0b2014c18e1917e8d47f435a24027f3c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b2014c18e1917e8d47f435a24027f3c_JaffaCakes118
Size

464KB
MD5

0b2014c18e1917e8d47f435a24027f3c
SHA1

c248cf14fa2d24ad23ff06be9412f473cab431e2
SHA256

df23b7963ad0888a5616e3b6d94aa9b00fa1dd171bf48ec32e19a94fb923957d
SHA512

81abf28cd44e992d3fb4431fe4f6189d1c0d76ab13eea9a11e61c495303eb57e3ecb6193097d075622fdd8e73340643f76d381a439e8fb8f1b670af45d6bac9d
SSDEEP

6144:mixCEr+cP1JJpNliAPU+PHbFeKN1NP+6xVrkQ+89iWoAgudoTWE1Druk8uW22K:mwJvNVPnPDtPVrkQ+89cAVoCW8uWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2014c18e1917e8d47f435a24027f3c_JaffaCakes118

Files

0b2014c18e1917e8d47f435a24027f3c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5c4c1d1598a6ffed434736593c76a0b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
VirtualFree
GetStdHandle
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
LCMapStringA
IsDebuggerPresent
GetTimeZoneInformation
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
ExitProcess
HeapReAlloc
VirtualAlloc
GetStartupInfoA
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetTickCount
SetErrorMode
GetFileSizeEx
LocalFileTimeToFileTime
FileTimeToLocalFileTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetStringTypeExA
DeleteFileA
MoveFileA
GetCurrentDirectoryA
SystemTimeToFileTime
FileTimeToSystemTime
GetThreadLocale
GetModuleHandleW
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
InterlockedExchange
lstrcpyA
lstrcpyW
lstrcmpA
GlobalReAlloc
GlobalAlloc
FormatMessageA
LocalFree
lstrlenW
MulDiv
lstrlenA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
MultiByteToWideChar
lstrcmpW
GetVersionExA
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCommandLineA
FindNextFileA
FindClose
GetModuleHandleA
ResumeThread
GetFileAttributesA
OpenProcess
FreeLibrary
GetLocalTime
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
Sleep
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
GetCurrentProcessId
GetLastError
LCMapStringW
CloseHandle

user32

ReuseDDElParam
LoadMenuA
DestroyMenu
SetCursor
ReleaseCapture
LoadAcceleratorsA
InvalidateRect
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
BringWindowToTop
TranslateAcceleratorA
ShowWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
RemoveMenu
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetFocus
SetFocus
UnpackDDElParam
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetParent
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
EnableWindow
SendMessageA
EndDialog
GetNextDlgTabItem
GetParent
UpdateWindow
GetClientRect
PostMessageA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
PostQuitMessage
ValidateRect
CharUpperA
IsZoomed
ReleaseDC
GetDC
IsRectEmpty
DeleteMenu
GetWindowTextLengthA
GetSystemMenu
IsWindowEnabled
GetDlgItem
GetWindowLongA
IsWindow
DestroyWindow
CreateDialogIndirectParamA
SetActiveWindow
GetActiveWindow
GetDesktopWindow
MessageBoxA
GetLastActivePopup
GetWindowThreadProcessId
GetWindow
GetSystemMetrics
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
SetWindowLongA
GetMenu
CallWindowProcA
DefWindowProcA
GetDlgCtrlID
GetCursorPos
TranslateMessage
GetMessageA
ShowOwnedPopups
FillRect
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
SetRect
DestroyCursor
LoadCursorA
InflateRect
GetSysColorBrush
SetTimer
KillTimer
WindowFromPoint
GetDCEx
LockWindowUpdate
SetCapture
DestroyIcon
RegisterClipboardFormatA
UnregisterClassA
GetTabbedTextExtentA
PostThreadMessageA
CreateMenu
CopyAcceleratorTableA
SetWindowRgn
DrawIcon
ScrollWindow
GetMenuItemInfoA

gdi32

ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
CreatePatternBrush
GetStockObject
CreatePen
CreateSolidBrush
TextOutA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
Rectangle
CreateFontIndirectA
SetRectRgn
CombineRgn
GetBkColor
CreateEllipticRgn
LPtoDP
Ellipse
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceA
GetTextExtentPointA
GetWindowOrgEx
PtVisible
RectVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgn
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
DPtoLP
GetObjectA
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
StretchDIBits
DeleteDC
CreateFontA
GetCharWidthA
DeleteObject
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
CreateBitmap
CreateDCA
GetDeviceCaps
SetBkColor
SetTextColor
GetClipBox
BitBlt
SelectObject
CreateCompatibleDC
IntersectClipRect

comdlg32

GetFileTitleA

winspool.drv

GetJobA
DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueA
RegCloseKey
GetUserNameA
CreateProcessAsUserA
OpenProcessToken
GetTokenInformation
RegCreateKeyA

shell32

SHGetFileInfoA
ExtractIconA
DragQueryFileA
DragFinish

shlwapi

PathIsUNCA
PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathRemoveFileSpecW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

odbc32

ord51
ord50
ord45
ord44
ord68
ord59
ord13
ord18
ord46
ord12
ord19
ord11
ord49
ord48
ord8
ord20
ord14
ord9
ord15
ord23
ord1
ord2
ord16
ord3
ord10
ord41
ord17
ord4
ord72
ord5

Sections

.text
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c4c1d1598a6ffed434736593c76a0b6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

odbc32

Sections

.text Size: 329KB - Virtual size: 328KB

.rdata Size: 87KB - Virtual size: 86KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 35KB - Virtual size: 35KB

.text
Size: 329KB - Virtual size: 328KB

.rdata
Size: 87KB - Virtual size: 86KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 35KB - Virtual size: 35KB