4137bd3308c8067c83df1705a35319cb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4137bd3308c8067c83df1705a35319cb_JaffaCakes118
Size

260KB
MD5

4137bd3308c8067c83df1705a35319cb
SHA1

46f8b3f90f7e7e2f3508e19062c97f4bf6ca9d6a
SHA256

0f5ccf8843ffe158605e98288c09454067e5fd2c303c53eb869b10bb26b05142
SHA512

4c9c1c503a646504518cbb9406a5f261056c5448cdc1287ac1339d938e85b85d0e58ea5a296a7a95006dcce9601d4722189e4cdb64079a96f14965b8fb207d99
SSDEEP

6144:OOKlMlDZq2ES2BDUIw5fuZ7qZQ04DM2L6gW:XKgZBEHBUvfuZ7qqB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4137bd3308c8067c83df1705a35319cb_JaffaCakes118

Files

4137bd3308c8067c83df1705a35319cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eee839b7cd71d4ba3ef6eef26848f3ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleSaveToStream
CreateItemMoniker
SetConvertStg
OleCreateMenuDescriptor

kernel32

GetLocalTime
SetNamedPipeHandleState
DebugBreak
Process32NextW
GetFileSize
CreateEventA
WriteConsoleW
DeleteTimerQueueTimer
GetTimeFormatW
CloseHandle
GetSystemTimeAsFileTime
GetDateFormatA
GetConsoleCP
TerminateProcess
ReadFile
QueryPerformanceCounter
GetCurrentProcess
GetUserGeoID
GetVersion
FindNextFileA
InterlockedCompareExchange
LockFile
GetSystemWindowsDirectoryW
MapViewOfFileEx
GlobalReAlloc
GlobalUnlock
OpenMutexA
CreateToolhelp32Snapshot
GetCurrentDirectoryA
GlobalDeleteAtom
GetEnvironmentVariableW
CreateIoCompletionPort
GetShortPathNameA
FileTimeToSystemTime
LeaveCriticalSection
OpenEventA
GetLogicalDriveStringsW
CreateEventW
HeapSize
lstrcmpW
_lclose
IsDBCSLeadByte
HeapCreate
IsDebuggerPresent
CreateTimerQueue
GetPrivateProfileSectionA
InitializeCriticalSection
GetLongPathNameW
GetOEMCP
GetComputerNameW
DeviceIoControl
IsBadCodePtr
GetCommandLineA
OpenEventW
GetStartupInfoW
EnterCriticalSection
GetFileType
GetDriveTypeA
GetThreadLocale
GetLocaleInfoW
GetWindowsDirectoryA
FormatMessageA
LCMapStringW
CreateMutexW
CreateFileMappingW
VirtualQuery
TlsGetValue
WaitForSingleObject
GetTickCount
InterlockedExchange
EnumResourceLanguagesA
CreateNamedPipeA
Beep
GetProcAddress
GetExitCodeThread
GetVersionExA
GetModuleHandleA
GetEnvironmentVariableA
MulDiv
FreeEnvironmentStringsA
FreeResource
VirtualProtect
TerminateThread
WritePrivateProfileStringW
GetStringTypeExW
GetStartupInfoA
SetFileAttributesA
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateFileW
GetDateFormatW
GetPrivateProfileIntW
GetExitCodeProcess
RemoveDirectoryA
GetTempPathA
LocalReAlloc
UnlockFile
lstrcmpiA
WideCharToMultiByte
ExpandEnvironmentStringsW
SetFileAttributesW
HeapReAlloc
MultiByteToWideChar
GetFileSizeEx
TlsSetValue
VirtualAlloc
SetErrorMode

advapi32

RegisterEventSourceW
GetTokenInformation
DeleteService
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyA
OpenSCManagerW
DeregisterEventSource
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
RegOpenKeyExW
DuplicateTokenEx

gdi32

PatBlt
GdiComment
GetCharWidthA
CreatePen
EnumFontFamiliesExA
GetCurrentObject
GetBitmapBits
CopyMetaFileA
SelectObject
MaskBlt
GetOutlineTextMetricsW
ScaleViewportExtEx
GetPaletteEntries
StartPage
SetViewportOrgEx
GetCharWidthW
ExtCreatePen
SetWindowOrgEx

user32

GetKeyboardLayoutList
UpdateLayeredWindow
AdjustWindowRectEx
ClientToScreen
DrawFocusRect
GetKeyboardState
GetWindow
GetInputState
GetCaretPos
SetDlgItemTextA
IsZoomed
SetRectEmpty
DialogBoxParamW
ModifyMenuA
SetParent
CharUpperW
LoadKeyboardLayoutA
LoadMenuA
CreateWindowExW
GetDlgItemTextW
HideCaret
EndMenu
DefMDIChildProcA
DdeConnect
SetWindowRgn
GetWindowDC
EnableMenuItem
VkKeyScanA
IsCharAlphaNumericW
MapVirtualKeyW
InvertRect

shlwapi

PathStripPathW

comdlg32

GetSaveFileNameA

oleaut32

VariantClear

shell32

SHGetPathFromIDListA
Shell_NotifyIconW
SHGetMalloc

version

GetFileVersionInfoA

comctl32

ImageList_LoadImageW
CreateToolbarEx
ImageList_ReplaceIcon

winspool.drv

DeletePortA

msvcrt

_except_handler3
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_stricmp
_purecall
_itow
_wsplitpath
wcstok
_wtoi64
_wtoi
towlower
longjmp
atof
swscanf
_beginthreadex
wcsspn
_wcsicmp
wcstol
realloc
wcscpy
floor
_strnicmp
wcsncpy
_ltow
_fpreset
toupper
exit
_msize
_splitpath
_iob
_wcsupr
_expand
bsearch
towupper
iswalnum
isspace
_controlfp
__p__fmode
__set_app_type

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eee839b7cd71d4ba3ef6eef26848f3ab

Headers

File Characteristics

Imports

ole32

kernel32

advapi32

gdi32

user32

shlwapi

comdlg32

oleaut32

shell32

version

comctl32

winspool.drv

msvcrt

Sections

.text Size: 220KB - Virtual size: 216KB

.data Size: 32KB - Virtual size: 28KB

.rsrc Size: 4KB - Virtual size: 656B

.text
Size: 220KB - Virtual size: 216KB

.data
Size: 32KB - Virtual size: 28KB

.rsrc
Size: 4KB - Virtual size: 656B