241f5a52d0b8e4701b44813d70bdd7c3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

241f5a52d0b8e4701b44813d70bdd7c3_JaffaCakes118
Size

744KB
MD5

241f5a52d0b8e4701b44813d70bdd7c3
SHA1

6a86f8f3cf8b534453d4709ff25e1e9d4b90616e
SHA256

0ea904c875d7824e0cac18912e7f3b52695b15e92fe4a5ab7fca0704a37375a6
SHA512

b2fd4f8fe9ff990617438c79f83228c51904c6c074ea4784679f34544b41809de9c8c1841355667e35b336d71de7f5cfaa2cc9394cc152feaf1ba2f80630758f
SSDEEP

6144:BBXVX/A7vGHnV/qmuF8S1fYa4BE5+/dhkyt562yzcIu4U0AjPKPSzlIZllYB:nR/A7vGV/qmuFBtfU0qzIllYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
241f5a52d0b8e4701b44813d70bdd7c3_JaffaCakes118

Files

241f5a52d0b8e4701b44813d70bdd7c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5634a1c444a376f2a3dddb324e38347c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
HeapSize
GetTimeZoneInformation
RaiseException
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GlobalFlags
GetACP
GlobalFindAtomA
SetStdHandle
HeapReAlloc
GetFileType
HeapAlloc
GetStartupInfoA
HeapFree
GetCommandLineA
VirtualFree
ExitProcess
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
RtlUnwind
FileTimeToLocalFileTime
GetTickCount
GetOEMCP
FileTimeToSystemTime
SetErrorMode
GetProcessVersion
GetCPInfo
SizeofResource
GetCurrentDirectoryA
WritePrivateProfileStringA
VirtualAlloc
IsBadWritePtr
TlsGetValue
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetExitCodeProcess
CloseHandle
Sleep
LoadLibraryA
GetProcAddress
MulDiv
FreeLibrary
LocalReAlloc
GlobalReAlloc
CreateProcessA
TlsSetValue
GetProfileStringA
SetCurrentDirectoryA
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
GetThreadLocale
LocalAlloc
GetVolumeInformationA
GetFullPathNameA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
GetCurrentProcess
DuplicateHandle
CreateFileA
FindFirstFileA
GetLastError
GetFileTime
FindClose
lstrcpynA
FormatMessageA
GetFileSize
GetFileAttributesA
GetVersion
LocalFree
SetLastError
GlobalAddAtomA
lstrcatA
GlobalGetAtomNameA
CompareStringA
lstrcpyA
GetModuleHandleA
GetVersionExA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetEnvironmentVariableA
CompareStringW
lstrlenA

user32

MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
InflateRect
CharNextA
GetSysColorBrush
LoadCursorA
PtInRect
GetClassNameA
CharUpperA
DestroyMenu
LoadStringA
WindowFromPoint
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ClientToScreen
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
RegisterClipboardFormatA
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
UnhookWindowsHookEx
CallWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
PostThreadMessageA
GetClassLongA
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
PostQuitMessage
RemovePropA
EnumWindows
GetPropA
GetDesktopWindow
GetWindowDC
GetWindowLongA
SetWindowLongA
GetFocus
PostMessageA
SystemParametersInfoA
GetSystemMetrics
GetSystemMenu
AppendMenuA
SetPropA
LoadIconA
SendMessageA
GetClientRect
EnableWindow
GetWindowRect
GetParent
LoadBitmapA
LoadImageA
GetDC
ReleaseDC
RedrawWindow
GetSubMenu
GetSysColor
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
InvalidateRect
ExcludeUpdateRgn
IsWindowUnicode
DefDlgProcA

gdi32

RealizePalette
CreateBitmap
BitBlt
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
DeleteObject
GetViewportExtEx
CreatePen
GetWindowExtEx
CreateSolidBrush
GetObjectA
PtVisible
TextOutA
ExtTextOutA
RectVisible
PatBlt
Escape
GetTextColor
GetBkColor
LPtoDP
GetMapMode
DPtoLP
CreateDIBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetBkMode
GetStockObject
SelectObject
SelectPalette
SaveDC
RestoreDC
SetBkColor
SetTextColor
DeleteDC
SetMapMode
GetClipBox
GetDIBColorTable
CreatePalette
CreateFontA
GetTextExtentPoint32A
CreateCompatibleDC
GetTextMetricsA
GetPixel
CreateCompatibleBitmap
GetDeviceCaps
GetTextExtentPointA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteExA

comctl32

ImageList_Destroy
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoRegisterMessageFilter
CoTaskMemFree
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysFreeString
SysAllocStringLen
VariantClear

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 488KB - Virtual size: 486KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5634a1c444a376f2a3dddb324e38347c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 488KB - Virtual size: 486KB

.nrdata Size: 20KB - Virtual size: 20KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 488KB - Virtual size: 486KB

.nrdata
Size: 20KB - Virtual size: 20KB