89b924e78cdfdc11d40a3b53c8d71195_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89b924e78cdfdc11d40a3b53c8d71195_JaffaCakes118
Size

380KB
MD5

89b924e78cdfdc11d40a3b53c8d71195
SHA1

a3658afab3729f2a86aea7eeb8dff55a7b9cf665
SHA256

f6600a85d7ab8330756cac5c6b51d975bf486ef95647060965d959448464aa41
SHA512

cd19b8b6df6fc39b297eb499e773e4d8c1c3500cf80f27e105c2463d0cfd91b12dc71d592f302c5a307acd82c1a2ae668f13dbfd0417bdb4904d6eebbfca4535
SSDEEP

6144:i6KoZnDRFeOMQZxvWzgV4kiKRX18mv82KKR7bH51eEcmgQBzNx0ZcYIQ:i6PZFF5CzgGKRl8mKsvH51ffg0YZcY1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
89b924e78cdfdc11d40a3b53c8d71195_JaffaCakes118

Files

89b924e78cdfdc11d40a3b53c8d71195_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9212e11872bdd02f705ac2c6d5a98868

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleaut32

GetErrorInfo
VariantChangeType
SafeArrayPtrOfIndex
SysReAllocStringLen
VariantInit
SysFreeString
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopyInd
SafeArrayGetElement
VariantClear
SysAllocStringLen
VariantCopy
SafeArrayCreate

shfolder

SHGetFolderPathW

kernel32

VirtualFree
GetModuleFileNameW
SizeofResource
WaitForSingleObject
GetUserDefaultUILanguage
LockResource
GetWindowsDirectoryW
GetCurrentThreadId
RaiseException
SetFilePointer
FindFirstFileW
SuspendThread
GetDateFormatW
GetCPInfoExW
LocalAlloc
GetLastError
LocalFree
IsValidLocale
GetACP
GetModuleHandleA
FileTimeToSystemTime
GetVersion
GlobalLock
FindClose
LoadLibraryW
InterlockedExchange
GetEnvironmentVariableW
CreateDirectoryW
GetCurrentThread
GetStdHandle
GetModuleHandleW
MulDiv
IsDebuggerPresent
InitializeCriticalSection
LoadResource
GetSystemInfo
GetProcAddress
GetTickCount
FreeLibrary
GlobalAlloc
FindResourceW
GlobalDeleteAtom
lstrcmpW
CreateProcessW
CreateThread
FreeResource
OutputDebugStringW
SetLastError
SetEvent
EnterCriticalSection
DeleteFileW
GetTempPathW
Sleep
SetThreadPriority
lstrcpyW
SystemTimeToTzSpecificLocalTime
lstrcmpiA
RemoveDirectoryW
GetCurrentProcess
GetDiskFreeSpaceW
FileTimeToDosDateTime
VirtualProtect
InterlockedIncrement
GlobalFree
DeviceIoControl
GetCPInfo
GetDriveTypeW
GetModuleFileNameA
GetFileAttributesW
GetStartupInfoA
FileTimeToLocalFileTime
SetThreadLocale
RtlUnwind
CreateEventW
SetEndOfFile
LeaveCriticalSection
ExpandEnvironmentStringsW
WaitForMultipleObjectsEx
VirtualQueryEx
GetExitCodeThread
EnumCalendarInfoW
GetSystemDefaultUILanguage
GetCommandLineW
lstrlenW
ExitProcess
CreateFileW
WriteFile
InterlockedCompareExchange
ReadFile
GlobalUnlock
CloseHandle
FormatMessageW
FindNextFileW
lstrcpynW
GetLocaleInfoW
WritePrivateProfileStringW
GetVersionExW
CompareStringW
InterlockedExchangeAdd
GlobalFindAtomW
LoadLibraryA
CopyFileW
GetTimeZoneInformation
DeleteCriticalSection
VirtualQuery
GetLocalTime
GetPrivateProfileStringW
LoadLibraryExW
SwitchToThread
GetCurrentProcessId
ResumeThread
EnumSystemLocalesW
GetFullPathNameW
GlobalAddAtomW
SetErrorMode
GetFileAttributesExW
GetThreadPriority
InterlockedDecrement
GetThreadLocale
ResetEvent

winspool.drv

DocumentPropertiesW
ClosePrinter
ord203
EnumPrintersW
OpenPrinterW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

