ed4e798b64711c2b155a00549c1113e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed4e798b64711c2b155a00549c1113e8_JaffaCakes118
Size

252KB
MD5

ed4e798b64711c2b155a00549c1113e8
SHA1

c05d2f5dcf2290248013e9b9627931564fbc9c49
SHA256

54cb4f8128a9c144eda44464da759c05c5d8acddebb98451319b0f2e8652a4e9
SHA512

83c67c6c4978eef42d26ce21b44a22c29daac6fda0c2a0ff966714d6ea742023ce1ddd9dc71a80b2657ee2ba79f6c9f5b4fde341afe57c0db40d61be7581b6c7
SSDEEP

3072:Ct0zJ1MU4ui6Fped9F6XRqNvOwkGzujCuO5QR+JXzwL+DRSA81eNqYj25nqklzxW:Tz/J46Q6XWOwkGoCuOduL+FEVLFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed4e798b64711c2b155a00549c1113e8_JaffaCakes118

Files

ed4e798b64711c2b155a00549c1113e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a3ad202052cfa7b82796687634bfc7de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
VirtualQuery
GetTimeZoneInformation
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetSystemInfo
VirtualAlloc
VirtualProtect
TerminateProcess
HeapReAlloc
HeapFree
HeapAlloc
ExitProcess
RtlUnwind
GetStartupInfoW
GetTickCount
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
SetErrorMode
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
lstrcmpiW
WritePrivateProfileStringW
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalFindAtomW
lstrlenA
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
InterlockedDecrement
CloseHandle
GlobalAddAtomW
FreeResource
GetCurrentThread
GetCurrentThreadId
lstrcmpW
FreeLibrary
GlobalDeleteAtom
GetModuleHandleW
GetProcAddress
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
LoadLibraryW
GetLocaleInfoW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GlobalFree
MulDiv
lstrlenW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
CopyFileW
GetModuleFileNameW
GetSystemDirectoryW
DeleteFileW
Sleep
GetLastError
WinExec
lstrcpyW
FindResourceW
LoadResource
LockResource
IsBadWritePtr
SizeofResource

user32

DestroyMenu
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableW
SetRect
IsRectEmpty
CharNextW
CharUpperW
wsprintfW
ReleaseCapture
SetCapture
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
WinHelpW
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendDlgItemMessageW
SendDlgItemMessageA
SetFocus
IsChild
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
AdjustWindowRectEx
EqualRect
GetClassInfoW
RegisterClassW
UnregisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetCursor
PostThreadMessageW
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
RegisterClipboardFormatW
GetForegroundWindow
PostQuitMessage
PostMessageW
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSystemMetrics
EnableWindow
LoadIconW
GetClientRect
IsIconic
SendMessageW
DrawIcon
MessageBoxW
GetWindowTextW

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ExtTextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
Escape
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
TextOutW
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
GetPrinterDriverDirectoryW
AddPrinterW
DeletePrinter
DeletePrinterDriverW
ClosePrinter
XcvDataW
OpenPrinterW
AddPrinterDriverW
AddMonitorW
DeleteMonitorW

advapi32

RegSetValueExW
QueryServiceStatus
StartServiceW
OpenServiceW
OpenSCManagerW
ControlService
RegCloseKey
RegOpenKeyW
RegQueryValueExW
RegOpenKeyExW
CloseServiceHandle
RegCreateKeyExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW

comctl32

ord17

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
CLSIDFromProgID
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysFreeString
SysAllocStringLen

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3ad202052cfa7b82796687634bfc7de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 40KB - Virtual size: 60KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 40KB - Virtual size: 60KB