f9df12246a353d18cc6f475e1912bf08_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9df12246a353d18cc6f475e1912bf08_JaffaCakes118
Size

310KB
MD5

f9df12246a353d18cc6f475e1912bf08
SHA1

7b1ccb3c34b6c67e2f59ee505f33dd1ff393492a
SHA256

3143883bcf3a94d321792a9256a83427eb4af5b0891b7d043aa0d8718fe5d1b7
SHA512

d72255934b91b282ef83e1cc5246489cd5b1e4d6efa43d7bc9f335e3bb62b11f0f4307623200579b8093cb3588eb3d4300a691e6eb5bd4bca9ff20ec24618396
SSDEEP

6144:foNxye8AIxNxeNDVOA3Sb2wJJFKjvXYrPwvQnsvEDYTqX6kGCpeTy:fgQetQYVOA3SngzYPwvrE8s6cMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9df12246a353d18cc6f475e1912bf08_JaffaCakes118

Files

f9df12246a353d18cc6f475e1912bf08_JaffaCakes118
.exe windows:4 windows x86 arch:x86

65de36af80622a708c923c2c1a1ad97b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

comdlg32

GetOpenFileNameW

shlwapi

PathRemoveFileSpecW
PathCombineW

msi

ord204
ord111
ord113
ord70
ord160
ord8
ord159
ord32
ord45
ord120
ord92
ord205

gdi32

CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetLayout

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shell32

SHGetFolderPathW
CommandLineToArgvW

ole32

StringFromCLSID
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoRevokeClassObject
CoTaskMemRealloc
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleRun
CoRegisterClassObject
CoUninitialize
CoInitialize
CoLoadLibrary
CoInitializeEx

user32

MonitorFromWindow
SendMessageW
GetMessageA
SetWindowPlacement
ReleaseDC
ReleaseCapture
TranslateAcceleratorW
CharPrevW
GetWindowPlacement
CallWindowProcW
GetClientRect
UnregisterClassA
GetWindowLongW
EndPaint
IsWindowUnicode
PostMessageW
GetDlgItemTextW
RegisterClassExW
GetSystemMetrics
GetDesktopWindow
PeekMessageW
SetWindowLongW
IsWindow
CreateDialogParamW
GetWindowTextLengthW
BeginPaint
GetSystemMenu
SetForegroundWindow
GetParent
DispatchMessageA
DefWindowProcW
GetFocus
GetClassInfoExW
SetCursor
DispatchMessageW
SetWindowPos
DialogBoxParamW
MsgWaitForMultipleObjectsEx
SetCapture
SetWindowTextW
MsgWaitForMultipleObjects
SetDlgItemTextW
LoadStringW
EnableWindow
SetFocus
DestroyWindow
LoadIconW
GetWindowRect
PostThreadMessageW
GetDC
GetDlgItem
SystemParametersInfoW
LoadCursorW
GetWindowTextW
MessageBoxW
GetMessageW
CreateWindowExW
ShowWindow
MapWindowPoints
EnableMenuItem
CharNextW
EndDialog
GetWindow
GetMonitorInfoW
TranslateMessage
SetMenu
DestroyCursor
RegisterClassW
GetActiveWindow
LoadMenuIndirectW
CreateDialogParamA
LoadIconA
GetSysColorBrush
GetCaretPos
OpenClipboard
SetCursorPos
CreateAcceleratorTableW
TrackPopupMenuEx
GetMenuInfo
CreateDialogIndirectParamW
TrackPopupMenu
GetClassInfoA
GetMenuState
CopyRect
InvalidateRect

oleaut32

CreateErrorInfo
SetErrorInfo
VariantClear
SafeArrayGetDim
SysFreeString
SysAllocString
VarBstrCmp
GetErrorInfo
LoadTypeLi
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElement
VariantInit
LoadRegTypeLi
SysStringLen
VarUI4FromStr
SysAllocStringLen

kernel32

WriteFile
GetACP
TlsFree
Process32NextW
FindFirstFileExW
SetHandleCount
FindClose
FindResourceW
lstrlenA
GetModuleHandleA
SetUnhandledExceptionFilter
GetFileInformationByHandle
IsValidLocale
FileTimeToSystemTime
GetSystemDefaultLCID
LeaveCriticalSection
CreateThread
SetErrorMode
InitializeCriticalSectionAndSpinCount
VirtualAlloc
FreeEnvironmentStringsW
HeapReAlloc
WaitForSingleObject
GetTempPathW
IsProcessorFeaturePresent
SizeofResource
GetConsoleCP
GetOEMCP
lstrcmpiW
CreateDirectoryW
LocalAlloc
DuplicateHandle
EnumUILanguagesW
IsDebuggerPresent
GetWindowsDirectoryW
RtlUnwind
HeapAlloc
TlsGetValue
GetCommandLineA
GetFileType
InterlockedPopEntrySList
RaiseException
GetTempFileNameW
EnumSystemLocalesA
GetCommandLineW
CreateToolhelp32Snapshot
EnterCriticalSection
WriteConsoleW
VirtualFree
LoadResource
CreateMutexW
GetStdHandle
GetDriveTypeW
FlushInstructionCache
GetTimeZoneInformation
SetLastError
FlushFileBuffers
CreateEventW
DeleteFileW
FreeLibrary
OutputDebugStringW
ReadFile
CloseHandle
SetEndOfFile
lstrcmpA
GetProcessHeap
GetSystemDirectoryW
TlsAlloc
GetShortPathNameW
GetLocalTime
CreateFileMappingW
GetPrivateProfileStringW
IsValidCodePage
FindFirstFileW
FindResourceExW
WideCharToMultiByte
MulDiv
LocalFree
GetSystemTimeAsFileTime
RemoveDirectoryW
GetCurrentDirectoryW
LockResource
SetStdHandle
IsWow64Process
SetFileAttributesW
GetUserDefaultLCID
TlsSetValue
FindNextFileW
GetSystemInfo
MapViewOfFile
LCMapStringW
FormatMessageW
HeapSize
lstrlenW
ResetEvent
GetCurrentThreadId
UnmapViewOfFile
SetEnvironmentVariableA
PeekNamedPipe
SetFilePointer
InterlockedPushEntrySList
DeleteCriticalSection
HeapDestroy
GetExitCodeThread
ReleaseMutex
UnhandledExceptionFilter
HeapFree
CreateFileW
GetPrivateProfileSectionW
CompareStringW
CreateProcessW
GetFullPathNameW
GetConsoleMode
GetModuleHandleW
Process32FirstW
LoadLibraryExW

docprop

DllGetClassObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 845KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65de36af80622a708c923c2c1a1ad97b

Headers

File Characteristics

Imports

setupapi

comdlg32

shlwapi

msi

gdi32

version

shell32

ole32

user32

oleaut32

kernel32

docprop

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 275KB - Virtual size: 845KB

.rdata Size: 7KB - Virtual size: 6KB

.rsrc Size: 8KB - Virtual size: 9KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 275KB - Virtual size: 845KB

.rdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 8KB - Virtual size: 9KB