ole32

RegisterDragDrop
CoCreateInstance
CoUninitialize
CLSIDFromString
RevokeDragDrop
CoInitialize
CoInitializeEx
CoTaskMemFree
DoDragDrop
ReleaseStgMedium
StringFromCLSID
OleInitialize
CoTaskMemAlloc
OleUninitialize
IsEqualGUID

user32

KillTimer
CallWindowProcW
ShowOwnedPopups
SetScrollInfo
CopyImage
GetMessageExtraInfo
IsCharAlphaW
TrackPopupMenu
GetSysColorBrush
SendMessageW
SetScrollPos
CloseClipboard
UnhookWindowsHookEx
FrameRect
GetActiveWindow
LoadCursorW
SetWindowPlacement
DefWindowProcW
GetMenuState
DrawMenuBar
FillRect
GetWindowLongW
InsertMenuW
IsDialogMessageW
IsCharAlphaNumericW
FindWindowExW
GetDoubleClickTime
IntersectRect
CallNextHookEx
PostQuitMessage
PeekMessageA
CharLowerW
SetMenuItemInfoW
DispatchMessageA
HideCaret
DrawFocusRect
GetLastActivePopup
GetScrollInfo
SetParent
GetKeyboardState
GetMenuItemCount
MapVirtualKeyW
SetCursor
CreatePopupMenu
TranslateMessage
DeleteMenu
WindowFromPoint
PeekMessageW
GetDC
IsRectEmpty
GetUpdateRect
InsertMenuItemW
GetPropW
ScreenToClient
SetWindowTextW
GetDCEx
EnumWindows
RemovePropW
FindWindowW
ActivateKeyboardLayout
CreateWindowExW
SetMenu
SetClassLongW
TabbedTextOutW
ShowCaret
SetFocus
CreateMenu
CharUpperW
RegisterWindowMessageW
GetMessagePos
CountClipboardFormats
GetWindowDC
InflateRect
GetFocus
MessageBoxW
MessageBeep
GetWindowTextW
GetParent
GetMenuItemInfoW
DestroyMenu
CheckMenuItem
GetClassInfoW
GetSystemMetrics
GetClipboardData
GetIconInfo
AdjustWindowRectEx
SendMessageA
GetMenuItemID
MsgWaitForMultipleObjects
EndPaint
GetWindow
GetMenu
GetSubMenu
GetCursor
DispatchMessageW
GetDesktopWindow
DrawIconEx
GetCursorPos
InvalidateRect
RegisterClassW
GetKeyboardLayoutNameW
ClientToScreen
MapWindowPoints
CharUpperBuffW
DefFrameProcW
SetPropW
GetWindowThreadProcessId
IsIconic
SetTimer
MessageBoxA
SetWindowLongW
UnregisterClassW
IsWindowUnicode
IsZoomed
EnumChildWindows
CreateIconIndirect
GetScrollPos
EnumDisplayMonitors
IsWindow
GetKeyboardLayoutList
CharLowerBuffW
GetKeyboardLayout
GetSysColor
SetWindowRgn
GetMenuStringW
RemoveMenu
LoadIconW
GetMenuDefaultItem
EmptyClipboard
LoadStringW
DestroyWindow
CreateIcon
GetClassNameW
GetDlgCtrlID
BeginPaint
GetCapture
DrawEdge
SetForegroundWindow
EnumThreadWindows
IsWindowVisible
RedrawWindow
OffsetRect
WaitMessage
CharNextW
DrawTextExW
UpdateWindow
GetWindowPlacement
DefMDIChildProcW
GetForegroundWindow
SetRect
ShowWindow
GetScrollRange
EnableScrollBar
ReleaseCapture
MonitorFromPoint
GetSystemMenu
GetMonitorInfoW
MonitorFromWindow
MsgWaitForMultipleObjectsEx
DrawIcon
SetScrollRange
IsChild
DrawTextW
SetWindowPos
SetKeyboardState
GetClientRect
GetTopWindow
IsWindowEnabled
GetWindowRect
TranslateMDISysAccel
LoadKeyboardLayoutW
SetActiveWindow
LoadBitmapW
GetKeyNameTextW
IsClipboardFormatAvailable
SetWindowsHookExW
GetKeyState
DestroyCursor
RegisterClipboardFormatW
PostMessageW
EnableWindow
SetClipboardData
EnumClipboardFormats
ScrollWindow
GetClassLongW
SetCursorPos
DrawFrameControl
GetDlgItem
EnableMenuItem
PtInRect
SystemParametersInfoW
ReleaseDC
ShowScrollBar
SetCapture
GetAsyncKeyState
DestroyIcon
ChildWindowFromPoint
IsDialogMessageA
OpenClipboard

