fa3b1b2bcdcd9a3d32ddc5d05418b3c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa3b1b2bcdcd9a3d32ddc5d05418b3c8_JaffaCakes118
Size

292KB
MD5

fa3b1b2bcdcd9a3d32ddc5d05418b3c8
SHA1

67c4454d7b725cd46ecabd1492088a971d085a9e
SHA256

eacd45f78b78a77fcaeab6bca0d5e2f0d341267ae3eee933f20a7610bda83850
SHA512

7a72611adca26d4b7ae16f8615f0caaccf091fa2d3f817081a7bfa93e3c4044d97da87986178f6ac90318e30d5677769e50dadc36d74b976c661471f633f1680
SSDEEP

6144:9CVjpKGA0w2szyRb1bVeNM8UYZCXJU5ePppJfGf840pD6UswRXGBinVcC:9erA2GdUYZmU5cDE8rpDmwRXGicC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa3b1b2bcdcd9a3d32ddc5d05418b3c8_JaffaCakes118

Files

fa3b1b2bcdcd9a3d32ddc5d05418b3c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

74367f9830862f34618e3e7f05f007e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathCanonicalizeW
PathFindFileNameW
PathIsUNCW
SHAutoComplete
StrCmpIW

user32

ScreenToClient
MonitorFromRect
IsRectEmpty
LoadCursorW
LoadImageW
GetLastActivePopup
OffsetRect
DispatchMessageA
CheckRadioButton
UnregisterClassA
DestroyIcon
IsDlgButtonChecked
EnableWindow
CreateWindowExW
DeferWindowPos
GetWindowTextW
GetMonitorInfoW
IsWindowUnicode
SetWindowContextHelpId
LoadStringW
SetFocus
IsWindowVisible
BeginDeferWindowPos
GetKeyboardState
BringWindowToTop
RemoveMenu
GetCursorPos
GetSystemMenu
GetDlgCtrlID
GetWindowThreadProcessId
GetWindowDC
DestroyWindow
CallWindowProcW
SetRectEmpty
IsWindowEnabled
SetClipboardData
SendMessageW
SetDlgItemTextW
GetParent
CreatePopupMenu
SetParent
UnregisterClassW
GetCaretPos
EmptyClipboard
GetDC
GetDlgItemInt
OpenClipboard
ReleaseDC
GetDesktopWindow
GetClientRect
ScrollWindow
AppendMenuW
GetPropW
InflateRect
EnumWindows
SetDlgItemInt
IsDialogMessageW
GetWindowPlacement
ShowWindow
SendDlgItemMessageW
DefWindowProcW
GetMessageA
RegisterWindowMessageW
GetKeyState
IsIconic
SetCaretPos
CreateCaret
DialogBoxParamW
ReleaseCapture
RegisterClipboardFormatW
DrawIconEx
SetLayeredWindowAttributes
CloseClipboard
FrameRect
GetMenuStringW
IsClipboardFormatAvailable
GetForegroundWindow
SendInput
InvalidateRect
RedrawWindow
KillTimer
GetFocus
LoadIconW
GetMessageW
MapWindowPoints
UpdateLayeredWindow
RegisterClassW
GetClipboardData
GetScrollInfo
PostThreadMessageW
TranslateMessage
CreateDialogParamW
SystemParametersInfoA
MonitorFromPoint
GetActiveWindow
CheckMenuItem
PtInRect
EndDialog
GetDlgItemTextW
SetPropW
EndPaint
GetClassInfoExW
SetWindowTextW
SystemParametersInfoW
MessageBeep
SetWindowLongW
RemovePropW
GetMenuItemCount
ClientToScreen
MoveWindow
CharUpperBuffW
MessageBoxW
AdjustWindowRectEx
PeekMessageW
DestroyCaret
DrawFrameControl
CharNextW
DispatchMessageW
FillRect
CreateDialogIndirectParamW
DrawTextExW
UnionRect
RegisterClassExW
SetTimer
SetCursor
CharLowerBuffW
ToUnicode
GetDialogBaseUnits
PostMessageW
GetMenu
GetWindowTextLengthW
GetWindow
CopyRect
CheckDlgButton
GetDlgItem
BeginPaint
GetWindowLongW
GetMessagePos
LoadStringA
EndDeferWindowPos
DialogBoxIndirectParamW
GetWindowRect
UpdateWindow
DestroyMenu
LoadBitmapW
SetCursorPos
MapDialogRect
GetMessageTime
IsWindow
GetSysColor
TrackMouseEvent
GetSystemMetrics
SetForegroundWindow
SetCapture
TrackPopupMenuEx
MapVirtualKeyW
SetRect
SetWindowPos
GetAsyncKeyState
SetScrollInfo
GetSysColorBrush
GetClassNameW

