f277db4a3f0874aa914f1fb9c23f6ac4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f277db4a3f0874aa914f1fb9c23f6ac4_JaffaCakes118
Size

319KB
MD5

f277db4a3f0874aa914f1fb9c23f6ac4
SHA1

f91508209bf78b84dc35a8380cc807c5fff6f0c9
SHA256

ddb6ec6b7e67159ccc3983225ac20b95cc00819df2c9031eabdaffb9d415a9d4
SHA512

59a45610b9e7986eab62422791e2554c533d6ce6b2ab75356e1daf05c26bf12291682ad54a2c6c5b3f658d1c6e27a677d7de5388a2963179549a4000daf31097
SSDEEP

3072:VK43mdnmnrozmJnG51ydvIztoh2OY7802RrxYAMLH5xC8XuaFFD3RTZO3ii38gVE:Xmknr6Kqtoh2A5reNLHTVR0V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f277db4a3f0874aa914f1fb9c23f6ac4_JaffaCakes118

Files

f277db4a3f0874aa914f1fb9c23f6ac4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

93237a0c869f262f321d4583e179b83c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
CreateFileA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GlobalFree
GlobalAddAtomA
SetErrorMode
GetCurrentDirectoryA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
GetCurrentProcess
DuplicateHandle
FindResourceA
SetLastError
lstrcatA
GetFileAttributesA
lstrcmpiA
LocalAlloc
LocalLock
LocalUnlock
LocalFree
MulDiv
LoadResource
LockResource
FreeResource
LoadLibraryA
WritePrivateProfileStringA
SetThreadPriority
ResumeThread
FreeLibrary
lstrcmpA
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
MultiByteToWideChar
GetProcAddress
WideCharToMultiByte
WriteFile
VirtualAlloc
VirtualFree
GetCurrentThread
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetModuleFileNameA
ExitProcess
UnhandledExceptionFilter
GetTickCount
GetLastError
FatalAppExitA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetVersion
RtlUnwind
GetCommandLineA
GetEnvironmentStrings
GetStartupInfoA
GetModuleHandleA
GlobalGetAtomNameA
lstrlenA
GlobalAlloc
GlobalLock
lstrcpyA
GlobalUnlock
CloseHandle
CreateThread
ExitThread
RaiseException

user32

SetCapture
IsIconic
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
IsWindow
GetActiveWindow
DestroyMenu
LoadMenuA
LoadIconA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadStringA
GetClassNameA
CharUpperA
OemToCharA
CharToOemA
InsertMenuA
DeleteMenu
IsRectEmpty
ScrollWindow
InflateRect
KillTimer
ClientToScreen
WindowFromPoint
SetTimer
SetMessageQueue
GetDCEx
DrawTextA
GrayStringA
IntersectRect
SetParent
InvertRect
IsClipboardFormatAvailable
GetTabbedTextExtentA
RegisterWindowMessageA
SetDlgItemTextA
SetWindowTextA
InvalidateRect
PtInRect
FillRect
OffsetRect
GetDC
ReleaseDC
LoadCursorA
IsDialogMessageA
SendDlgItemMessageA
SystemParametersInfoA
GetSystemMetrics
SetRect
CharLowerBuffA
SetActiveWindow
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ShowScrollBar
LockWindowUpdate
GetScrollPos
TabbedTextOutA
SetScrollPos
GetTopWindow
MessageBeep
GetDlgCtrlID
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
DestroyWindow
CreateWindowExA
SetPropA
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindowRect
SetWindowLongA
wsprintfA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
SetFocus
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
GetCursorPos
UnhookWindowsHookEx
SetWindowsHookExA
GetLastActivePopup
SetCursor
ShowOwnedPopups
SetWindowPos
IsWindowVisible
UpdateWindow
PostQuitMessage
GetDlgItem
ShowWindow
DialogBoxIndirectParamA
DialogBoxParamA
EnableWindow
CreateDialogIndirectParamA
CreateDialogParamA
GetWindow
GetWindowLongA
GetParent
EndDialog
EndPaint
BeginPaint
GetWindowDC
GetScrollRange
SetScrollRange
IsChild
IsWindowEnabled
SendMessageA
MessageBoxA
PackDDElParam
PostMessageA
FreeDDElParam
PeekMessageA
GetNextDlgGroupItem
GetSysColor
DestroyCursor

gdi32

SetRectRgn
GetTextFaceA
GetWindowOrgEx
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
PatBlt
GetStockObject
Rectangle
DPtoLP
CreatePen
AbortDoc
GetViewportOrgEx
EndPage
StartPage
EndDoc
GetMapMode
SetAbortProc
DeleteDC
GetTextMetricsA
CreateFontIndirectA
GetCharWidthA
SaveDC
RestoreDC
SelectObject
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
GetObjectType
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateDCA
GetTextExtentPointA
LPtoDP
GetBkColor
GetNearestColor
CreateCompatibleDC
BitBlt
CreateRectRgnIndirect
CreateFontA
CombineRgn
GetTextColor
StartDocA
GetROP2
GetBkMode
GetTextAlign
GetPolyFillMode
GetStretchBltMode

comdlg32

FindTextA
ReplaceTextA
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
PrintDlgA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueA

shell32

DragQueryFileA
DragFinish

Sections

.text
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93237a0c869f262f321d4583e179b83c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

Sections

.text Size: 217KB - Virtual size: 217KB

.bss Size: - Virtual size: 25KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 12KB

.idata Size: 9KB - Virtual size: 8KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 17KB - Virtual size: 16KB

.text
Size: 217KB - Virtual size: 217KB

.bss
Size: - Virtual size: 25KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 12KB

.idata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 17KB - Virtual size: 16KB