2a6ac64c1311f03bbd667c56545397b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a6ac64c1311f03bbd667c56545397b9_JaffaCakes118
Size

354KB
MD5

2a6ac64c1311f03bbd667c56545397b9
SHA1

a19710b1c4c0da4a3d9d9e4626ae5d663e1cb9b2
SHA256

af75c3ba0509a320042aec3bacd81fe0ae0653f372cc2d83cd85a4c91712dfff
SHA512

d7d66d8c01fa6cca71ff8b383937d0673ead8755083ee2e1349dfa1654f2bb5d376826e16e05f0a9cce54ccc02dddfd2b0c9f5ab45204966104e05c4e0e9bf25
SSDEEP

6144:7Jp8MklTUhB0iDoJY1DY6ZlRcZOxhxUg17OOh31EFpteoaNudIwwRJsePBDSiL:Vp8hlwLVIp0le0xXv17hlEXEu6wcsePf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a6ac64c1311f03bbd667c56545397b9_JaffaCakes118

Files

2a6ac64c1311f03bbd667c56545397b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57826afc54b9d89fde21054af31164c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetTimeFormatW
GetCommandLineW
InitializeCriticalSection
LocalSize
VirtualProtect
FindFirstFileW
IsDebuggerPresent
GetProcessHeap
HeapFree
GlobalLock
LocalReAlloc
WriteFile
LocalFree
GetConsoleCP
OpenMutexA
FindClose
LCMapStringA
SetEndOfFile
GetFileAttributesW
Sleep
GlobalFree
GetModuleHandleA
GlobalUnlock
LocalLock
GetVersionExA
LCMapStringW
OutputDebugStringA
FoldStringW
MultiByteToWideChar
GetStringTypeW
HeapDestroy
InterlockedCompareExchange
CreateFileMappingW
GetVersion
CompareStringW
WaitForSingleObject
ExpandEnvironmentStringsW
GetLocalTime
lstrcmpW
VirtualAlloc
GetCommandLineA
GetFileSize
LocalAlloc
QueryPerformanceCounter
CreateFileW
GetSystemTimeAsFileTime
lstrcmpiW
lstrcatW
UnhandledExceptionFilter
HeapReAlloc
GetFileInformationByHandle
ExitProcess
LockFile
GetLastError
MulDiv
SizeofResource
CloseHandle
GetUserDefaultUILanguage
CreateFileA
FormatMessageW
GetStdHandle
GetFileType
TlsSetValue
GlobalAlloc
GetCurrentProcess
SetLastError
FreeEnvironmentStringsA
GetStartupInfoA
GetCurrentProcessId
SetHandleCount
GetDateFormatW
ReadFile
GetACP
lstrcpyW
GetOEMCP
ReleaseMutex
lstrlenW
GetTickCount
GetSystemDirectoryA
TerminateProcess
GetProcAddress
DisableThreadLibraryCalls
GetLocaleInfoA
GetLocaleInfoW
GetVersionExW
GetSystemInfo
lstrcpynW
LocalUnlock
HeapCreate
IsDBCSLeadByte
UnmapViewOfFile
SetUnhandledExceptionFilter
DeleteFileW
MoveFileA
GetUserDefaultLCID
RaiseException
LoadLibraryA
HeapAlloc
GetEnvironmentStrings
GetCurrentThreadId
GetEnvironmentStringsW
MapViewOfFile
TlsGetValue
WideCharToMultiByte
WriteConsoleA

user32

MessageBoxW
SetScrollPos
GetKeyboardLayout
CallWindowProcW
EnableWindow
DrawTextExW
GetSubMenu
SetWindowLongW
EndDialog
GetDC
GetMenu
DefWindowProcW
ScreenToClient
GetPropW
RegisterWindowMessageW
OpenClipboard
DispatchMessageW
IsClipboardFormatAvailable
SetWindowPlacement
SetWinEventHook
LoadImageW
DialogBoxParamW
DispatchMessageA
SetDlgItemTextW
GetDlgItemTextW
SetCursor
LoadIconA
GetSystemMenu
LoadCursorW
RegisterClassW
DestroyWindow
CreateWindowExW
GetWindowThreadProcessId
GetSystemMetrics
GetDlgCtrlID
SetTimer
SystemParametersInfoW
GetMenuState
GetMessageW
TranslateMessage
GetParent
GetWindowLongW
WinHelpW
LoadAcceleratorsW
UpdateWindow
wsprintfW
SetFocus
LoadStringW
SendMessageW
EnableMenuItem
RegisterClassExW
CharNextA
CreateDialogParamW
CheckMenuItem
UnhookWinEvent
CharUpperW
IsDialogMessageW
GetWindowTextW
GetCursorPos
GetWindowPlacement
GetForegroundWindow
CharLowerW
PeekMessageA
PeekMessageW
CloseClipboard
LoadIconW
SetActiveWindow
ShowWindow
GetDlgItem
MessageBeep
SetWindowTextW
SetWindowLongA
TranslateAcceleratorW
IsIconic
SendDlgItemMessageW
PostQuitMessage
CharNextW
GetDesktopWindow
InvalidateRect
RegisterWindowMessageA
MoveWindow
ChildWindowFromPoint
GetFocus
PostMessageW
ReleaseDC
GetClientRect

msvcrt

_cexit
exit
wcstoul
iswctype
__setusermatherr
_adjust_fdiv
_acmdln
wcsncmp
memmove
time
__p__commode
_controlfp
localtime
__set_app_type
_XcptFilter
__p__fmode
_exit
__wgetmainargs
_amsg_exit
__dllonexit
_vsnwprintf
_snwprintf
_initterm
_c_exit
_wtol
memcpy
memset
__getmainargs
_lock
wcsncpy

shell32

DragQueryFileW
ShellAboutW
DragFinish
DragAcceptFiles

gdi32

SetAbortProc
SetViewportExtEx
DeleteObject
GetStockObject
SetBkMode
EnumFontsW
LPtoDP
StartDocW
StartPage
GetTextExtentPoint32W
SetMapMode
CreateDCW
EndPage
GetObjectW
DeleteDC
CreateFontIndirectW
GetTextFaceW
TextOutW
AbortDoc
SelectObject
SetWindowExtEx
GetTextMetricsW
GetDeviceCaps
EndDoc

advapi32

IsTextUnicode
RegCloseKey
RegQueryValueExW
RegOpenKeyExA
RegSetValueExW
RegCreateKeyW
RegQueryValueExA

comdlg32

PrintDlgExW
FindTextW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW
GetFileTitleW
GetSaveFileNameW
ReplaceTextW
PageSetupDlgW

comctl32

CreateStatusWindowW

winspool.drv

GetPrinterDriverW
OpenPrinterW
ClosePrinter

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 510KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57826afc54b9d89fde21054af31164c0

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

shell32

gdi32

advapi32

comdlg32

comctl32

winspool.drv

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 291KB - Virtual size: 290KB

.data Size: 51KB - Virtual size: 510KB

.reloc Size: 512B - Virtual size: 242B

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 291KB - Virtual size: 290KB

.data
Size: 51KB - Virtual size: 510KB

.reloc
Size: 512B - Virtual size: 242B

.rsrc
Size: 7KB - Virtual size: 7KB