JaffaCakes118_61e7a063c0f81772b82aebd9068d7af0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_61e7a063c0f81772b82aebd9068d7af0
Size

266KB
MD5

61e7a063c0f81772b82aebd9068d7af0
SHA1

592f4f53987d031fd615901cd988846658397ac9
SHA256

9f7193b980526f6de23e439659a1973488ce15a6ef8d67c8d9fe4048270d0241
SHA512

d1b42e1bea33dff8e91f3ee9990891b6fa84d843b9b69997e487deea510ef118c4c2d46ad41f6804437b0a4a2f4ec245ea3cf250a773d88e022734990cbea9f6
SSDEEP

6144:sXtW3PhCyc/BAnkAsgtv0ogX2475K+pQ9yf2+GMHxbnuhKeibq3OM:sX4x8ekMvVgX2Q5ZpQ9+371uhM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_61e7a063c0f81772b82aebd9068d7af0

Files

JaffaCakes118_61e7a063c0f81772b82aebd9068d7af0
.exe windows:4 windows x86 arch:x86

a673a2fbcda60a47296bab9ebc1578cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

user32

GetKeyboardType
SetWindowLongW
ScreenToClient
DialogBoxParamW
InvalidateRgn
EndPaint
ShowWindow
RedrawWindow
ReleaseCapture
GetDlgItemTextW
SetForegroundWindow
SetScrollPos
SetScrollInfo
GetFocus
CharNextW
UnregisterClassA
GetWindowLongW
DestroyWindow
GetSysColor
PeekMessageW
GetActiveWindow
GetParent
GetWindow
BeginPaint
DispatchMessageW
SetWindowPos
GetWindowThreadProcessId
SetCapture
GetWindowRect
GetDlgItem
InvalidateRect
FillRect
GetDC
SendMessageW
GetWindowTextLengthW
SetWindowTextW
GetWindowTextW
TranslateMessage
SystemParametersInfoW
GetClassInfoExW
EndDialog
EnumWindows
RegisterClassExW
GetDesktopWindow
LoadIconW
DestroyAcceleratorTable
DefWindowProcW
CreateCaret
FindWindowW
MapWindowPoints
MessageBoxW
IsWindow
GetClassNameW
SetDlgItemTextW
SetWindowContextHelpId
GetMonitorInfoW
IsChild
MonitorFromWindow
GetClientRect
GetSystemMetrics
ReleaseDC
CallWindowProcW
MsgWaitForMultipleObjects
SetFocus
CreateWindowExW
IsWindowVisible
CreateDialogIndirectParamW
LoadCursorW
RegisterWindowMessageW
MapDialogRect
ClientToScreen
MoveWindow
CreateAcceleratorTableW

