0bcefc3d4ee2c2a3da3941befb09cd39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0bcefc3d4ee2c2a3da3941befb09cd39_JaffaCakes118
Size

684KB
MD5

0bcefc3d4ee2c2a3da3941befb09cd39
SHA1

c022f0f1c643cd5198f9ad17814ed3b217140469
SHA256

e3c4acc2d441fc797affe1475f04a4cfb5f40fae802af0a98bf26c00e5608862
SHA512

f31cf11acac7a4570738b61456c76b5e08130c18aec9d5fe9cb4af5b7b76ae46e3e85503c6f2287f17faa31ce90941948a069cf298949a88d94a237581c6a6ad
SSDEEP

12288:X+eMckvuMhgnGhim/ANb/XqZt7QKq/VAUntPj:FM5uq8ogXYJQpVtP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bcefc3d4ee2c2a3da3941befb09cd39_JaffaCakes118

Files

0bcefc3d4ee2c2a3da3941befb09cd39_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe6926082db3fd16430e81806df0842a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
SetErrorMode
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
HeapAlloc
HeapFree
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
GetTimeZoneInformation
GetACP
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetHandleCount
GetFileType
VirtualFree
HeapDestroy
HeapCreate
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
LCMapStringA
LCMapStringW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
SetEnvironmentVariableA
GetCurrentProcess
CreateFileW
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetThreadLocale
GetOEMCP
GetCPInfo
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedIncrement
ResumeThread
WritePrivateProfileStringA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
FileTimeToSystemTime
GetModuleFileNameW
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FormatMessageA
LocalFree
MulDiv
TerminateThread
GetVersion
CompareStringA
CompareStringW
SetEvent
GetProfileStringA
CloseHandle
WaitForSingleObject
CreateEventA
MultiByteToWideChar
lstrlenA
FreeResource
GlobalFree
CreateProcessA
GetCurrentProcessId
GetCurrentThreadId
FindFirstFileA
FindNextFileA
FindClose
Sleep
LeaveCriticalSection
WinExec
InterlockedExchange
EnterCriticalSection
CreateDirectoryA
GetLocalTime
GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetLastError
SetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
InterlockedDecrement
GetModuleFileNameA
GetStdHandle
GetTickCount

user32

LoadCursorA
GetSysColorBrush
SetCursor
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
DestroyMenu
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringA
DrawTextExA
TabbedTextOutA
WindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
CheckMenuItem
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
TrackPopupMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
ScreenToClient
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
IsIconic
GetWindowPlacement
GetWindow
SendMessageA
PostMessageA
IsWindow
EnableWindow
MessageBoxA
GetClientRect
CopyRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
UnregisterClassA
GetDC
ReleaseDC
LoadIconA
CreatePopupMenu
AppendMenuA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EnableMenuItem
ClientToScreen
FillRect
GetFocus
GetWindowRect
SystemParametersInfoA
SetTimer
KillTimer
RedrawWindow
InvalidateRect
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetRect
GetKeyState
GetCursorPos
LockWindowUpdate
DrawTextA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetBkMode
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
GetClipBox
GetDeviceCaps
GetDIBColorTable
SetDIBColorTable
CreateFontA
CreateDIBSection
GetObjectA
SetTextColor
GetTextColor
CreateCompatibleDC
BitBlt
DeleteDC
GetStockObject
LineTo
MoveToEx
Rectangle
DeleteObject
CreateSolidBrush
SetStretchBltMode
SelectObject

msimg32

TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

shlwapi

PathFindFileNameA
PathFindExtensionA

ole32

CreateStreamOnHGlobal
CLSIDFromString

oleaut32

SystemTimeToVariantTime
SysFreeString
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit
VariantTimeToSystemTime
SysAllocString

ws2_32

recv
WSAEnumNetworkEvents
WSAResetEvent
WSASetLastError
WSAWaitForMultipleEvents
ntohs
send
WSAGetLastError
connect
setsockopt
WSAEventSelect
WSACloseEvent
WSACreateEvent
recvfrom
htons
htonl
ntohl
WSAStartup
WSACleanup
socket
bind
WSAIoctl
closesocket
sendto

gdiplus

GdiplusStartup
GdipFree
GdipCloneImage
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdiplusShutdown
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight

Sections

.text
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fe6926082db3fd16430e81806df0842a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

ws2_32

gdiplus

Sections

.text Size: 440KB - Virtual size: 440KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 136KB - Virtual size: 136KB

.text
Size: 440KB - Virtual size: 440KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 136KB - Virtual size: 136KB