1730b8579bd1305b134f793caa28be31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1730b8579bd1305b134f793caa28be31_JaffaCakes118
Size

356KB
MD5

1730b8579bd1305b134f793caa28be31
SHA1

fec4c3df94ecffab716786db8a88ed33ec652774
SHA256

5b1f53be3efe69d31a65076ffced9f3a8a20357443fc3b8163bd06d6864d19cc
SHA512

a3bcceb4fa318d64219fb7c10914101cdc44d053e0936eb98413d869be53d447cc812e2ec1f600d0be43577a8831ec1840cb89e372da59ccc0b4ab66a1d40fff
SSDEEP

6144:kf8f5l7fQ98+5H3UkiTYpzj3EOBce3+pqGmxSuQqRsQQ6AD:QlRiTYVv/Og3SuNQ6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1730b8579bd1305b134f793caa28be31_JaffaCakes118

Files

1730b8579bd1305b134f793caa28be31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12be62130a9b7b8cea0cd972d86f4223

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

PeekMessageW
CheckMenuItem
GetDlgItem
GetMessageW
PostMessageW
LoadStringW
CloseClipboard
OpenClipboard
GetForegroundWindow
GetMenuState
SetWinEventHook
WinHelpW
DeleteMenu
DestroyIcon
CallWindowProcW
GetSystemMenu
ReleaseDC
RegisterWindowMessageW
MessageBeep
MoveWindow
SetDlgItemTextA
ChildWindowFromPoint
EndDialog
GetDesktopWindow
SetWindowLongW
LoadAcceleratorsW
LoadMenuW
wsprintfA
GetCursorPos
CreateDialogParamW
GetSystemMetrics
SetDlgItemTextW
GetWindowLongW
SetWindowPlacement
IsClipboardFormatAvailable
DestroyWindow
PostQuitMessage
GetWindowTextW
GetMenuItemID
GetClientRect
CharUpperW
LoadImageW
SetActiveWindow
SetForegroundWindow
DispatchMessageW
GetMenu
TranslateMessage
SetTimer
GetParent
GetSubMenu
SendMessageW
ScreenToClient
TranslateAcceleratorW
EnumThreadWindows
UnhookWinEvent
ShowWindow
DialogBoxParamW
SetWindowTextA
CreateWindowExW
GetDC
SetScrollPos
RegisterClassExW
InvalidateRect
CharLowerW
MessageBoxW
SetFocus
DefWindowProcW
SetWindowTextW
DestroyMenu
LoadBitmapW
EnableMenuItem
CharNextW
DrawTextExW
SendDlgItemMessageW
wsprintfW
GetFocus
SetCursor
EqualRect
PtInRect
RegisterClassA
IsIconic
RegisterClassW
IsDialogMessageW
GetWindowPlacement
GetClassNameW
ValidateRect
UpdateWindow
EnableWindow
GetDlgItemTextW
GetDlgCtrlID
GetKeyboardLayout
LoadCursorW
LoadIconW

kernel32

InitializeCriticalSection
HeapAlloc
ReadFile
CreateFileMappingW
TlsAlloc
DeleteFileA
lstrlenA
FormatMessageA
SetEvent
GetUserDefaultUILanguage
SetThreadPriority
WideCharToMultiByte
GlobalFree
GetTickCount
MultiByteToWideChar
MapViewOfFile
lstrlenW
LocalReAlloc
GlobalDeleteAtom
UnmapViewOfFile
CreateMutexA
RemoveDirectoryW
SetHandleCount
GetUserDefaultLCID
GetVersion
DeleteFileW
MulDiv
GetDateFormatW
RtlUnwind
CloseHandle
lstrcatA
FreeEnvironmentStringsW
FoldStringW
GetThreadLocale
ExitProcess
GetOEMCP
IsBadCodePtr
GetModuleHandleA
SetUnhandledExceptionFilter
TerminateProcess
GetEnvironmentVariableA
SetEndOfFile
CompareStringW
GetCommandLineW
lstrcmpW
SetLastError
GetCurrentProcess
GetCPInfo
WriteFile
GetLocaleInfoW
GlobalSize
GetSystemTimeAsFileTime
GetTempFileNameW
LocalSize
UnlockFile
EnterCriticalSection
RaiseException
GlobalUnlock
GetLastError
FlushFileBuffers
DisableThreadLibraryCalls
FindFirstFileW
lstrcatW
UnhandledExceptionFilter
InterlockedCompareExchange
GlobalLock
InterlockedIncrement
lstrcmpiW
QueryPerformanceFrequency
LocalUnlock
GetModuleFileNameW
LocalLock
GetEnvironmentVariableW
VirtualQuery
CreateMutexW
GetStartupInfoA
VirtualProtect
GetLocalTime
LocalAlloc
GetACP
OutputDebugStringW
GetCurrentProcessId
LoadLibraryA
DeviceIoControl
HeapCreate
TlsFree
LeaveCriticalSection
GetProcessHeap
lstrcpyA
GetEnvironmentStrings
GetProcAddress
GetCurrentThreadId
LocalFree
GetSystemDefaultLangID
WaitForSingleObject
GetFileInformationByHandle
QueryPerformanceCounter
DeleteCriticalSection
FormatMessageW
GetFileAttributesW
SizeofResource
lstrcpynW
LoadResource
InterlockedDecrement
GetSystemTime
GetFileType
LCMapStringA
FindClose
CreateFileW
GetTimeFormatW
GetStringTypeA
lstrcpyW

msvcrt

__p__fmode
wcsstr
??_U@YAPAXI@Z
localtime
__p__commode
_controlfp
__setusermatherr
wcsncpy
wcsncmp
time
_unlock
__set_app_type
_exit
memset
_c_exit
wcsrchr
calloc
_cexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
iswctype
_errno
__getmainargs
exit
__CxxFrameHandler
_wcsicmp
_XcptFilter
?what@exception@@UBEPBDXZ
_wtoi
atoi
_acmdln
_initterm
??0exception@@QAE@ABQBD@Z
memcpy
_adjust_fdiv
_wtol
_snwprintf

winspool.drv

GetPrinterDriverW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
IsTextUnicode
RegCloseKey
RegCreateKeyW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
ChooseFontW
GetFileTitleW
ReplaceTextW
FindTextW
PrintDlgExW
CommDlgExtendedError
PageSetupDlgW

gdi32

DeleteObject
GetDeviceCaps
SetAbortProc
EndPage
DeleteDC
TextOutW
StartPage
SetBkMode
GetTextFaceW
GetObjectW
StartDocW
SelectObject
CreateFontIndirectW
CreateDCW
AbortDoc
EndDoc
SetViewportExtEx
GetTextExtentPoint32W
SetWindowExtEx
SetMapMode
LPtoDP
GetTextMetricsW
GetStockObject
EnumFontsW

shell32

DragQueryFileW
DragAcceptFiles
ShellAboutW
DragFinish

comctl32

CreateStatusWindowW

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 295KB - Virtual size: 750KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 218B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12be62130a9b7b8cea0cd972d86f4223

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

winspool.drv

advapi32

comdlg32

gdi32

shell32

comctl32

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 295KB - Virtual size: 750KB

.reloc Size: 512B - Virtual size: 218B

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 295KB - Virtual size: 750KB

.reloc
Size: 512B - Virtual size: 218B

.rsrc
Size: 7KB - Virtual size: 6KB