0b727001dfc90cc354bd2ccabe3c23a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0b727001dfc90cc354bd2ccabe3c23a5_JaffaCakes118
Size

2.1MB
MD5

0b727001dfc90cc354bd2ccabe3c23a5
SHA1

b78e8bf3498c500c8f5286aa911890b840a56032
SHA256

90b4088896a05f8e448d76c9df08aa928207319dc898f7136eeca19225047709
SHA512

7e32173862cb96ad64b2aa2511dfd2ad1b4843f6c70e967441dc4fb06d1cbf1b1023f4cceb09a102d2f193cadfec89efee85a534e95cef8b5c4326245744ac61
SSDEEP

49152:bOvb2WPBWZ152ypsDUUmOfIIbUuezh81TvlOuyF:bOjjm5regUlIIbUXUOuyF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b727001dfc90cc354bd2ccabe3c23a5_JaffaCakes118

Files

0b727001dfc90cc354bd2ccabe3c23a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a7b4d3a177803bd594c38696b945f7ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNIA
PathRemoveExtensionA
PathFindFileNameA
PathIsDirectoryA
StrChrA
PathRenameExtensionA
StrRChrA
PathFindExtensionA

imagehlp

MakeSureDirectoryPathExists

winmm

timeGetDevCaps
timeBeginPeriod
timeSetEvent
timeKillEvent
timeEndPeriod

kernel32

GlobalGetAtomNameA
SuspendThread
GetProfileIntA
lstrlenW
GlobalFlags
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetProcessVersion
GetOEMCP
CopyFileA
RtlUnwind
RaiseException
SetEnvironmentVariableA
SetCurrentDirectoryA
HeapReAlloc
HeapSize
CreateThread
ExitThread
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetSystemTimeAsFileTime
GlobalAddAtomA
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsValidLocale
IsValidCodePage
GlobalDeleteAtom
GetUserDefaultLCID
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
GetLocaleInfoW
GetACP
GlobalFindAtomA
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
GlobalReAlloc
GlobalSize
SizeofResource
LockResource
LoadResource
FindResourceA
GetVersionExA
GetCurrentThreadId
SetEvent
lstrcpyA
lstrcmpiA
ResumeThread
GetPrivateProfileIntA
WritePrivateProfileStringA
MulDiv
CreateEventA
InterlockedIncrement
InterlockedDecrement
CloseHandle
FindClose
FindNextFileA
FindFirstFileA
GetVolumeInformationA
SetErrorMode
GetTempPathA
GetThreadLocale
GetStringTypeExA
UnlockFile
LockFile
DuplicateHandle
SetLastError
GetTickCount
FormatMessageA
QueryPerformanceFrequency
QueryPerformanceCounter
LocalAlloc
LocalFree
GetCurrentDirectoryA
GetDriveTypeA
GetDiskFreeSpaceA
CreateDirectoryA
DeleteFileA
SetFileAttributesA
Sleep
lstrcatA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
ResetEvent
GetFileSize
GetCurrentThread
SetThreadPriority
MoveFileA
DeviceIoControl
SetFileAttributesW
GetFileAttributesW
CreateDirectoryW
FindFirstFileW
FindNextFileW
GetCPInfo
GetFileType
ReadFile
GetStdHandle
WriteFile
FlushFileBuffers
CreateFileW
GetCurrentProcess
HeapAlloc
CreateMutexA
InterlockedExchange
ReleaseMutex
GetProcessHeap
HeapFree
FileTimeToDosDateTime
GetFileTime
GetFileAttributesA
GetLocaleInfoA
SetVolumeLabelA
GetFullPathNameA
FileTimeToLocalFileTime
SetFileTime
GetVersion
WinExec
LoadLibraryA
FreeLibrary
MultiByteToWideChar
GetDateFormatA
GetPrivateProfileStringA
CompareFileTime
IsDBCSLeadByte
GetProcAddress
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetSystemTime
GetTimeZoneInformation
GetLocalTime
lstrcmpA
GetProfileStringA
GetEnvironmentVariableA
GetModuleHandleA
CreateFileA
SetFilePointer
SetEndOfFile
GetModuleFileNameA
GetLastError
GetWindowsDirectoryA
GetTempFileNameA
GetShortPathNameA
lstrcpynA
FindNextChangeNotification
FindFirstChangeNotificationA
FindCloseChangeNotification
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
EnumSystemLocalesA

