047a0a9c63417f78a41767d78f8539b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

047a0a9c63417f78a41767d78f8539b5_JaffaCakes118
Size

295KB
MD5

047a0a9c63417f78a41767d78f8539b5
SHA1

1f0f9049e7414fdf0e20497bc9a447143a18c089
SHA256

89abe9b1c0c393ca8a65daa949a1d0c602e57d5d2bb3477d1fa3c81d1c9fce12
SHA512

fe9bf66fb2b555b0dcb3f6a146de464eef00f39760104c1942670b8644b18c4302ad3e650a1b92ee77288a26d93add999d9a5c5657712ff00044e87296eb65ae
SSDEEP

6144:uLa8jWTibs08Xs/I86d5Gz8mNl3FNXipYzdisXFu:uLasWT284QMz8KFNXbzdis1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
047a0a9c63417f78a41767d78f8539b5_JaffaCakes118

Files

047a0a9c63417f78a41767d78f8539b5_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a48dcb4dddee0de951ddd750966025f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FlushFileBuffers
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
SetConsoleMode
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
LocalFree
CloseHandle
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
GetComputerNameA
SetThreadLocale
GetSystemDirectoryA
WriteFile
GetWindowsDirectoryA
GetConsoleTitleA
GetCurrentProcess
HeapAlloc
FreeLibrary
CreateFileA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
SetFilePointer
GetConsoleCP
GetConsoleMode
ReadConsoleInputA
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapFree
WideCharToMultiByte
GetTimeZoneInformation
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA

user32

GetKeyboardLayoutNameW
ActivateKeyboardLayout
ValidateRect
SetScrollInfo
GetDlgItemTextA
LoadCursorA
FindWindowA
SetWindowTextA
EndPaint
SetTimer
InsertMenuItemA
PostQuitMessage
SendDlgItemMessageA
GetWindowDC
FillRect
GetTopWindow
KillTimer
LoadStringA
MessageBoxIndirectA
GetClientRect
SendMessageA
GetSystemMetrics
BeginPaint
GetDC
GetCursorInfo
GetKeyboardLayout
MessageBoxA
ReleaseDC
GetDlgItem
ScrollWindow
EndDialog
DefWindowProcA
GetCursorPos
IsDlgButtonChecked
IsWindow

gdi32

MoveToEx
BitBlt
GetTextExtentPoint32A
SetViewportOrgEx
LineTo
SetWindowExtEx
CreateHatchBrush
DeleteDC
CreateDIBSection
GetDeviceCaps
CreateFontIndirectA
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
SetMapMode
CreateCompatibleBitmap
Rectangle
Ellipse
CreatePen
SetViewportExtEx
GetTextMetricsA
CreateSolidBrush
TextOutA

winspool.drv

StartDocPrinterA
StartPagePrinter
ClosePrinter
GetPrinterDataA
EndDocPrinter
OpenPrinterA

comdlg32

PrintDlgA

advapi32

GetNumberOfEventLogRecords
CloseEventLog
RegCloseKey
ReadEventLogA
OpenEventLogA
GetUserNameA
ClearEventLogA
FreeSid
AllocateAndInitializeSid
ReportEventA
GetOldestEventLogRecord
DeregisterEventSource
SetNamedSecurityInfoA
SetEntriesInAclA
OpenProcessToken
RegisterEventSourceA

ws2_32

WSCDeinstallProvider

secur32

QuerySecurityPackageInfoA

imm32

ImmSetOpenStatus
ImmIsIME
ImmGetContext
ImmGetOpenStatus

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 97KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a48dcb4dddee0de951ddd750966025f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

ws2_32

secur32

imm32

Sections

.text Size: 103KB - Virtual size: 102KB

.rdata Size: 66KB - Virtual size: 65KB

.data Size: 97KB - Virtual size: 104KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 103KB - Virtual size: 102KB

.rdata
Size: 66KB - Virtual size: 65KB

.data
Size: 97KB - Virtual size: 104KB

.rsrc
Size: 28KB - Virtual size: 28KB