

ole32

CoCreateInstance
CoTaskMemFree
StgOpenStorage
CoTaskMemAlloc
OleSetContainedObject
OleCreateStaticFromData
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReleaseStgMedium
OleDuplicateData
CoInitialize
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoInitializeSecurity
CoUninitialize
CreateStreamOnHGlobal

shlwapi

PathFileExistsW
PathRenameExtensionW
PathRemoveFileSpecW
PathIsRelativeW
PathRemoveExtensionW
PathFindExtensionW
PathFindFileNameW
PathRemoveBackslashW
PathAddBackslashW
PathIsURLW
PathCanonicalizeW
PathBuildRootW
PathStripToRootW
PathStripPathW
PathGetDriveNumberW
PathGetArgsW
PathIsRootW
PathCombineW
PathIsUNCW
UrlUnescapeW
PathMatchSpecW
StrCmpNIA
StrStrA
StrCmpNA
StrRChrIW
StrRStrIW
StrRChrW
StrChrA
StrStrW
StrRChrIA
PathAppendA

comctl32

ImageList_Remove
ImageList_Create
ImageList_DragLeave
ImageList_DragEnter
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetImageCount
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Destroy
ImageList_AddMasked
ImageList_GetIconSize
ImageList_GetIcon
ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_Draw
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Add
ImageList_LoadImageW
PropertySheetW
ImageList_SetBkColor

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

y1tta28
Size: 512B - Virtual size: 345B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

y1tta
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e5e3df5164492dbdad9aba1734d78933

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 98KB - Virtual size: 98KB

y1tta28 Size: 512B - Virtual size: 345B

y1tta Size: 99KB - Virtual size: 98KB

.data Size: 16KB - Virtual size: 16KB

.rsrc Size: 148KB - Virtual size: 148KB

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 98KB - Virtual size: 98KB

y1tta28
Size: 512B - Virtual size: 345B

y1tta
Size: 99KB - Virtual size: 98KB

.data
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 148KB - Virtual size: 148KB