40475e7b50cdf487025194945475bd80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40475e7b50cdf487025194945475bd80_JaffaCakes118
Size

193KB
MD5

40475e7b50cdf487025194945475bd80
SHA1

47e8f20f1e94925a881712a2d3861737bb987d33
SHA256

c0a175cedcd191e52c23992d80ed9bb063c5fc0d0a7c9664a92d97bb7bb4386b
SHA512

37d4a3aeb38a8964f8bf1e923a0feeb04d446b644ad134b5431c55df2d0114c78c5cca721a4528aaec3125a69eb9645c74473e89587f1b05b742a0dfd2af7077
SSDEEP

6144:v5wtKe4UH4Fc+Gb13pSp1y+5bPO71ZXvuAaG:h4QFqb1ZsfFmxZXv1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40475e7b50cdf487025194945475bd80_JaffaCakes118

Files

40475e7b50cdf487025194945475bd80_JaffaCakes118
.exe windows:3 windows x86 arch:x86

fe8f65217576c2c1f5e047cb30c961a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
WaitForMultipleObjects
GetExpandedNameA
GetLongPathNameW
LoadLibraryW
GetModuleHandleW
lstrcatW
GlobalFindAtomA
GetFileType
GetProcAddress
GetFullPathNameA
SetEvent
ReadDirectoryChangesW
MoveFileA
GetVersion
DisconnectNamedPipe
lstrlenA
GetTimeFormatA
GetLastError
OpenEventA
SetComputerNameA
SetLocaleInfoA
GetTempFileNameA
GetModuleHandleA
OpenWaitableTimerA
ReplaceFileW
LoadResource
InitializeCriticalSection
EnumTimeFormatsA
GetComputerNameA
RaiseException
SetCalendarInfoA
SetCurrentDirectoryW
CreateDirectoryW
EndUpdateResourceW
WinExec
ExpandEnvironmentStringsA
FlushFileBuffers
CompareFileTime
FileTimeToDosDateTime
LoadLibraryA
GetEnvironmentStringsW
GetVolumeInformationA
GetVolumeInformationW
FindResourceA
SetCurrentDirectoryA
FatalAppExitW
SearchPathW

user32

SetWindowPos
EndDialog
GetAsyncKeyState
DialogBoxIndirectParamA
LoadBitmapA
CheckRadioButton
SendDlgItemMessageW
UpdateLayeredWindow
OpenClipboard
GetSysColorBrush
UnregisterClassA
FindWindowW
CreatePopupMenu
MonitorFromWindow
RegisterClassA
SetForegroundWindow
GetScrollPos
RegisterWindowMessageW
InvalidateRgn
ActivateKeyboardLayout
LoadMenuIndirectW
CascadeWindows
SetDlgItemTextW
GetForegroundWindow
ArrangeIconicWindows
CreateAcceleratorTableA
wvsprintfW
FindWindowA
InsertMenuW
EnumDesktopsA
OffsetRect
ChildWindowFromPoint
DestroyIcon
DialogBoxParamW
GetDlgItemTextW
LoadMenuA
RegisterWindowMessageA
BringWindowToTop
AdjustWindowRect
ClientToScreen
GetWindowRgn
GetMenuInfo
CopyImage
AppendMenuW
GetSystemMetrics
LoadIconW
CharLowerW
PeekMessageW
MessageBoxA
EnableWindow
DefFrameProcW
SetTimer
LoadCursorW
MessageBoxW
CreateDialogParamW
WinHelpA
CreateDialogIndirectParamA

gdi32

CombineRgn
GetBkColor
GetCharWidth32W
GetGlyphIndicesW
IntersectClipRect
CreateBitmapIndirect
GetCharWidthFloatA
LineTo
SetDIBColorTable
GetViewportOrgEx
CreateFontIndirectA
GetRasterizerCaps
CreateCompatibleDC
CreateFontA
ResizePalette
GetMiterLimit
RemoveFontResourceW
GetPixel
GetROP2
GetRandomRgn
GetMapMode
SetBoundsRect
ExtCreateRegion

advapi32

RegEnumKeyW
RegQueryMultipleValuesA
RegQueryValueExW
RegRestoreKeyW
RegEnumValueA
RegEnumKeyExA
RegQueryValueW
RegDeleteValueA
RegQueryValueA

shell32

SHGetFolderPathA
StrStrIA
ShellExecuteW
Shell_NotifyIconW
StrCmpNA

comdlg32

GetSaveFileNameW
PrintDlgExA
ChooseFontW
GetFileTitleA
PrintDlgW
LoadAlterBitmap
PageSetupDlgA
FindTextW
PrintDlgA

ole32

OleInitialize
OleRun

oleaut32

VarUI8FromDate
VarDecAdd
VarR8FromR4
SafeArrayGetLBound
VarI2FromCy
VarCyFromUI2
VarDecAbs
SafeArrayAllocDescriptorEx
CreateDispTypeInfo

version

VerInstallFileA
GetFileVersionInfoSizeA
VerQueryValueW

winmm

joyGetDevCapsW
waveOutGetPosition
mmioSendMessage
DriverCallback
mixerGetLineInfoW
mixerOpen
mmioRenameA
mmTaskBlock
midiStreamOpen
midiOutShortMsg
midiInUnprepareHeader

winspool.drv

DeletePrinterConnectionW
EnumFormsA
GetPrintProcessorDirectoryW
FindClosePrinterChangeNotification
EnumPrintProcessorDatatypesW
AddPrinterDriverExA
SeekPrinter
GetFormW
DocumentPropertiesA
DeletePrinterDriverExW

oledlg

OleUIAddVerbMenuA
OleUIChangeIconA
OleUIChangeIconW
OleUIInsertObjectA
OleUIAddVerbMenuW
OleUIObjectPropertiesA
OleUIUpdateLinksW
OleUIConvertW
OleUICanConvertOrActivateAs
OleUIUpdateLinksA
OleUIInsertObjectW

wsock32

WSAAsyncGetHostByAddr
getpeername
listen
WSASetBlockingHook
htons
WSACleanup
inet_addr

Sections

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 10KB

IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe8f65217576c2c1f5e047cb30c961a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comdlg32

ole32

oleaut32

version

winmm

winspool.drv

oledlg

wsock32

Sections

.rdata Size: 1KB - Virtual size: 4KB

.edata Size: 1KB - Virtual size: 15KB

.edata Size: 14KB - Virtual size: 14KB

.edata Size: 1024B - Virtual size: 33KB

.rdata Size: 1KB - Virtual size: 33KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 14KB

.edata Size: 1KB - Virtual size: 20KB

.edata Size: 1KB - Virtual size: 10KB

.rdata Size: 1024B - Virtual size: 18KB

.rsrc Size: 152KB - Virtual size: 151KB

.reloc Size: 1024B - Virtual size: 36KB

.rdata
Size: 1KB - Virtual size: 4KB

.edata
Size: 1KB - Virtual size: 15KB

.edata
Size: 14KB - Virtual size: 14KB

.edata
Size: 1024B - Virtual size: 33KB

.rdata
Size: 1KB - Virtual size: 33KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 14KB

.edata
Size: 1KB - Virtual size: 20KB

.edata
Size: 1KB - Virtual size: 10KB

.rdata
Size: 1024B - Virtual size: 18KB

.rsrc
Size: 152KB - Virtual size: 151KB

.reloc
Size: 1024B - Virtual size: 36KB