03372b297f75b38411735aaeab6d3251_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

03372b297f75b38411735aaeab6d3251_JaffaCakes118
Size

235KB
MD5

03372b297f75b38411735aaeab6d3251
SHA1

8c4f28ce92a33dfe8b06f13064ec4dacffaa1f7f
SHA256

997ca4ab1d3eb353fb5cca42b0f782aaee39bdf64f339c35130a30876a9cde90
SHA512

317bd64e9aa0a5a017be9588f999ff478bf689b7f36f14dda4d9593e0ce7bf0ee38d02ffa2e18a62e5f7ca120b8eb2830f347274246e86e0d30194bb7a767c14
SSDEEP

6144:GkCSjrzTAmeN5j5wYbKCI2SVTBnozUsGO:GSH3mZC2SVKGO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03372b297f75b38411735aaeab6d3251_JaffaCakes118

Files

03372b297f75b38411735aaeab6d3251_JaffaCakes118
.exe windows:4 windows x86 arch:x86

da8ab0e915daa50943d4de86a58f3b50

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
ExitProcess
TerminateProcess
GetSystemTime
GetDriveTypeA
HeapAlloc
RaiseException
HeapReAlloc
HeapFree
HeapSize
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStdHandle
HeapDestroy
GetCPInfo
GetACP
GetCommandLineA
GetTimeZoneInformation
GetModuleHandleA
SetEndOfFile
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LCMapStringA
LCMapStringW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WinExec
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcess
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetProcessVersion
GetVersion
WritePrivateProfileStringA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetLastError
GlobalFlags
GetFileTime
GetFileSize
lstrcmpiA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
LoadLibraryA
lstrcpyA
GetLastError
GetProcAddress
FreeLibrary
VirtualAlloc
UnlockFile
MultiByteToWideChar
LockFile
WaitForSingleObject
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
LocalFree
lstrcatA
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
CloseHandle
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalUnlock
GlobalFree
SetUnhandledExceptionFilter
GetStringTypeA
HeapCreate
VirtualFree
GetStartupInfoA
GetTempPathA
RemoveDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetLogicalDrives
GetModuleFileNameA
GetShortPathNameA
CreateProcessA
DeleteFileA
SetFileAttributesA
CopyFileA
GetFileAttributesA
MoveFileExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetVersionExA

user32

GetClassNameA
PtInRect
ClientToScreen
ShowWindow
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
LoadStringA
DestroyMenu
ScreenToClient
SetWindowTextA
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextA
GetDlgCtrlID
GetClientRect
SetPropA
UnhookWindowsHookEx
GetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
CharLowerA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
PostMessageA
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetActiveWindow
GetSystemMetrics
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
ExitWindowsEx
SendMessageA
PeekMessageA
TranslateMessage
DispatchMessageA
CharUpperA
LoadIconA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetMessagePos
DefWindowProcA
CreateWindowExA
EnableWindow
GetLastActivePopup
GetWindowRect
SetForegroundWindow
WindowFromPoint
UnregisterClassA

gdi32

CreateScalableFontResourceA
CreateBitmap
SetTextColor
SetBkColor
GetObjectA
DeleteObject
GetDeviceCaps
GetStockObject
SelectObject
DeleteDC
SaveDC
RestoreDC
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
AddFontResourceA
RemoveFontResourceA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
InitiateSystemShutdownA
OpenSCManagerA
CloseServiceHandle
RegEnumValueA
RegDeleteValueA
RegQueryInfoKeyA
RegCloseKey
RegSetValueExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ImageList_Destroy
ord17

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da8ab0e915daa50943d4de86a58f3b50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 13KB - Virtual size: 25KB

.idata Size: 7KB - Virtual size: 6KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 23KB - Virtual size: 22KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 13KB - Virtual size: 25KB

.idata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 23KB - Virtual size: 22KB