b07325f2686e5c26791424d9de7a5c54_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b07325f2686e5c26791424d9de7a5c54_JaffaCakes118
Size

360KB
MD5

b07325f2686e5c26791424d9de7a5c54
SHA1

f7d4163877616c819758c07c8c926a9b60c844fa
SHA256

4a19518be677153ab92e1208e7507dd6adef0de0fa34295dfa5d7ac9efce176d
SHA512

8f4824daef0b9bf70b7de5994baad455e4a1153c0f3976ebcf2f4b061c77a124f8ca0db9455a6bd8d36cb1c1c7e583964b951eb93571f1aa2c277f91775429b4
SSDEEP

6144:7Y56KnPgfagNgMhJAp/WgTO3x5N22vWvLRKKAX5l++SyVI4H:qdgfpN/AxT85I2vCMX5l+Zn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b07325f2686e5c26791424d9de7a5c54_JaffaCakes118

Files

b07325f2686e5c26791424d9de7a5c54_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9db8aac8f782fbf21ee0c6bb61f33270

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
memmove
_vsnprintf
_vsnwprintf
memcpy
_purecall
memset

kernel32

FindFirstFileW
FindClose
FindNextFileW
DeviceIoControl
GetVolumeNameForVolumeMountPointW
LoadLibraryW
FreeLibrary
GetProcAddress
MultiByteToWideChar
lstrcmpA
GlobalLock
GlobalAlloc
GlobalUnlock
GlobalFree
CreateMutexW
ReleaseMutex
FindResourceExW
LoadResource
SizeofResource
LockResource
CreateProcessW
DeleteCriticalSection
CreateThread
ResumeThread
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
GetNativeSystemInfo
GetVersionExW
GetCurrentThreadId
CreateActCtxW
ActivateActCtx
DeactivateActCtx
ReleaseActCtx
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetEnvironmentVariableW
CopyFileExW
FormatMessageW
GetUserDefaultUILanguage
EnterCriticalSection
LeaveCriticalSection
DeleteFileW
GetFileTime
SetLastError
GetFileSizeEx
FlushFileBuffers
ReadFile
WriteFile
SetFileTime
SetFilePointerEx
WideCharToMultiByte
InitializeCriticalSection
QueryPerformanceCounter
SetFileAttributesW
CreateFileW
GetFileAttributesW
Sleep
MoveFileExW
ExpandEnvironmentStringsW
GetVolumeInformationW
GetDiskFreeSpaceExW
WaitForMultipleObjects
ResetEvent
GetTempPathW
GetTickCount
GetLogicalDrives
GetDriveTypeW
LocalFree
CloseHandle
CreateEventW
GetLastError
GetHandleInformation
SetThreadPriority
GetModuleFileNameW
GetTimeFormatW
GetCurrentThread
GetModuleHandleW
SetEvent
GetComputerNameW
WaitForSingleObject
SetErrorMode
GetDateFormatW
GetCommandLineW
ExitProcess

user32

InSendMessage
ClientToScreen
GetWindowLongW
GetClassNameW
GetCaretPos
TrackPopupMenu
AppendMenuW
GetCursorPos
CreatePopupMenu
SetMenuDefaultItem
DestroyMenu
LoadIconW
CloseClipboard
EmptyClipboard
OpenClipboard
SetClipboardData
GetScrollInfo
SystemParametersInfoW
ScrollWindowEx
UpdateWindow
SetScrollInfo
MessageBoxIndirectW
EndPaint
ScreenToClient
GetWindowRect
DrawTextW
GetParent
GetClientRect
MessageBoxW
IsDialogMessageW
DestroyWindow
GetWindowTextLengthW
BeginPaint
DrawFocusRect
IntersectRect
GetDlgItem
SendMessageW
GetDlgCtrlID
SetWindowTextW
MoveWindow
GetDC
ReleaseDC
CharLowerW
PostQuitMessage
MsgWaitForMultipleObjects
TranslateMessage
PeekMessageW
DispatchMessageW
SetTimer
PostMessageW
KillTimer
SetFocus
GetForegroundWindow
FlashWindowEx
InvalidateRect
GetWindowTextW
MonitorFromWindow
SetWindowPos
ShowWindow
CreateWindowExW
AdjustWindowRectEx
IsWindowVisible
GetMonitorInfoW
DefWindowProcW
DialogBoxParamW
SetWindowLongW
EndDialog
CreateDialogParamW
MonitorFromPoint
UnregisterClassW
SetForegroundWindow
GetKeyState
ReplyMessage
GetSystemMetrics
RegisterClassExW

advapi32

CryptAcquireContextW
RegSetValueExW
RegEnumKeyExW
RegFlushKey
CryptSetKeyParam
CryptGetKeyParam
CryptReleaseContext
CryptImportKey
CryptEncrypt
CryptGenKey
CryptDestroyKey
CryptDecrypt
CryptGetHashParam
CryptCreateHash
CryptDestroyHash
CryptHashData
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
CryptExportKey
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

uxtheme

SetWindowTheme

gdi32

GetDeviceCaps
CreateSolidBrush
GetObjectW
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
SetBkColor
DeleteDC
SetTextColor
GetObjectA
CreateFontIndirectW

comctl32

InitCommonControlsEx
ord413
ord410

shlwapi

StrCmpNW
StrCmpW
StrCmpIW
PathMatchSpecW
PathRemoveBackslashW
PathAddBackslashW
ord12
PathFindFileNameW
PathRemoveFileSpecW
PathUnquoteSpacesW
PathQuoteSpacesW
StrChrW
PathAddExtensionW

msimg32

AlphaBlend

wininet

InternetReadFile
InternetWriteFile
HttpOpenRequestA
HttpEndRequestA
HttpAddRequestHeadersA
InternetOpenA
InternetCloseHandle
InternetConnectA
HttpQueryInfoA
HttpSendRequestExA

gdiplus

GdipAlloc
GdipGetImageEncodersSize
GdipDisposeImage
GdipGetImageEncoders
GdipCreateHBITMAPFromBitmap
GdipCloneImage
GdiplusStartup
GdipDeleteBrush
GdipCloneBrush
GdipCreateFontFromLogfontA
GdipCreateBitmapFromStream
GdipDeleteFont
GdipDeleteGraphics
GdipDrawImageRectI
GdipSetStringFormatAlign
GdipCreateSolidFill
GdipDrawString
GdipCreateFromHDC
GdipSetStringFormatHotkeyPrefix
GdipCreateStringFormat
GdipDeleteStringFormat
GdipCreateFontFromDC
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCreateLineBrushFromRectI
GdipCreateBitmapFromHICON
GdipSetTextRenderingHint
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipFlush
GdipDeleteFontFamily
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdiplusShutdown
GdipSaveImageToStream
GdipFree
GdipSetStringFormatLineAlign

ole32

CoUninitialize
CreateStreamOnHGlobal
CoTaskMemFree
CoInitializeEx

crypt32

CryptImportPublicKeyInfo
CryptStringToBinaryA
CryptDecodeObjectEx

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9db8aac8f782fbf21ee0c6bb61f33270

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

uxtheme

gdi32

comctl32

shlwapi

msimg32

wininet

gdiplus

ole32

crypt32

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: - Virtual size: 4KB

.rsrc Size: 236KB - Virtual size: 235KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: - Virtual size: 4KB

.rsrc
Size: 236KB - Virtual size: 235KB

.reloc
Size: 10KB - Virtual size: 9KB