user32

PostThreadMessageA
GetClassNameA
InsertMenuA
IsZoomed
ShowOwnedPopups
FindWindowA
RegisterClipboardFormatA
InvertRect
GetSystemMenu
AppendMenuA
GetMessageA
ValidateRect
WindowFromPoint
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
GetDesktopWindow
LoadAcceleratorsA
SetRectEmpty
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
MapWindowPoints
AdjustWindowRectEx
DeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemID
SetWindowPlacement
GetWindowTextLengthA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetForegroundWindow
IntersectRect
GetWindowPlacement
GetNextDlgTabItem
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
LoadStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
MessageBoxA
CharUpperA
CharLowerA
OemToCharBuffA
CharToOemA
OemToCharA
DrawTextExA
SetWindowTextA
CreateWindowExA
GetDlgItem
GetWindowTextA
EndDialog
SetFocus
TranslateAcceleratorA
GetSubMenu
DeleteMenu
IsWindowVisible
GetMenu
SetMenu
IsIconic
SetForegroundWindow
GetFocus
RegisterWindowMessageA
ShowCursor
CopyIcon
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
CharNextA
IsWindowUnicode
ReleaseDC
GetDC
GetWindowRect
DestroyCursor
LockWindowUpdate
GetLastActivePopup
DestroyIcon
LoadImageA
GetCursor
MessageBeep
MapVirtualKeyA
CopyAcceleratorTableA
GetMenuItemInfoA
GetMenuStringA
LoadMenuA
DestroyAcceleratorTable
LoadIconA
CreateAcceleratorTableA
GetMessagePos
GetCapture
SetRect
GetSystemMetrics
DrawFrameControl
DrawEdge
DrawFocusRect
UpdateWindow
LoadBitmapA
KillTimer
DrawTextA
GetMenuItemCount
GetMenuDefaultItem
CreatePopupMenu
ScreenToClient
TrackPopupMenu
DestroyMenu
TranslateMessage
DispatchMessageA
PostQuitMessage
IsWindow
SetCursor
GetDCEx
ReleaseCapture
SetCapture
RedrawWindow
GetClassLongA
FillRect
ClientToScreen
BeginDeferWindowPos
EndDeferWindowPos
IsRectEmpty
SystemParametersInfoA
GetSysColorBrush
LoadCursorA
GetCursorPos
GetKeyState
GetSysColor
OffsetRect
CopyRect
wsprintfA
MsgWaitForMultipleObjects
PtInRect
EqualRect
UnhookWindowsHookEx
SetTimer
GetClientRect
GetParent
SetWindowsHookExA
CallNextHookEx
PostMessageA
GetDlgCtrlID
SetWindowPos
SetParent
SetWindowLongA
GetWindowLongA
ShowWindow
FindWindowExA
SendMessageA
GetWindow
InvalidateRect
InflateRect
EnableWindow
PeekMessageA
GrayStringA

gdi32

SetBkMode
SetTextColor
SaveDC
RestoreDC
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
RectVisible
CreateRectRgn
CreatePatternBrush
PtVisible
TextOutA
Escape
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
LPtoDP
GetCharWidthA
CreateFontA
CopyMetaFileA
CreateBitmap
GetClipBox
Polyline
SetBkColor
ExtTextOutA
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
CreateDCA
GetBitmapDimensionEx
StretchBlt
CreateSolidBrush
SetPixel
DeleteDC
SelectObject
Polygon
Rectangle
CreateRectRgnIndirect
PatBlt
GetTextColor
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetPaletteEntries
CreateDIBitmap
DeleteObject
GetObjectA
GetStockObject
GetDIBits
CreatePalette
GetDeviceCaps
CreateHalftonePalette
SelectPalette
RealizePalette
SetStretchBltMode
SetBrushOrgEx
SetDIBitsToDevice
GetTextExtentPointA
StretchDIBits

comdlg32

ChooseColorA
ChooseFontA
GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

LookupPrivilegeValueA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
GetSecurityDescriptorLength
GetSecurityDescriptorGroup
IsValidSid
GetSecurityDescriptorOwner
RegCreateKeyA
RegSetValueA
GetFileSecurityA
RegOpenKeyA
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
RegCloseKey
AdjustTokenPrivileges
GetSecurityDescriptorControl
GetKernelObjectSecurity
SetKernelObjectSecurity
IsValidSecurityDescriptor
GetSecurityDescriptorDacl
IsValidAcl
GetSecurityDescriptorSacl

shell32

DragAcceptFiles
SHBrowseForFolderA
Shell_NotifyIconA
ShellExecuteA
DragFinish
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
SHGetFileInfoA
SHGetPathFromIDListA
ExtractIconA
DragQueryFileA
SHFileOperationA

comctl32

ImageList_ReplaceIcon
ImageList_GetImageInfo
ImageList_GetIcon
ord17
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
ReleaseStgMedium
OleFlushClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CreateStreamOnHGlobal
CoCreateInstance
OleIsCurrentClipboard
OleDuplicateData
CoTaskMemAlloc

olepro32

ord251

oleaut32

VarDateFromStr

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdat
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a7b4d3a177803bd594c38696b945f7ae

Headers

File Characteristics

Imports

shlwapi

imagehlp

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 292KB - Virtual size: 292KB

.data Size: 108KB - Virtual size: 352KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 96KB - Virtual size: 96KB

.rdat Size: 8KB - Virtual size: 5KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 292KB - Virtual size: 292KB

.data
Size: 108KB - Virtual size: 352KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 96KB - Virtual size: 96KB

.rdat
Size: 8KB - Virtual size: 5KB