4bbc2b506989810d483dc90470070da6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bbc2b506989810d483dc90470070da6_JaffaCakes118
Size

513KB
MD5

4bbc2b506989810d483dc90470070da6
SHA1

e89a7581409d4730b157e3c7b1864795a860ada4
SHA256

357a5ee135052d98a01bd426c3c13a0b6de08173f88b2e918ebc779bdf4e01d4
SHA512

e2be8f1e83b6a8595ac53c8092b29d15dd4ea1cce37065ca1d448d3462e8a0fd372e4a6c144715fe1154e2a0559704138801ee59e6a9d0685654ead0758adc28
SSDEEP

12288:M5Y9eVcUy4qtTTTMwm5W+lE3QThoAJa48sDjDbyzJuvgDeZa/S6p/f5g:M5Vcv4YvMhjE+hvJaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bbc2b506989810d483dc90470070da6_JaffaCakes118

Files

4bbc2b506989810d483dc90470070da6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fd7a69df3208a792fd3ac69dbe77c2fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
OpenPrinterW
EnumPrintersW
ord204

user32

GetClassInfoExW
InsertMenuItemW
GetWindowDC
LoadMenuW
ScreenToClient
MoveWindow
LoadBitmapW
EnumWindows
GetWindow
wsprintfW
GetForegroundWindow
SetWindowPos
FillRect
SendMessageW
SetWindowLongW
GetWindowTextW
ModifyMenuW
SetFocus
DrawTextExW
DrawFrameControl
CloseClipboard
RegisterClassExW
GetDC
IsZoomed
TrackMouseEvent
TranslateAcceleratorW
DestroyMenu
GetSubMenu
GetMenu
ReleaseCapture
IsChild
RegisterClassW
SetRectEmpty
SetTimer
SetCursor
WindowFromPoint
GetCursorPos
CharUpperW
SetDlgItemTextW
GetWindowThreadProcessId
CreateWindowExW
DrawFocusRect
PostThreadMessageW
EnableMenuItem
EnumChildWindows
PtInRect
EndPaint
GetAsyncKeyState
GetKeyState
FrameRect
KillTimer
EmptyClipboard
IsWindowVisible
DestroyIcon
CopyRect
DeferWindowPos
GetActiveWindow
ShowOwnedPopups
LockWindowUpdate
EqualRect
GetDlgCtrlID
GetMenuItemInfoW
GetAncestor
DrawTextW
GetFocus
ReleaseDC
PostMessageW
BeginPaint

advapi32

RegOpenKeyExA
RegQueryValueExA
CloseServiceHandle
QueryServiceStatus

shell32

SHGetMalloc
DragFinish
ExtractIconExA
SHGetDesktopFolder
SHGetPathFromIDListA
DragQueryFileA
DragAcceptFiles
SHGetFileInfoA
ShellExecuteExA
Shell_NotifyIconA
SHGetSpecialFolderLocation
ord155
ShellExecuteA

kernel32

TlsGetValue
LCMapStringA
CreateFileA
FlushFileBuffers
GetStdHandle
UnhandledExceptionFilter
GetModuleFileNameW
DeleteCriticalSection
FreeEnvironmentStringsA
GetCommandLineA
InitializeCriticalSection
GetTimeZoneInformation
TlsAlloc
LoadLibraryA
GetCommandLineW
GetLocaleInfoA
GetSystemTimeAsFileTime
LeaveCriticalSection
HeapReAlloc
WriteConsoleA
GetACP
HeapSize
GetStartupInfoA
RaiseException
QueryPerformanceCounter
GetStringTypeW
GetUserDefaultLCID
GetModuleFileNameA
InterlockedIncrement
ReadFile
CloseHandle
GetCurrentThreadId
GetTickCount
GetDateFormatA
TlsFree
CompareStringA
EnterCriticalSection
GetCurrentProcessId
IsDebuggerPresent
IsValidLocale
GetTimeFormatA
GetEnvironmentStringsW
GetConsoleMode
HeapCreate
GetCurrentProcess
FatalAppExitA
GetCPInfo
GetLocaleInfoW
IsValidCodePage
GetProcAddress
GetProcessHeap
SetUnhandledExceptionFilter
GetConsoleOutputCP
RtlUnwind
WriteFile
HeapFree
GetModuleHandleA
GetLastError
GetVersionExA
TerminateProcess
ExitProcess
InterlockedDecrement
SetLastError
Sleep
SetEnvironmentVariableA
GetModuleHandleW
GetCurrentThread
InterlockedExchange
SetHandleCount
VirtualAlloc
HeapDestroy
TlsSetValue
WriteConsoleW
GetOEMCP
GetStringTypeA
MultiByteToWideChar
GetFileType
GetEnvironmentStrings
HeapAlloc
CreateMutexW
CompareStringW
VirtualFree
VirtualQuery
LCMapStringW
FreeLibrary
FreeEnvironmentStringsW
SetFilePointer
WideCharToMultiByte
GetConsoleCP
SetStdHandle
GetStartupInfoW
SetConsoleCtrlHandler

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd7a69df3208a792fd3ac69dbe77c2fe

Headers

File Characteristics

Imports

winspool.drv

user32

advapi32

shell32

kernel32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 66KB - Virtual size: 90KB

.rsrc Size: 73KB - Virtual size: 72KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 66KB - Virtual size: 90KB

.rsrc
Size: 73KB - Virtual size: 72KB