2505fa2bab65f06bb98d01f3acac1f67_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2505fa2bab65f06bb98d01f3acac1f67_JaffaCakes118
Size

71KB
MD5

2505fa2bab65f06bb98d01f3acac1f67
SHA1

70c38dd6bd1379530e64fc9068502b0e46fc28f4
SHA256

4827ea44f423fded99da2f63583f2b6328ee3ab10e6d2d2335222d43e9cc1dc1
SHA512

408e0a4e62fa2fe8e6c7c372cc5c67e52a3a98ae049a79317445d977b1a07ad31cf3bc331160ed6bd2aad56534807f4a8e52cd43a9f67ea86ef98359cc0dbe78
SSDEEP

1536:+KkRIwnWLpZ3orhG15m1Q+B6xNSw/SzbIYb+AHIca:+KkiwWXoFe5m1V/7zlbSca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2505fa2bab65f06bb98d01f3acac1f67_JaffaCakes118

Files

2505fa2bab65f06bb98d01f3acac1f67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

706a524425dcbb662ccc0c6fae6e75dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyIcon
DestroyWindow
PostQuitMessage
CreateWindowExW
GetSubMenu
CheckMenuItem
GetMessageW
SetFocus
MessageBoxW
GetKeyboardLayout
EnableWindow
SendMessageW
RegisterClassExW
SetWindowLongW
LoadAcceleratorsW
CopyRect
LoadCursorW
CharLowerW
GetCapture
CallNextHookEx
LoadIconW
GetParent
TranslateMessage
MessageBeep
GetSysColorBrush
ReleaseDC
GetWindowLongW
GetMenuState
LoadStringW
SetWinEventHook
DialogBoxParamW
GetClassNameW
CreateDialogParamW
CharNextW
MsgWaitForMultipleObjects
GetWindowTextW
IsIconic
SetDlgItemTextW
SetParent
LoadCursorA
IsClipboardFormatAvailable
DispatchMessageW
LoadImageW
SetCursor
PostMessageA
EnableMenuItem
PostMessageW
EndPaint
ScreenToClient
GetDlgItem
ShowWindow
PeekMessageW
GetDlgCtrlID
IsDialogMessageW
GetClientRect
DrawTextExW
GetDC
SetWindowPlacement
CharUpperA
IsDlgButtonChecked
MoveWindow
UpdateWindow
GetFocus
DestroyMenu
CharNextA
GetMenu
GetSystemMetrics
DrawEdge
GetDlgItemTextW
CloseClipboard
GetCursorPos
UnhookWinEvent
RegisterWindowMessageA
SetWindowTextW
SendMessageA
EndDialog
CharUpperW
WinHelpW
GetWindowPlacement
DeleteMenu
InvalidateRect
GetSystemMenu
GetDesktopWindow
wsprintfW
GetForegroundWindow
SetScrollPos
ChildWindowFromPoint
MessageBoxA
TranslateAcceleratorW
RegisterWindowMessageW
SetActiveWindow
SendDlgItemMessageW
DefWindowProcW
DrawFocusRect
DispatchMessageA
OpenClipboard
EnumChildWindows

kernel32

WaitForSingleObject
InterlockedIncrement
TlsSetValue
GetModuleHandleW
GetStringTypeW
SetThreadPriority
GetDriveTypeA
CreateFileW
GetTempPathA
GetFileInformationByHandle
GetFullPathNameW
GetTickCount
LocalUnlock
CopyFileA
LeaveCriticalSection
FreeEnvironmentStringsW
GetVersionExA
DeleteFileA
GetCurrentThreadId
GetFileType
GetProcessHeap
OpenMutexA
GetModuleFileNameA
VirtualQuery
SetEndOfFile
lstrcpyW
GetPrivateProfileStringA
RaiseException
LoadLibraryExA
GetFileTime
QueryPerformanceCounter
GetSystemDefaultLCID
lstrcmpiW
UnmapViewOfFile
FindFirstFileA
IsBadReadPtr
GetCommandLineA
GetCurrentProcessId
MultiByteToWideChar
Sleep
CompareStringW
LocalReAlloc
FormatMessageW
lstrcmpW
GetFileSize
GetModuleHandleA
EnterCriticalSection
GetStringTypeA
GetFileAttributesW
LocalLock
SetHandleCount
lstrcpynW
IsDebuggerPresent
GetStartupInfoW
GetVersion
DeleteFileW
GetLocaleInfoW
SetErrorMode
GetUserDefaultUILanguage
CreateFileMappingW
GetDateFormatW
LoadLibraryA
GetProcAddress
GetTempPathW
RtlUnwind
lstrlenA
GlobalSize
ExitProcess
CreateDirectoryA
GetEnvironmentStringsW
lstrcmpiA
MulDiv
LocalAlloc
GetEnvironmentStrings
FormatMessageA
ReleaseMutex
HeapSize
GlobalFree
GetACP
GetUserDefaultLCID
GetLastError
FindFirstFileW
GetCPInfo
VirtualProtect
SetFileTime
InitializeCriticalSection
GetCommandLineW
SetEvent
DeleteCriticalSection
GetSystemTimeAsFileTime
SetFilePointer
WriteConsoleW
TlsGetValue
FindClose
FreeLibrary
GetVolumeInformationW
CreateFileA
VirtualFree
GetSystemTime
lstrcmpA
GlobalAlloc
TerminateProcess
LocalSize
SizeofResource
GlobalLock
GetTimeFormatW
FlushFileBuffers
MapViewOfFile
GlobalUnlock
GetStartupInfoA
lstrlenW
lstrcatW
ReadFile
CloseHandle
GetStdHandle
FlushInstructionCache
GetLocalTime
FindResourceExW
VirtualAlloc
WideCharToMultiByte
InterlockedCompareExchange
FoldStringW
UnhandledExceptionFilter
SetLastError
HeapDestroy
GetCurrentProcess
LocalFree
CreateThread
WriteFile
GetOEMCP
SetUnhandledExceptionFilter

msvcrt

_amsg_exit
exit
__p__commode
_exit
_onexit
_adjust_fdiv
memset
wcsncmp
_initterm
_XcptFilter
memmove
__setusermatherr
_wtol
_purecall
_controlfp
_cexit
__set_app_type
wcsrchr
_snwprintf
_acmdln
_c_exit
iswctype
??3@YAXPAX@Z
wcsncpy
_lock
__getmainargs
??1exception@@UAE@XZ
time
localtime
__p__fmode
realloc

gdi32

SelectObject
GetDeviceCaps
DeleteDC
EnumFontsW
EndPage
CreateDCW
TextOutW
DeleteObject
SetBkMode
StartPage
GetObjectW
LPtoDP
EndDoc
AbortDoc
GetTextExtentPoint32W
GetTextMetricsW
StartDocW
GetStockObject
SetAbortProc
SetViewportExtEx
SetWindowExtEx
GetTextFaceW
CreateFontIndirectW
SetMapMode

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyW
IsTextUnicode
RegSetValueExW
RegCloseKey

shell32

DragQueryFileW
DragFinish
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
OpenPrinterW
ClosePrinter

comdlg32

GetSaveFileNameW
FindTextW
GetFileTitleW
PageSetupDlgW
GetOpenFileNameW
ChooseFontW
PrintDlgExW
CommDlgExtendedError
ReplaceTextW

comctl32

CreateStatusWindowW

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

706a524425dcbb662ccc0c6fae6e75dc

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

gdi32

advapi32

shell32

winspool.drv

comdlg32

comctl32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 42KB - Virtual size: 77KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 42KB - Virtual size: 77KB

.rsrc
Size: 13KB - Virtual size: 12KB