4965439953fb669e25dbc007c3eabd25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4965439953fb669e25dbc007c3eabd25_JaffaCakes118
Size

228KB
MD5

4965439953fb669e25dbc007c3eabd25
SHA1

efccee2e36206f600fdaf36aa28e5298d146e3cb
SHA256

8a41c3d3a86d51e2cae4dad479ed73f052d14db241aa1d51439fad332cd617b9
SHA512

f531306298f6099f63d41ff8bfbfbe92636c8cad64183f88e237fa5dcf559a5934f779b742c64b20453793a4a8e66c8c2f9e89559e5d462d8912635ee1477a68
SSDEEP

3072:Zme2SK33CAKbYHNvOflfRP6c87v4HM5c+qXFRmXJXMHxqr5d9Q+XqF0zcFiT78rU:ZmVdCxbYEJycOv448Rqr5DPXq6Urm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4965439953fb669e25dbc007c3eabd25_JaffaCakes118

Files

4965439953fb669e25dbc007c3eabd25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2526d28cd78dcd09195f70a030751d29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

RectVisible
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
FillRgn
CreateBitmap
ScaleWindowExtEx
DeleteObject
SetViewportExtEx
PtVisible
GetTextMetricsA
Rectangle
Ellipse
CreateSolidBrush
GetTextColor
CreateRoundRectRgn
DPtoLP
SetBkColor
CreatePen
SetBkMode
CreateFontW
SelectClipRgn
CreateCompatibleDC
CreateCompatibleBitmap
ExtTextOutA
SelectObject
GetRgnBox
MoveToEx

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
ord155
ShellExecuteW
SHFileOperationW
SHGetMalloc
ExtractIconW

oleaut32

LoadTypeLi

comctl32

ImageList_GetDragImage
ImageList_GetImageCount
ImageList_Write
ImageList_EndDrag
ImageList_LoadImageA
PropertySheetA
ImageList_DragLeave
ImageList_Merge
ImageList_Remove
ImageList_DragShowNolock
ImageList_Read
ImageList_BeginDrag
DestroyPropertySheetPage
ImageList_GetIcon
ImageList_GetImageInfo
ImageList_Add
ImageList_DragMove
ImageList_SetDragCursorImage
ImageList_Draw
ImageList_Create
ImageList_Replace
ImageList_AddMasked
ImageList_Destroy
ImageList_SetBkColor
ImageList_ReplaceIcon
ord17
CreatePropertySheetPageA

user32

RegisterClassExW
GetMenuStringW
GetWindowPlacement
UnpackDDElParam
SetMenu
BeginDeferWindowPos
InvalidateRect
ScrollWindowEx
CreateWindowExW
GetParent
GetMessagePos
GetDlgCtrlID
FrameRect
ReleaseCapture
SetActiveWindow
GetSystemMetrics
GetMenu
UnhookWindowsHookEx
DeferWindowPos
OpenClipboard
ShowWindow
SetCapture
IsIconic
SetWindowPos
MessageBoxW
RegisterClipboardFormatW
RegisterClassW
IntersectRect
EndDeferWindowPos
ValidateRect
ChildWindowFromPoint
DefWindowProcW
SetClipboardData
DrawTextW
ReleaseDC
LoadMenuW
CreateDialogParamW
MessageBeep
SetMenuItemInfoW
DestroyWindow

shlwapi

PathIsUNCW
PathRemoveExtensionW
PathFindExtensionW
StrStrW

ole32

CreateBindCtx
GetRunningObjectTable
StgOpenStorageOnILockBytes
OleUninitialize
CoTaskMemFree
DoDragDrop
OleLockRunning
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CoRevokeClassObject
OleRegGetUserType
CreateILockBytesOnHGlobal
OleSetContainedObject

winmm

waveOutUnprepareHeader
waveOutOpen
waveOutReset
waveOutGetNumDevs
waveOutGetPosition
waveOutGetDevCapsA
waveOutSetPlaybackRate
waveOutGetVolume
waveOutRestart

