00402e7d9d7c5c3d3d5cc3b268044532_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

00402e7d9d7c5c3d3d5cc3b268044532_JaffaCakes118
Size

724KB
MD5

00402e7d9d7c5c3d3d5cc3b268044532
SHA1

d8cb91ed0793ab448c9761f08e1de704c9f7b845
SHA256

e4b9259e9ffef63ec36fd69409fa257ff40ca24d399c0b45cfec4619665410af
SHA512

7a9c187a53f0ed37a7251b58348d2e4bf619cd74a474af6c24f98ea2ccbcddaa2b0cd45808e80e4f023a52fb7e7f32b5b91b41d8a9eb5f4919054ebb424c859d
SSDEEP

12288:8aCbU2aqdBV1GNbUd0kqcj5Qt3dq5nIWAHcQ+Q36+7fEV7wtR:8aCbURqdBV2Ud9JjOtXWAHZtpjEVst

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00402e7d9d7c5c3d3d5cc3b268044532_JaffaCakes118

Files

00402e7d9d7c5c3d3d5cc3b268044532_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d06854bf41067e60cf7e7cab5249b1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
SHBrowseForFolderW
DragQueryFileW
SHGetFolderPathW

comctl32

ImageList_Draw
ord17
InitCommonControlsEx
DestroyPropertySheetPage
ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Add
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_LoadImageW
CreateStatusWindowW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

gdi32

SelectClipPath
PtInRegion
GetNearestPaletteIndex
Polyline
DeleteObject
BeginPath
GetCurrentObject
CreateCompatibleDC
GetClipBox
SetBrushOrgEx
GetObjectA
FloodFill
TextOutA
DeleteDC
SetViewportOrgEx
SetBoundsRect
SetBitmapBits
FillRgn
RectInRegion
PathToRegion
ResetDCA
SelectObject
RealizePalette
SetViewportExtEx
GetClipRgn
GetFontData
OffsetViewportOrgEx
RectVisible
CreatePolygonRgn
GetTextExtentPoint32A
CreateFontA
OffsetClipRgn
CreateDCA
GetDeviceCaps
GetNearestColor
CreateRoundRectRgn
PolyBezierTo
GetDCOrgEx
EndPath
AbortDoc
UnrealizeObject
ExtFloodFill

kernel32

CreateFileA
FlushInstructionCache
OpenProcess
ReleaseSemaphore
CompareStringA
GlobalDeleteAtom
GlobalLock
WaitForSingleObject
GetCurrentThread
GetProcAddress
GetCurrentProcessId
IsDebuggerPresent
TerminateProcess
WinExec
GetStdHandle
SetStdHandle
ExitThread
GetFileAttributesW
WriteConsoleA
VirtualFree
GetStringTypeW
VirtualProtect
SetFileAttributesW
SetUnhandledExceptionFilter
GetOEMCP
InitializeCriticalSection
GetUserDefaultLCID
SetCurrentDirectoryA
VirtualQuery
FindFirstFileA
SetEndOfFile
InterlockedIncrement
FreeLibrary
GlobalReAlloc
LoadLibraryA
GetACP
FindNextFileW
HeapCreate
GetProcessHeap
FreeEnvironmentStringsW
GlobalSize
DuplicateHandle
FindFirstFileW
ExitProcess
HeapFree
OutputDebugStringA
SetEvent
GetModuleHandleA
SetHandleCount
GetCurrentProcess
GetStringTypeA
RaiseException
GetSystemTimeAsFileTime
EnterCriticalSection
GlobalUnlock
DeviceIoControl
GetLocaleInfoW
GlobalAlloc
MultiByteToWideChar
FileTimeToLocalFileTime
LCMapStringW
WriteFile
LoadLibraryW
TlsFree
GetLastError
EnumSystemLocalesA
GetTempPathW
IsValidCodePage
WideCharToMultiByte
RtlUnwind
QueryPerformanceCounter
GetEnvironmentStrings
DeleteFileW
GetConsoleCP
UnhandledExceptionFilter
CompareStringW
GetTickCount
GetEnvironmentStringsW
DeleteCriticalSection
FlushFileBuffers
LockResource
GetTimeFormatA
UnmapViewOfFile
CreateMutexA
SetErrorMode
InterlockedDecrement
GetFileType
GetFileAttributesA
LeaveCriticalSection
TlsGetValue
TlsSetValue
CloseHandle
SetFilePointer
WriteConsoleW
LocalFree
LCMapStringA
LocalAlloc
GetLocaleInfoA
LoadResource
SystemTimeToFileTime
VirtualAlloc
GetTempPathA
GetCommandLineW
HeapAlloc
GetStartupInfoA
SetEnvironmentVariableA
Sleep
GetConsoleOutputCP
ReadFile
GetSystemInfo
GetCPInfo
GetModuleHandleW
GetVersionExA
GetModuleFileNameA
HeapDestroy
HeapSize
SetLastError
CreateFileMappingA
HeapReAlloc
CreatePipe
GetUserDefaultLangID
GetCommandLineA
FreeEnvironmentStringsA
lstrlenA
FindClose
GetSystemDirectoryA
InterlockedExchange
GetSystemTime
TlsAlloc
GetFileSize
FileTimeToSystemTime
lstrlenW
GetDateFormatA
FreeResource
GlobalHandle
CreateThread
GetThreadLocale
GetCurrentThreadId
GetTimeZoneInformation
GetConsoleMode
IsValidLocale

user32

LoadIconA
LoadCursorA
RegisterClassExA
RegisterClassA
LoadAcceleratorsA
LoadBitmapA
DestroyAcceleratorTable
LoadStringA
DestroyIcon

advapi32

InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
GetUserNameW
RegEnumValueW
RegQueryValueExW

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d06854bf41067e60cf7e7cab5249b1b

Headers

File Characteristics

Imports

shell32

comctl32

version

gdi32

kernel32

user32

advapi32

winspool.drv

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 476KB - Virtual size: 472KB

.data Size: 96KB - Virtual size: 103KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 476KB - Virtual size: 472KB

.data
Size: 96KB - Virtual size: 103KB

.rsrc
Size: 32KB - Virtual size: 29KB