ole32

CoMarshalInterThreadInterfaceInStream
CoRegisterMessageFilter
CoGetInterfaceAndReleaseStream
RevokeDragDrop
OleSetClipboard
CreateStreamOnHGlobal
CoQueryProxyBlanket
CoImpersonateClient
StringFromGUID2
CoGetCallContext
CoRevokeClassObject
CoTaskMemRealloc
CoInitializeEx
CoInitialize
CoRevertToSelf
CreateBindCtx
DoDragDrop
CoSetProxyBlanket
RegisterDragDrop
CoUninitialize
CoTaskMemFree
CoCreateGuid
CLSIDFromString
StringFromCLSID
CoLockObjectExternal
CoTaskMemAlloc
CoWaitForMultipleHandles
CoLoadLibrary
CoGetMalloc
CreateItemMoniker
CoCreateInstance
OleFlushClipboard
GetRunningObjectTable
ReleaseStgMedium
CoMarshalInterface
CoReleaseMarshalData
OleGetClipboard
CoRegisterClassObject
CoCreateFreeThreadedMarshaler
OleDuplicateData
CoUnmarshalInterface

msimg32

TransparentBlt
AlphaBlend

advapi32

RegEnumValueW
InitializeAcl
AdjustTokenPrivileges
RegQueryInfoKeyW
AddAccessAllowedAce
AllocateAndInitializeSid
CryptDestroyHash
SetSecurityDescriptorDacl
LookupAccountSidW
OpenProcessToken
EqualSid
RegDeleteValueW
GetSidSubAuthorityCount
SetSecurityInfo
GetSidIdentifierAuthority
LookupAccountNameW
RegCloseKey
OpenThreadToken
CryptReleaseContext
GetTokenInformation
AddAce
CryptGetHashParam
CheckTokenMembership
GetUserNameW
SetThreadToken
RegCreateKeyExW
DuplicateTokenEx
GetSecurityInfo
CryptHashData
FreeSid
RegDeleteKeyW
RegSetValueExW
InitializeSecurityDescriptor
GetSidSubAuthority
RegQueryValueExW
SetSecurityDescriptorGroup
AccessCheck
LookupPrivilegeNameW
LookupPrivilegeValueW
GetLengthSid
RegEnumKeyExW
CryptAcquireContextA
IsValidSid
CryptCreateHash
RegConnectRegistryW
IsValidSecurityDescriptor
PrivilegeCheck
SetSecurityDescriptorOwner
DuplicateToken
RegOpenKeyExW
CopySid