kernel32

GetDateFormatA
SuspendThread
GetTimeZoneInformation
HeapDestroy
GlobalAlloc
MoveFileW
GetCurrentProcess
CreateMutexW
GetSystemDirectoryA
SetFilePointer
GetFullPathNameA
GetSystemTimeAsFileTime
IsBadWritePtr
CreateFileMappingA
GetProcessHeap
lstrcmpA
FatalAppExitA
GetCommandLineW
FreeResource
QueryPerformanceCounter
FlushFileBuffers
InterlockedDecrement
LockFile
GetACP
OutputDebugStringA
DeleteFileW
LeaveCriticalSection
SetEvent
GetFullPathNameW
InterlockedExchange
SizeofResource
GetCurrentProcessId
lstrlenW
VirtualProtect
VirtualFree
DuplicateHandle
GetCPInfo
ConvertDefaultLocale
DeleteCriticalSection
GetFileTime
GlobalReAlloc
UnhandledExceptionFilter
InterlockedIncrement
GetVersionExW
MapViewOfFile
SetEndOfFile
GetEnvironmentStringsW
CompareStringA
CompareStringW
GetSystemTime
TlsSetValue
CreateDirectoryW
GetModuleHandleW
SetCurrentDirectoryA
HeapReAlloc
GetLocaleInfoA
CopyFileA
GlobalFlags
FileTimeToSystemTime
IsValidLocale
SetUnhandledExceptionFilter
WriteFile
GetConsoleCP
MultiByteToWideChar
GetModuleHandleA
VirtualQuery
FindFirstFileA
GetCurrentDirectoryA
TlsGetValue
GetVersionExA
GlobalUnlock
HeapFree
GetCurrentThreadId
LocalAlloc
UnmapViewOfFile
GetSystemInfo
FileTimeToLocalFileTime
GetVersion
CompareFileTime
SetLastError
GetStringTypeA
SetThreadPriority
GetConsoleOutputCP
SystemTimeToFileTime
ReadFile
WaitForSingleObject
lstrcpyA
TerminateProcess
GetConsoleMode
GlobalDeleteAtom
GetModuleFileNameA
GetProcAddress
GetStartupInfoW
lstrcmpiA
InterlockedCompareExchange
CreateMutexA
DeleteFileA
LocalFree
LockResource
GetTempFileNameA
GetStartupInfoA
LocalReAlloc
CreateThread
SetFileTime
RaiseException
ExitThread
SetStdHandle
GetStringTypeW
GetModuleFileNameW
TlsAlloc
GetFileAttributesA
TlsFree
GetCurrentThread
GetDriveTypeA
FreeEnvironmentStringsW
WriteConsoleA
SetEnvironmentVariableA
Sleep
CreateFileW
LCMapStringW
FindNextFileA
WriteConsoleW
GetUserDefaultLCID
FormatMessageA
FindClose
HeapCreate
CreateDirectoryA
IsDebuggerPresent
LocalFileTimeToFileTime
GetLocalTime
HeapAlloc
ResumeThread
HeapSize
GetExitCodeProcess
GetThreadLocale
GetTickCount
UnlockFile
SetHandleCount
lstrlenA
GetOEMCP
MulDiv
GlobalLock
CopyFileW
GetCommandLineA
LoadLibraryA
FindFirstFileW
lstrcmpW
GetTimeFormatA
lstrcmpiW
FindNextFileW
ExitProcess
CloseHandle
RtlUnwind
GlobalFree
GlobalMemoryStatus
FreeLibrary
GetEnvironmentStrings
CreateProcessA
GlobalHandle
WideCharToMultiByte
GetFileType
GetLastError
GlobalSize
GetFileSize
lstrcpynA
VirtualAlloc
InitializeCriticalSection
EnterCriticalSection
GetTempPathW
CreateFileA
GetLocaleInfoW
FreeEnvironmentStringsA
GetTempPathA
GetStdHandle
SetErrorMode
IsValidCodePage
LCMapStringA
LoadResource

winspool.drv

ord204
OpenPrinterW
DocumentPropertiesW

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2526d28cd78dcd09195f70a030751d29

Headers

File Characteristics

Imports

gdi32

shell32

oleaut32

comctl32

user32

shlwapi

ole32

winmm

kernel32

winspool.drv

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 100KB - Virtual size: 97KB

.data Size: 48KB - Virtual size: 58KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 100KB - Virtual size: 97KB

.data
Size: 48KB - Virtual size: 58KB

.rsrc
Size: 20KB - Virtual size: 16KB