shell32

ShellExecuteW
CommandLineToArgvW

kernel32

ReleaseMutex
SetUnhandledExceptionFilter
DeviceIoControl
VirtualFree
GlobalHandle
GetFileInformationByHandle
LocalFree
GetStdHandle
GetFileType
GetCommandLineA
TlsGetValue
InterlockedPushEntrySList
GetConsoleMode
CreateThread
IsValidCodePage
SetStdHandle
GlobalAlloc
GetSystemInfo
GetWindowsDirectoryW
SetEndOfFile
FindFirstFileExW
RaiseException
HeapReAlloc
lstrlenW
GlobalUnlock
SizeofResource
GetProcessHeap
GetShortPathNameW
CreateFileW
FileTimeToSystemTime
GetConsoleCP
SetLastError
GetFullPathNameW
GetLogicalDriveStringsW
MulDiv
GetCommandLineW
lstrcmpiW
IsDebuggerPresent
SetEnvironmentVariableA
GlobalFree
GetLocalTime
GetUserDefaultLCID
FormatMessageW
EnterCriticalSection
EnumSystemLocalesA
WriteConsoleW
CreateFileMappingW
WideCharToMultiByte
FlushFileBuffers
CreateEventW
UnmapViewOfFile
GetCurrentThreadId
IsProcessorFeaturePresent
TlsFree
GetPrivateProfileSectionW
VirtualAlloc
lstrlenA
GetTimeZoneInformation
GetDriveTypeW
IsValidLocale
FreeResource
HeapAlloc
FlushInstructionCache
DeleteFileW
GetCurrentDirectoryW
GetPrivateProfileStringW
TlsAlloc
WriteFile
GlobalMemoryStatusEx
SetFilePointer
GetTempFileNameW
GetOEMCP
PeekNamedPipe
GetModuleHandleW
LocalAlloc
SetHandleCount
RtlUnwind
InterlockedPopEntrySList
GetSystemDirectoryW
DeleteCriticalSection
IsWow64Process
FindResourceExW
GetACP
GetTempPathW
CreateMutexW
FreeEnvironmentStringsW
EnumUILanguagesW
FindClose
TlsSetValue
ReadFile
CompareStringW
LCMapStringW
LoadLibraryExW
GetFileSize
MapViewOfFile
HeapDestroy
InitializeCriticalSectionAndSpinCount
CloseHandle
FindResourceW
GetSystemTimeAsFileTime
LockResource
LeaveCriticalSection
lstrcmpW
HeapSize
GlobalLock
FreeLibrary
LoadResource
ExpandEnvironmentStringsW
HeapFree
UnhandledExceptionFilter
GetStartupInfoA

gdi32

BitBlt
GetObjectW
GetStockObject
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
DeleteObject
CreateFontIndirectW
GetTextExtentPoint32W
DeleteDC
SelectObject
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreatePolygonRgn
CreateBitmapIndirect
RemoveFontResourceA
CreateScalableFontResourceW
CreateFontW

advapi32

AllocateAndInitializeSid
RevertToSelf
SetSecurityDescriptorDacl
LsaFreeMemory
ImpersonateSelf
IsValidSecurityDescriptor
CloseServiceHandle
QueryServiceConfigW
OpenSCManagerW
InitializeSecurityDescriptor
QueryServiceStatus
AddAccessAllowedAce
AccessCheck
RegSetValueExW
SetSecurityDescriptorGroup
LsaClose
FreeSid
SetSecurityDescriptorOwner
RegCreateKeyW
OpenThreadToken
RegCloseKey
RegEnumKeyExW
GetLengthSid
RegQueryValueExW
RegCreateKeyExW
LsaQueryInformationPolicy
RegOpenKeyW
RegEnumValueW
InitializeAcl
RegDeleteValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
OpenProcessToken
OpenServiceW
LsaOpenPolicy

wininet

InternetOpenUrlW
InternetOpenW
InternetGetConnectedState
HttpQueryInfoW

oleaut32

SysAllocString
SysAllocStringByteLen
LoadTypeLi
SysStringLen
SafeArrayPutElement
SysAllocStringLen
GetErrorInfo
SafeArrayGetUBound
SafeArrayGetDim
SafeArrayCreate
OleCreateFontIndirect
SafeArrayDestroy
VarBstrCmp
SetErrorInfo
CreateErrorInfo
SysStringByteLen
VariantClear
VariantCopy
SafeArrayGetLBound
SafeArrayGetElement
VariantInit
LoadRegTypeLi
SysFreeString
VarUI4FromStr

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ole32

CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoCreateGuid
OleLockRunning
CoGetClassObject
OleRun
CLSIDFromString
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
OleUninitialize
OleInitialize
CoInitialize
StringFromGUID2
CoInitializeEx

mlang

DllGetClassObject

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 231KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a673a2fbcda60a47296bab9ebc1578cd

Headers

File Characteristics

Imports

setupapi

user32

shell32

kernel32

gdi32

advapi32

wininet

oleaut32

version

ole32

mlang

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 231KB - Virtual size: 1.0MB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 231KB - Virtual size: 1.0MB

.rsrc
Size: 9KB - Virtual size: 9KB