kernel32

RaiseException
FreeEnvironmentStringsW
GlobalUnlock
SetFileAttributesW
DuplicateHandle
lstrcmpiA
SetNamedPipeHandleState
HeapSize
ExitThread
GetComputerNameExW
TlsSetValue
CreateFileW
GetCurrentThreadId
lstrcmpiW
HeapDestroy
LocalFree
GlobalFree
FindClose
FreeLibraryAndExitThread
ReleaseMutex
GetCurrentDirectoryW
GetPrivateProfileIntW
HeapReAlloc
MapViewOfFile
CreateEventW
InitializeCriticalSectionAndSpinCount
GetThreadLocale
TlsFree
InterlockedPushEntrySList
LeaveCriticalSection
CreateDirectoryW
GlobalAlloc
FormatMessageA
SetLastError
VirtualFree
GetTempPathW
ReadFile
HeapFree
GetProcessTimes
FileTimeToSystemTime
SizeofResource
GetOverlappedResult
SetHandleInformation
CancelIo
GetComputerNameA
lstrcmpA
CreateProcessW
LocalSize
CreateMutexW
DeleteFileW
WaitForMultipleObjects
QueueUserWorkItem
GetFileSizeEx
LocalReAlloc
GetSystemTimeAsFileTime
FreeResource
SetFilePointer
FlushInstructionCache
ResumeThread
GetDateFormatW
GetSystemInfo
LCMapStringW
TlsAlloc
HeapAlloc
GetTempFileNameW
ProcessIdToSessionId
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
EnterCriticalSection
FindResourceExW
PeekNamedPipe
FormatMessageW
GetProcessHeap
SetCurrentDirectoryW
CloseHandle
CreateToolhelp32Snapshot
CreateThread
OpenProcess
WideCharToMultiByte
Process32NextW
FindFirstFileW
lstrlenW
OutputDebugStringW
ResetEvent
Process32FirstW
GetModuleHandleA
CreateFileMappingW
TerminateThread
FindResourceW
DeleteCriticalSection
GetModuleHandleW
WaitForSingleObject
GlobalLock
GetShortPathNameW
InterlockedPopEntrySList
FindAtomW
MulDiv
TlsGetValue
GetPrivateProfileSectionW
GetStringTypeExW
LockResource
SetEnvironmentVariableW
UnhandledExceptionFilter
WriteFile
TransactNamedPipe
LocalAlloc
ExpandEnvironmentStringsW
SwitchToThread
ReadProcessMemory
IsProcessorFeaturePresent
CreatePipe
LoadLibraryExW
lstrlenA
GetLongPathNameW
GetProfileIntW
GetComputerNameW
LoadResource
FreeLibrary
GetTimeFormatW
WaitNamedPipeW
SetFilePointerEx
GetCurrentProcess

gdi32

GetTextExtentPointW
ExtTextOutW
GetBkColor
SetMapMode
SetDCPenColor
CreateDCW
SetBkMode
CreateCompatibleDC
SelectObject
GetRgnBox
DeleteDC
SetBrushOrgEx
SetTextColor
CreateFontIndirectW
CreatePolygonRgn
BitBlt
ExtCreatePen
CreateSolidBrush
SetStretchBltMode
CreateDIBSection
GetObjectW
MoveToEx
GetStockObject
SetDIBColorTable
Rectangle
Polyline
CreateRectRgn
CreateCompatibleBitmap
GetClipBox
GetDIBColorTable
SetBkColor
LineTo
CombineRgn
CreatePen
StretchBlt
GetTextExtentPoint32W
GetObjectA
GetDeviceCaps
DeleteObject
Polygon
PatBlt
GetTextMetricsW

oleaut32

VariantInit
RegisterTypeLi
SysAllocStringLen
SysAllocString
LoadRegTypeLi
SafeArrayGetVartype
SafeArrayGetLBound
UnRegisterTypeLi
SafeArrayUnlock
SafeArrayGetElement
SafeArrayCreate
SysAllocStringByteLen
GetErrorInfo
SysReAllocStringLen
VariantCopy
VariantChangeType
SafeArrayGetDim
VarBstrCat
VariantClear
SysFreeString
SafeArrayGetUBound
SysStringLen
SysStringByteLen
LoadTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayPutElement
VarBstrCmp
SafeArrayLock
SafeArrayAccessData
VarUI4FromStr

comctl32

ImageList_Destroy
ImageList_GetIcon
ImageList_DrawEx
ImageList_Create
ImageList_AddMasked
ImageList_LoadImageW
ImageList_Add

usp10

ScriptStringFree
ScriptStringOut
ScriptStringAnalyse

duser

CreateAction
SetActionTimeslice
SetGadgetRootInfo
DetachWndProc
SetGadgetCenterPoint
SetGadgetStyle
WaitMessageEx
GetGadgetProperty
LookupGadgetTicket
GetStdColorF
GetGadgetRotation
InitGadgetComponent
GetGadgetRect

kbdic

KbdLayerDescriptor

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 250KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74367f9830862f34618e3e7f05f007e4

Headers

File Characteristics

Imports

shlwapi

user32

ole32

msimg32

advapi32

kernel32

gdi32

oleaut32

comctl32

usp10

duser

kbdic

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 250KB - Virtual size: 252KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 250KB - Virtual size: 252KB

.rsrc
Size: 10KB - Virtual size: 9KB