gdi32

GdiFlush
SetWindowOrgEx
GetWinMetaFileBits
SetPaletteEntries
FrameRgn
GetBrushOrgEx
RealizePalette
CreatePenIndirect
ExtTextOutW
GetStockObject
Arc
Ellipse
Polyline
GetTextMetricsW
StartPage
SetMapMode
CreateSolidBrush
AngleArc
SetBkMode
GetNearestPaletteIndex
Polygon
CreateDIBitmap
CreatePalette
DeleteObject
RectVisible
EnumFontsW
GetDeviceCaps
SetTextColor
RoundRect
MaskBlt
CreateFontIndirectW
SetPixelV
DeleteDC
EndPage
DeleteEnhMetaFile
CreateBitmap
GetClipBox
SelectObject
StretchBlt
CreateHalftonePalette
SetDIBitsToDevice
ExtFloodFill
SetBrushOrgEx
GetWindowOrgEx
GetEnhMetaFileBits
PolyBezierTo
CombineRgn
MoveToEx
GetPaletteEntries
GetBitmapBits
SetEnhMetaFileBits
Rectangle
SetAbortProc
GetSystemPaletteEntries
OffsetRgn
CreateDIBSection
CreateDCW
GetPixel
ArcTo
SetDIBColorTable
EndDoc
LineTo
GetTextExtentPointW
PolyBezier
PlayEnhMetaFile
ResizePalette
IntersectClipRect
GetCurrentObject
SelectPalette
CreateRectRgn
RestoreDC
ExcludeClipRect
GetCurrentPositionEx
Chord
PatBlt
CopyEnhMetaFileW
GetEnhMetaFilePaletteEntries
EnumFontFamiliesExW
SaveDC
SetROP2
SetStretchBltMode
GetDIBColorTable
GetEnhMetaFileDescriptionW
CreateBrushIndirect
GetEnhMetaFileHeader
SetWinMetaFileBits
SetViewportOrgEx
SetDIBits
GetObjectW
SetPixel
BitBlt
Pie
CreateICW
GetRgnBox
GetDIBits
StartDocW
UnrealizeObject
GetTextExtentPoint32W
CreateCompatibleDC
CreateCompatibleBitmap
StretchDIBits
SetBkColor
ExtCreateRegion

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
Shell_NotifyIconW
SHBindToParent
SHChangeNotify
ShellExecuteW
SHGetFileInfoW
DragQueryFileW
SHGetDataFromIDListW
SHGetPathFromIDListW

advapi32

RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegEnumValueW
RegCloseKey
RegOpenKeyExW
RegFlushKey

comctl32

ImageList_GetBkColor
ImageList_Create
ImageList_DragMove
ImageList_Add
ImageList_SetImageCount
ImageList_Replace
FlatSB_SetScrollProp
ImageList_DrawEx
ImageList_SetIconSize
FlatSB_GetScrollPos
InitializeFlatSB
FlatSB_SetScrollPos
ImageList_GetIcon
ImageList_GetIconSize
ImageList_BeginDrag
ImageList_Write
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Copy
ImageList_EndDrag
FlatSB_GetScrollInfo
ImageList_Destroy
FlatSB_SetScrollInfo
ImageList_DragEnter
ImageList_Draw
ImageList_ReplaceIcon
ImageList_Remove
ImageList_DragLeave
ImageList_GetImageCount
_TrackMouseEvent
ImageList_Read
ord17
ImageList_SetBkColor

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

msimg32

AlphaBlend

Sections

.text
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9212e11872bdd02f705ac2c6d5a98868

Headers

File Characteristics

Imports

oleaut32

shfolder

kernel32

winspool.drv

comdlg32

ole32

user32

gdi32

shell32

advapi32

comctl32

version

msimg32

Sections

.text Size: 62KB - Virtual size: 64KB

.data Size: 250KB - Virtual size: 250KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 16KB

.idata Size: 13KB - Virtual size: 13KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 46KB - Virtual size: 46KB

.text
Size: 62KB - Virtual size: 64KB

.data
Size: 250KB - Virtual size: 250KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 16KB

.idata
Size: 13KB - Virtual size: 13KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 46KB - Virtual size: 46KB