a9962f4069e8eb4388bdadf7609df0fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9962f4069e8eb4388bdadf7609df0fd_JaffaCakes118
Size

307KB
MD5

a9962f4069e8eb4388bdadf7609df0fd
SHA1

681be1f84e462d5f297fcaaaf3ae19f5896dbade
SHA256

dd1aecce0bf7d040bb65274e0e41749dc3800e73cf8ed15585f82b7d3e924275
SHA512

8d209f1c29fa74315c3d371cf94c62e597c4332eede574cc86b2b9236f96e61a8a6a220b4efb740bd7de2b46e6d24d09e993c075187f843d6c672e576646c1a8
SSDEEP

6144:RV52FbYmN6A54JA1oxUeggB5OQgcgLl0J:RQXyJA1ouegAOQTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9962f4069e8eb4388bdadf7609df0fd_JaffaCakes118

Files

a9962f4069e8eb4388bdadf7609df0fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4b46be696c7a109c651e327bc07fdf85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GlobalLock
GetOverlappedResult
GlobalUnlock
GetConsoleOutputCP
ResumeThread
UnhandledExceptionFilter
ExitProcess
CreateEventW
CreateMutexA
GetConsoleCP
GetEnvironmentStrings
IsDebuggerPresent
lstrcpyW
WriteConsoleA
QueryPerformanceCounter
WaitForSingleObject
GetTimeFormatW
GetDateFormatW
GetStringTypeW
RaiseException
TlsAlloc
FileTimeToSystemTime
GlobalMemoryStatus
LCMapStringW
CreateFileA
ReadFile
LocalAlloc
GetFileAttributesW
IsValidLocale
MulDiv
UnmapViewOfFile
GetCurrentProcess
GetLocalTime
lstrcmpW
FindFirstFileW
GlobalFree
DeleteCriticalSection
GetLastError
HeapReAlloc
LocalUnlock
GetOEMCP
GetCPInfo
CloseHandle
MultiByteToWideChar
HeapCreate
DebugSetProcessKillOnExit
HeapSize
RtlUnwind
HeapAlloc
IsValidCodePage
GetACP
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsSetValue
TlsGetValue
GetFileType
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle
WriteFile
Sleep
GetModuleHandleW
SetUnhandledExceptionFilter
GetCommandLineA
TlsFree
LocalSize
GlobalSize
FileTimeToLocalFileTime
TerminateProcess
GetConsoleMode
HeapFree
SleepEx
DeleteFileW
VirtualFree
lstrlenW
FormatMessageW
SetHandleCount
EnterCriticalSection
LocalFree
OpenMutexA
ExitThread
GetFileSize
GetSystemTime
GlobalReAlloc
lstrcatW
GetStringTypeA
GetModuleFileNameA
LCMapStringA
CompareStringW
lstrcatA
CreateFileMappingW
GetVersion
SystemTimeToFileTime
SetStdHandle
WaitForMultipleObjects
lstrcpynW
FindResourceA
LoadResource
LockResource
SizeofResource
VirtualAlloc
GetModuleHandleA
LoadLibraryA
GetLocaleInfoA
GetProcAddress

user32

CreateDialogParamW
PostMessageW
UnhookWinEvent
SetWindowLongW
DrawFocusRect
IsDlgButtonChecked
CreateWindowExA
FindWindowA
CallWindowProcW
LoadStringA
GetDC
DefWindowProcW
SendDlgItemMessageW
SendMessageW
DrawTextW
SetFocus
GetWindowPlacement
LoadStringW
IsZoomed
DialogBoxParamW
InvalidateRgn
TrackPopupMenuEx
DrawTextA
IsChild
EmptyClipboard
GetParent
MapWindowPoints
SetProcessDefaultLayout
GetDlgItemTextW
PostQuitMessage
LoadAcceleratorsA
CheckMenuRadioItem
ShowWindow
GetMenuCheckMarkDimensions
ReleaseDC
GetWindowTextW
LoadCursorA
RegisterClassExW
RegisterClassExA
TrackPopupMenu
GetWindowLongW
SetForegroundWindow
EndPaint
GetSystemMenu
SetDlgItemTextW
LoadIconA
GetSysColor
LoadMenuW
CharLowerW
CloseClipboard
CheckRadioButton
SetWindowPlacement
InsertMenuItemA
GetDlgCtrlID
LoadImageW
SystemParametersInfoW
InflateRect
DrawTextExW
MoveWindow
GetMessageA
BeginPaint
GetDesktopWindow
CreateWindowExW
SetScrollPos
SendMessageA
SetMenuItemBitmaps
AttachThreadInput
CreateDialogParamA
EndDialog
ChildWindowFromPoint
RegisterWindowMessageW
CharNextW
SetWindowPos
SetCursor
CharNextA
GetKeyboardLayout
TranslateAcceleratorA
DispatchMessageW
LoadAcceleratorsW
AppendMenuA
GetForegroundWindow
IsDialogMessageA
GetDlgItem
IsClipboardFormatAvailable
SendDlgItemMessageA
IsIconic
GetDialogBaseUnits

gdi32

StartPage
CreateDCW
StretchBlt
SetTextColor
TextOutW
DeleteDC
CreateSolidBrush
EndPage
CreateFontIndirectW
GetObjectA
SetAbortProc
GetTextMetricsW
LPtoDP
DeleteObject
StartDocW
GetDeviceCaps

winspool.drv

OpenPrinterW
GetPrinterDriverW

comdlg32

PrintDlgA
PageSetupDlgW
GetOpenFileNameW
FindTextA
ChooseFontA
GetSaveFileNameW
ChooseFontW
FindTextW

advapi32

OpenServiceA
RegCloseKey
CloseServiceHandle
QueryServiceStatus
RegOpenKeyExA
CreateServiceA
RegSetValueExW
RegDeleteValueA
RegCreateKeyA
RegOpenKeyA
RegCreateKeyW
DeleteService
RegSetValueExA
LookupPrivilegeValueA

shell32

ShellExecuteA
Shell_NotifyIconA

Sections

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b46be696c7a109c651e327bc07fdf85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

Sections

.data Size: 18KB - Virtual size: 18KB

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 242KB - Virtual size: 241KB

.reloc Size: 6KB - Virtual size: 5KB

.data
Size: 18KB - Virtual size: 18KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 242KB - Virtual size: 241KB

.reloc
Size: 6KB - Virtual size: 5KB