28af71f4ea0cf70cf97813819cc8ef0d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

28af71f4ea0cf70cf97813819cc8ef0d_JaffaCakes118
Size

584KB
MD5

28af71f4ea0cf70cf97813819cc8ef0d
SHA1

d0530a3d78a6545045184129f8cb1190ea939ad7
SHA256

ea9d17e8c273c9d5b65185d19711de26f1770f74985596d3da1b4cf1633815db
SHA512

bac2ed890b8bc1db76edce7ee76942c307221525cad82b13773d6265a722bded9461c0387417fbef65a0acbd28f1380a6d421d477137549cf800a907809b1528
SSDEEP

12288:pOxmqIktRtPCPE36mUOC8BGgW1RY24ZR/hoN4KXP:ymkVSEhtUgW194ZxKXP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28af71f4ea0cf70cf97813819cc8ef0d_JaffaCakes118

Files

28af71f4ea0cf70cf97813819cc8ef0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef34b38671034673e61ae16c76bd57ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
SetCurrentDirectoryA
GetTempFileNameA
GetProfileIntA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
FindResourceA
LoadResource
FreeResource
lstrcmpiA
WriteProfileSectionA
GetDriveTypeA
GetFileSize
ReadFile
CloseHandle
WriteFile
FindFirstFileA
FindClose
lstrcpyA
MulDiv
lstrlenA
GetTickCount
GlobalHandle
GlobalUnlock
GlobalFree
GlobalAlloc
lstrcpynA
WideCharToMultiByte
GetShortPathNameA
SetErrorMode
GetLastError
GetLocalTime
WritePrivateProfileStringA
GetSystemTimeAsFileTime
SearchPathA
GetPrivateProfileStringA
CompareFileTime
RaiseException
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetProcAddress
LoadLibraryA
GlobalAddAtomA
FreeLibrary
GlobalGetAtomNameA
GlobalDeleteAtom
GetVersionExA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
LockResource
lstrcmpA
GetProfileStringA
WriteProfileStringA
GlobalReAlloc
GetModuleFileNameA
CreateDirectoryA
MultiByteToWideChar
Sleep
CopyFileA
SetFilePointer
CreateFileA
FindNextFileA
GetCurrentThreadId
FormatMessageA
GetFileType
GetOEMCP
GetACP
SetHandleCount
GetStringTypeW
GetStringTypeA
GetCPInfo
VirtualAlloc
VirtualFree
IsBadWritePtr
HeapDestroy
GetEnvironmentVariableA
HeapCreate
GetVersion
GetCommandLineA
ExitProcess
GetFullPathNameA
GetSystemTime
GetStartupInfoA
HeapReAlloc
HeapFree
GetTimeZoneInformation
RtlUnwind
GetModuleHandleA
HeapAlloc
GetThreadSelectorEntry
GetCurrentProcess
GetCurrentThread
GetStdHandle
ReadProcessMemory
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GlobalLock
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

InsertMenuA
TrackPopupMenu
RemoveMenu
DestroyMenu
PeekMessageA
LoadMenuA
TranslateMessage
DispatchMessageA
SetWindowTextA
GetMenu
GetSubMenu
EnableMenuItem
PostMessageA
SetWindowPos
UpdateWindow
GetWindowTextA
CreateWindowExA
DestroyWindow
ClientToScreen
ClipCursor
GetWindowRect
MoveWindow
MapWindowPoints
GetClassInfoA
RegisterClassA
GetDoubleClickTime
GetSystemMetrics
SetMenuItemInfoA
MessageBoxA
CheckDlgButton
CallWindowProcA
LoadCursorA
RegisterClassExA
GetScrollPos
ShowScrollBar
GetScrollRange
ScreenToClient
PtInRect
SetForegroundWindow
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
ChildWindowFromPoint
GetWindowPlacement
WinHelpA
IsWindowVisible
PostQuitMessage
GetMenuItemInfoA
LoadStringA
wsprintfA
GetParent
GetScrollInfo
SetScrollInfo
BeginPaint
GetSysColor
SetRect
DrawTextA
CharUpperBuffA
GetClassLongA
GetWindowDC
IsDialogMessageA
CreatePopupMenu
GetDlgItemInt
SetScrollRange
SetScrollPos
GetCursorPos
CallNextHookEx
IsWindow
SetWindowsHookExA
UnhookWindowsHookEx
DrawFocusRect
InflateRect
EndPaint
GetWindowLongA
SetWindowLongA
GetFocus
SetFocus
InvalidateRect
SetCapture
GetClientRect
SendMessageA
DefWindowProcA
GetDC
CharUpperA
ReleaseDC
WindowFromPoint
SetMenu
CreateDialogIndirectParamA
GetCapture
ReleaseCapture
GetWindow
MessageBeep
FindWindowA
ScrollWindowEx
LoadBitmapA
IsZoomed
InsertMenuItemA
EnableScrollBar
SystemParametersInfoA
IsIconic
CheckMenuItem
IsDlgButtonChecked
LoadIconA
SetActiveWindow
EndDialog
EnableWindow
GetActiveWindow
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
GetMessagePos
SetDlgItemInt
DialogBoxIndirectParamA
ShowWindow
CharLowerA
GetDlgItem
EqualRect
IsRectEmpty
SetRectEmpty
GetAsyncKeyState
MessageBoxIndirectA
SetCursor
GetMenuState
CreateDialogParamA

gdi32

DeleteObject
SelectObject
CreateSolidBrush
GetTextMetricsA
GetDeviceCaps
CreatePatternBrush
CreateBitmap
GetObjectA
ExtTextOutA
SetTextColor
SetBkColor
GetTextExtentPointA
DeleteDC
Rectangle
SetROP2
GetStockObject
CreateDCA
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32A
CreateFontIndirectA
TextOutA
GetKerningPairsA
EnumFontFamiliesExA
CreateDIBitmap
BitBlt
CreateCompatibleDC
AddFontResourceA
RemoveFontResourceA
EndDoc
StartDocA
SetAbortProc
EndPage
SetTextAlign
StartPage
RoundRect
EnumFontFamiliesA
PatBlt
SetBkMode

winspool.drv

EndDocPrinter
OpenPrinterA
StartDocPrinterA
ClosePrinter
WritePrinter

comdlg32

GetOpenFileNameA
PrintDlgA
GetSaveFileNameA

advapi32

RegSetValueExA
RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA

shell32

ShellExecuteA
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc

ole32

CoCreateInstance
CoInitialize
CoUninitialize

comctl32

ImageList_Create
ImageList_AddMasked
CreateToolbarEx
ImageList_Destroy
ImageList_Draw
ImageList_Merge
ord17
PropertySheetA
ord8
ord6
ImageList_ReplaceIcon

mpr

WNetGetConnectionA

lz32

LZOpenFileA
LZClose
LZCopy

dunzip32

dunzip

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 340KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef34b38671034673e61ae16c76bd57ef

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

comctl32

mpr

lz32

dunzip32

version

Sections

.text Size: 340KB - Virtual size: 338KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 44KB - Virtual size: 121KB

.rsrc Size: 112KB - Virtual size: 111KB

.vrdata Size: 68KB - Virtual size: 68KB

.text
Size: 340KB - Virtual size: 338KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 44KB - Virtual size: 121KB

.rsrc
Size: 112KB - Virtual size: 111KB

.vrdata
Size: 68KB - Virtual size: 68KB