JaffaCakes118_3c75e7fe2c847688169224ebaeb9b4a3

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_3c75e7fe2c847688169224ebaeb9b4a3
Size

213KB
MD5

3c75e7fe2c847688169224ebaeb9b4a3
SHA1

92c36e7e2a67f425312a571c1d9f69524f1ae607
SHA256

12844927145d31e21403d61c063ee6b6b3c71acc71ba5cd0ca75a8497efba947
SHA512

c25d2f18a53cd102efb4e9901ba4695a5569df0408fc1a998cb9f2e5c69d1e7af350b46a8e22a48d072e01f088ae3b1d1ff1264564af85d3e67d48621c8d3a6f
SSDEEP

6144:rnT/XLzuguVXMvP9dIFf5tjTBm5nS2FUumkVD4rszhzfiwJ:3vhuVXMvzIFfDQ5dZXJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_3c75e7fe2c847688169224ebaeb9b4a3

Files

JaffaCakes118_3c75e7fe2c847688169224ebaeb9b4a3
.exe windows:2 windows x86 arch:x86

ef921c40b4a49cd26f067427caad9a9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlen
EndUpdateResourceW
SetCurrentDirectoryA
SuspendThread
SearchPathA
GetACP
GetShortPathNameW
SetLastError
WaitForSingleObject
CompareStringA
LoadLibraryA
MoveFileW
ReplaceFileA
GetHandleInformation
GetCurrentThread
GetModuleHandleA
GetCurrentProcess
lstrcmpA
lstrcatA
InitializeCriticalSection
CopyFileExA
OpenEventA
GetVersionExA
SetCalendarInfoW
GlobalGetAtomNameA
GetThreadLocale
ExpandEnvironmentStringsA
CreateMutexA
CreateMailslotA
GlobalFindAtomA
RaiseException
GetProcAddress
GetSystemDirectoryA
GetLogicalDriveStringsA
FindAtomW
SetPriorityClass
CopyFileExW
CreateSemaphoreA
CreateMutexW
FindResourceA
GetSystemDefaultLCID
GetLongPathNameW
GlobalFindAtomW
SetComputerNameW

user32

GetClassLongW
LoadMenuIndirectA
InsertMenuItemW
EnumDesktopWindows
GetParent
GetWindowTextLengthA
EnumDesktopsW
SetForegroundWindow
MessageBoxW
GetIconInfo
PostMessageW
GetWindowRect
GetWindowTextA
GetForegroundWindow
CharUpperW
MonitorFromWindow
SendDlgItemMessageW
CreateMenu
InsertMenuItemA
GetAsyncKeyState
GetMessageA
SetWindowTextA
CheckMenuItem
GetClassNameA
GetWindowRgn
UnregisterClassA
SendMessageW
PeekMessageW
RemoveMenu
DestroyCursor
mouse_event
TrackPopupMenuEx
LoadMenuA
SendDlgItemMessageA
DefFrameProcA
AppendMenuA
DrawTextW
RegisterWindowMessageW
IsMenu
RegisterWindowMessageA
MoveWindow
RegisterClassA
GetMenuState
GetMenuItemInfoW
CreateWindowExW
SetCapture
SetDlgItemTextA
IsIconic
GetClassNameW
GetClassInfoExW
GetSystemMetrics
EnableWindow
CreatePopupMenu
EnumDesktopsW
EnumChildWindows
CharNextA
RegisterClassW
DestroyMenu
SetMenu
GetCursorPos
CharUpperA
PeekMessageA
DefDlgProcA
DefDlgProcW
GetKeyboardLayout
DialogBoxParamA

gdi32

GetCharWidthI
EnumICMProfilesA
AngleArc
GetMetaFileBitsEx
GetWorldTransform
SelectBrushLocal
CopyEnhMetaFileW
GetEnhMetaFileDescriptionW
GetCharWidthA
GetCharABCWidthsFloatA
PolylineTo
GetMiterLimit
CloseMetaFile
GetStockObject
Arc
GetCharABCWidthsW
CreateICA
SetWindowOrgEx
SetViewportOrgEx
GetEnhMetaFileHeader
SetMetaFileBitsEx
EndFormPage
CreateDIBSection

