153380410c9fcb927993b9667585036d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

153380410c9fcb927993b9667585036d_JaffaCakes118
Size

353KB
MD5

153380410c9fcb927993b9667585036d
SHA1

2cf06924259a4df72b061c0733d0448e06c25b19
SHA256

a9ccaefcc2b351e42d189717244345f973f4ccc2474d90bbcc5a2d3e3f72f207
SHA512

2b30ca0dd1f31e47d8d1d15dc0ce4df6dcc0e9c60c8ae25cd5b94312254021e1dc0f15c3ff7bfef86e1de8678f700d5f9a61bce49f6ab1b420f80a82a58788df
SSDEEP

6144:K0jHAeNE5icZyFBTSikwTHH1tnCy89jlzBBY:K2CEFoiJTCXO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
153380410c9fcb927993b9667585036d_JaffaCakes118

Files

153380410c9fcb927993b9667585036d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5b77a4c6657bbf0af2f8ad0333ec456

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CreateThread
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapAlloc
TerminateThread
ExpandEnvironmentStringsA
GetTempPathA
GetSystemDirectoryA
CreateDirectoryA
GetProfileStringA
HeapFree
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
FindFirstFileA
FindClose
MoveFileA
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
SetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
GlobalFlags
MulDiv
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
TlsAlloc
LoadLibraryA
FreeLibrary
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
FormatMessageA
LocalFree
SuspendThread
SetThreadPriority
ResumeThread
CloseHandle
GetModuleFileNameA
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
Sleep
WideCharToMultiByte
EnumResourceNamesA
FindResourceExA
SizeofResource
lstrcmpA
GlobalLock
GlobalUnlock
LoadLibraryExA
lstrlenA
MultiByteToWideChar
lstrlenW
GlobalAlloc
InitializeCriticalSection
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
GlobalHandle
GlobalFree
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
GetProcAddress
GetCurrentProcess
OutputDebugStringA
DeleteCriticalSection
HeapDestroy
LocalAlloc
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedExchangeAdd

user32

CopyRect
GetTopWindow
GetCapture
WinHelpA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgCtrlID
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamA
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
EnableMenuItem
GetMessageA
ScreenToClient
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
GetNextDlgTabItem
EndDialog
GetWindowRect
SystemParametersInfoA
AdjustWindowRectEx
SendDlgItemMessageA
MapWindowPoints
ShowWindow
UpdateWindow
EnableWindow
KillTimer
SetTimer
PostMessageA
LoadIconA
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
wsprintfA
CreateWindowExA
CreateAcceleratorTableA
IsDialogMessageA
InflateRect
GetDesktopWindow
RedrawWindow
DestroyWindow
IsWindow
GetParent
GetClassNameA
SetWindowPos
GetFocus
IsChild
SetFocus
GetDC
ReleaseDC
BeginPaint
TranslateMessage
DestroyMenu
LoadStringA
GetSysColorBrush
GrayStringA
DrawTextA
TabbedTextOutA
GetWindowDC
ClientToScreen
PtInRect
MapDialogRect
GetAsyncKeyState
CheckMenuItem
MessageBoxA
DialogBoxIndirectParamA
GetActiveWindow
SetWindowLongA
RegisterClassExA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetClientRect
FillRect
EndPaint
GetDlgItem
SendMessageA
GetSysColor
CallWindowProcA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindow
DefWindowProcA
RegisterWindowMessageA
GetClassInfoExA
LoadCursorA
IsWindowUnicode
CharNextA
DefDlgProcA
GetClassInfoA

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
SaveDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
EnumFontFamiliesExA
PatBlt
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
RestoreDC
GetTextExtentPointA
CreateDIBitmap
SelectObject
DeleteDC
BitBlt

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
ChangeServiceConfigA
CloseServiceHandle

shell32

ShellExecuteExA
ShellExecuteA

comctl32

DestroyPropertySheetPage
PropertySheetA
ord17
CreatePropertySheetPageA

ole32

CLSIDFromProgID
CoCreateInstance
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
CLSIDFromString

olepro32

ord253

oleaut32

VariantClear
LoadRegTypeLi
SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString
GetErrorInfo

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetOpenA
InternetConnectA
HttpQueryInfoA
InternetOpenUrlA
InternetCloseHandle
InternetSetOptionA

msi

ord65
ord172

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathRemoveFileSpecA
PathCombineA
PathIsDirectoryA
PathRemoveExtensionA
PathStripPathA
PathFindFileNameA
PathFileExistsA

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5b77a4c6657bbf0af2f8ad0333ec456

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

ole32

olepro32

oleaut32

wininet

msi

version

shlwapi

Sections

.text Size: 240KB - Virtual size: 237KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 28KB - Virtual size: 45KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 240KB - Virtual size: 237KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 28KB - Virtual size: 45KB

.rsrc
Size: 56KB - Virtual size: 52KB