48460c1f75469995a67349fe0766f776_JaffaCakes118[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

48460c1f75469995a67349fe0766f776_JaffaCakes118.exe
Size

88KB
MD5

48460c1f75469995a67349fe0766f776
SHA1

7231c635ee7623977c79f8a44a77384a4ff4536f
SHA256

648eb39a5e77af2e2069e196a5709a93e81b29c74dbe2fa4ead4440e0f535e97
SHA512

ad2a372e96f6fbb83f0f8e213804b7c978afa7d28ac3a3a330d9dd1b103efc799824c3815593b9e4c41d05df8723445bad8040c42da121fd2330917d160c9afd
SSDEEP

1536:HN5kEXLJj+EFTctJovSdM0wPC7KZhxKOn+nJI3pD34YsXm:t5kENj+EpcUSiHK7Kf+JI3B34YsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48460c1f75469995a67349fe0766f776_JaffaCakes118.exe

Files

48460c1f75469995a67349fe0766f776_JaffaCakes118.exe
.exe windows:5 windows x86 arch:x86

f57994b4dece329fdeff65f42ee6ccfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FindClose
CloseHandle
GetCommConfig
GetSystemTime
GetSystemTimeAsFileTime
SystemTimeToFileTime
FileTimeToSystemTime
DosDateTimeToFileTime
MapViewOfFile
lstrcmpW
lstrcmpiW
lstrcpynA
lstrcpyA
lstrcpyW
lstrcatA
lstrlenW
TlsGetValue
TlsSetValue
SleepEx
WriteFileEx
CreateMutexA
OpenMutexA
CreateEventA
CreateEventW
CreateFileMappingA
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetStartupInfoA
GetCommandLineW
ExpandEnvironmentStringsA
FindResourceW
FindAtomA
GetProfileIntW
GetProfileStringW
WriteProfileStringW
GetSystemDirectoryA
GetFullPathNameA
DefineDosDeviceW
CreateFileA
SetEndOfFile
GetFileAttributesW
FindFirstFileW
SearchPathA
GetComputerNameA
QueryPerformanceCounter
IsValidCodePage
GetACP
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
CompareStringA
CompareStringW
LCMapStringA
LCMapStringW
GetLocaleInfoA
GetTimeFormatW
GetDateFormatA
GetDateFormatW
GetUserDefaultUILanguage
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
FoldStringW
EnumSystemLocalesA
SetConsoleCtrlHandler
WriteConsoleA
WriteConsoleW
GetConsoleCP
GetConsoleOutputCP
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
DeviceIoControl
FlushFileBuffers
ReadFile
WriteFile
SetStdHandle
GetStdHandle
GetFileSize
SetHandleCount
GlobalDeleteAtom
SizeofResource
LoadResource
Sleep
WaitForMultipleObjects
WaitForSingleObject
ResetEvent
SetEvent
EnterCriticalSection
InitializeCriticalSection
QueueUserAPC
ResumeThread
GetOverlappedResult
GetLastError
TerminateThread
GetCurrentThread
CreateThread
SetUnhandledExceptionFilter
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
TerminateProcess
GetCurrentProcess
OpenProcess
GetProcessHeap
HeapSize
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
VirtualQuery
VirtualFree
VirtualAlloc
LocalFree
LocalSize
LocalReAlloc
LocalAlloc
GlobalCompact
GlobalLock
GlobalSize
GlobalAlloc
GetVersion
GetProcAddress
DisableThreadLibraryCalls
FreeLibrary
CreateFileW
LockResource

user32

EndPaint
InvalidateRect
SetScrollPos
SetWindowTextW
GetWindowTextA
GetWindowTextW
GetWindowRect
MessageBoxA
MessageBoxW
SetCursor
GetCursorPos
HideCaret
ClientToScreen
ScreenToClient
MapWindowPoints
ChildWindowFromPoint
GetSysColorBrush
DrawFocusRect
InflateRect
OffsetRect
SetWindowLongA
SetWindowLongW
GetProcessDefaultLayout
SetProcessDefaultLayout
GetDesktopWindow
GetParent
FindWindowA
GetWindowThreadProcessId
CheckMenuRadioItem
LoadCursorA
LoadCursorW
LoadImageW
LoadStringA
LoadStringW
IsDialogMessageA
IsDialogMessageW
SystemParametersInfoW
SetWinEventHook
UnhookWinEvent
InsertMenuItemA
TrackPopupMenuEx
TrackPopupMenu
SetMenuItemBitmaps
GetSubMenu
EnableMenuItem
CheckMenuItem
GetSystemMenu
ReleaseDC
GetMenu
LoadMenuW
GetSystemMetrics
TranslateAcceleratorW
TranslateAcceleratorA
LoadAcceleratorsW
LoadAcceleratorsA
EnableWindow
KillTimer
SetTimer
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
GetFocus
GetKeyboardLayout
GetMessageA
TranslateMessage
SetFocus
CharNextW
CharNextA
CharLowerW
IsClipboardFormatAvailable
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
GetDlgCtrlID
SendDlgItemMessageW
SendDlgItemMessageA
IsDlgButtonChecked
CheckDlgButton
SetDlgItemTextW
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
DialogBoxIndirectParamA
DialogBoxParamW
CreateDialogParamA
IsIconic
MoveWindow
ShowWindow
IsChild
CreateWindowExW
CreateWindowExA
RegisterClassA
CallWindowProcW
PostQuitMessage
AttachThreadInput
PostMessageW
GetDC
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetMenuState
DrawTextExW
PostMessageA
SendMessageA
PeekMessageW
PeekMessageA
DispatchMessageA
GetDlgItemTextA

gdi32

ExtTextOutA
GetObjectW
SetAbortProc
StartDocW
StartDocA
GetTextMetricsW
SetTextColor
SetMapMode
SetBkMode
SelectObject
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextExtentPointA
EnumFontsW
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontA
CreateFontIndirectW
CreateFontIndirectA
CreateCompatibleBitmap
CreateDCW

winspool.drv

OpenPrinterW
ClosePrinter

comdlg32

PrintDlgExW
PrintDlgA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
GetFileTitleW
FindTextA
FindTextW
ReplaceTextW
ChooseFontA
ChooseFontW

advapi32

StartServiceA
QueryServiceStatus
OpenServiceA
DeleteService
CreateServiceA
ControlService
CloseServiceHandle
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegOpenKeyExA
RegCreateKeyW
RegCreateKeyA
RegCloseKey
LookupPrivilegeValueA
InitializeSecurityDescriptor
OpenProcessToken
IsTextUnicode

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
ShellExecuteExA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f57994b4dece329fdeff65f42ee6ccfd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 956B

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 956B

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 69KB - Virtual size: 68KB