08b8e52932646b3fc2b1d62388c0e297_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08b8e52932646b3fc2b1d62388c0e297_JaffaCakes118
Size

1.3MB
MD5

08b8e52932646b3fc2b1d62388c0e297
SHA1

585048824812aa5a4c93be172e30cbab3e8cb5db
SHA256

b249c785134ea16775fdb446830e0f42a94bebd4ed80470a0f9ece13fe6b04a2
SHA512

8e7f1e0d54af8ee6d853ce606a152826fc384177f2f52d131a083b16b74b449a9e0d18dfbdbf59f6fcd3262fd7f3a557e89e421899f4a00ed85903d8e79d5de6
SSDEEP

12288:QjJzCZH8Yz0f3XjhVZnQn5K+JOsFnIjleTsfI9ykLvcF3pppppppb+u6WXncq4z9:QjJ/fX9fQ05sFIjMTy1kLacJqcvko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b8e52932646b3fc2b1d62388c0e297_JaffaCakes118

Files

08b8e52932646b3fc2b1d62388c0e297_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7304988e999c4bbc96ca8b01929fd676

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
FileTimeToLocalFileTime
GetFileTime
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitThread
CreateThread
ExitProcess
Sleep
GetStartupInfoA
GetCommandLineA
GetTimeZoneInformation
HeapReAlloc
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetFileType
SetStdHandle
GetFullPathNameA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
DebugBreak
QueryPerformanceCounter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
IsBadReadPtr
IsBadCodePtr
GetProcessHeap
GetLocaleInfoW
GetVolumeInformationA
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
WritePrivateProfileStringA
FileTimeToSystemTime
RaiseException
GetOEMCP
GetCPInfo
InterlockedIncrement
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
InterlockedDecrement
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
FormatMessageA
LocalFree
SetFilePointer
SetEndOfFile
MoveFileA
DeleteFileA
SetVolumeLabelA
GetDriveTypeA
GetDiskFreeSpaceExA
CreateDirectoryA
SetFileTime
FindFirstFileA
FindClose
GetFileAttributesA
SetFileAttributesA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
LoadLibraryA
GetProcAddress
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetLocalTime
GetTickCount
SetCurrentDirectoryA
CreateProcessA
CloseHandle
WaitForSingleObject
CreateMutexA
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
SizeofResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapSize
InterlockedExchange

user32

PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMessageA
TranslateMessage
GetActiveWindow
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuState
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
IsWindow
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageA
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
GetSysColor
AdjustWindowRectEx
GetParent
EqualRect
RegisterClipboardFormatA
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
MessageBoxA
LoadIconA
GetSystemMetrics
SetTimer
InvalidateRect
IsIconic
SendMessageA
DrawIcon
wsprintfA
CharUpperA
EnableWindow
GetClientRect
LoadBitmapA
PostMessageA
GetSysColorBrush
LoadCursorA
CallNextHookEx

gdi32

CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetStockObject
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreatePen
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateFontA
BitBlt
Rectangle
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

SHFileOperationA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
SysStringLen
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetGetLastResponseInfoA
InternetOpenA
InternetReadFile

winmm

timeGetTime

ws2_32

inet_ntoa
WSAGetLastError
closesocket
htons
inet_addr
WSAStartup
send
shutdown
ntohs
connect

Sections

.text
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 892KB - Virtual size: 889KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7304988e999c4bbc96ca8b01929fd676

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

wininet

winmm

ws2_32

Sections

.text Size: 276KB - Virtual size: 275KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 41KB

.rsrc Size: 892KB - Virtual size: 889KB

.text
Size: 276KB - Virtual size: 275KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 41KB

.rsrc
Size: 892KB - Virtual size: 889KB