advapi32

RegDeleteValueA
RegSaveKeyA
RegQueryValueExA
RegCreateKeyW
CryptSetProviderW
RegCloseKey
RegEnumKeyW
RegSetValueW
RegQueryValueA
RegRestoreKeyW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyA
RegSetValueA
RegReplaceKeyA
RegOpenKeyA
RegFlushKey
RegQueryInfoKeyA

shell32

ExtractIconExA

shlwapi

StrIsIntlEqualA
AssocQueryStringA
PathUnquoteSpacesW
PathFileExistsW

ole32

CoFreeLibrary
StringFromCLSID
CoCreateInstanceEx
IsValidIid
BindMoniker
OleCreate
CoCreateInstance

version

GetFileVersionInfoA
VerFindFileW
VerLanguageNameW

ws2_32

gethostbyname
WSADuplicateSocketW
getpeername
bind
htonl

wininet

FindFirstUrlCacheEntryExW
GetUrlCacheConfigInfoA
InternetConnectW
InternetDial
HttpSendRequestW
InternetInitializeAutoProxyDll
DeleteUrlCacheContainerW
UrlZonesDetach
FindFirstUrlCacheEntryW
InternetErrorDlg
GopherFindFirstFileW
InternetGetLastResponseInfoA
InternetAutodialCallback

urlmon

CompareSecurityIds
HlinkNavigateMoniker
PrivateCoInstall
DllRegisterServerEx
URLDownloadToCacheFileA
IsJITInProgress
RevokeBindStatusCallback
CoInternetCombineUrl
GetClassFileOrMime
RevokeFormatEnumerator
HlinkNavigateMoniker

winspool.drv

WritePrinter
GetFormW
WaitForPrinterChange
GetPrinterDataExA
FindNextPrinterChangeNotification
DEVICEMODE
AbortPrinter
SetDefaultPrinterW
DeletePrinterDriverExW
DeletePrinterDataA

inetcomm

MimeOleUnEscapeStringInPlace
MimeOleGetPropertySchema
CreateIMAPTransport
MimeOleGetRelatedSection
MimeOleGenerateCID
MimeOleSMimeCapRelease
MimeOleSetCompatMode
MimeOleAlgNameFromSMimeCap
MimeOleClearDirtyTree

oledlg

OleUIInsertObjectW
OleUIConvertW
OleUIAddVerbMenuW
OleUIChangeIconW
OleUIEditLinksA
OleUIUpdateLinksW
OleUIObjectPropertiesA
OleUIConvertA

sqlunirl

_CreateFileMapping_@24
_VkKeyScanEx_@8
_RegQueryValueEx_@24
_CharPrev_@8
_GetCompressedFileSize_@8
_GetEnvironmentVariable_@12
_GetLocaleInfo_@16
_RemoveDirectory_@4
_CreateDC_@16

crypt32

CryptGetDefaultOIDFunctionAddress
CertOpenSystemStoreA
CryptSIPRetrieveSubjectGuidForCatalogFile
CertGetNameStringW
CertFindChainInStore
PFXImportCertStore
CertSerializeCTLStoreElement
CertFreeCertificateContext
I_CryptFindLruEntryData
CertGetCTLContextProperty
CertEnumCertificateContextProperties

Sections

.X
Size: 126KB - Virtual size: 250KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Owjp
Size: 1KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qHnplJ
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b
Size: 2KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AoSQhW
Size: 3KB - Virtual size: 43KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef921c40b4a49cd26f067427caad9a9a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

version

ws2_32

wininet

urlmon

winspool.drv

inetcomm

oledlg

sqlunirl

crypt32

Sections

.X Size: 126KB - Virtual size: 250KB

.Owjp Size: 1KB - Virtual size: 31KB

.qHnplJ Size: 21KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.b Size: 2KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 8KB

.AoSQhW Size: 3KB - Virtual size: 43KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 512B - Virtual size: 4KB

.X
Size: 126KB - Virtual size: 250KB

.Owjp
Size: 1KB - Virtual size: 31KB

.qHnplJ
Size: 21KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.b
Size: 2KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 8KB

.AoSQhW
Size: 3KB - Virtual size: 43KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 4KB