4ab739c1e28ad73e08c83a42e38aec69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4ab739c1e28ad73e08c83a42e38aec69_JaffaCakes118
Size

636KB
MD5

4ab739c1e28ad73e08c83a42e38aec69
SHA1

dd8749e2f1bcb01d4b9c4a5a7c95a8f659c103f8
SHA256

b03b9de2eadfcb60f223f1c66d2cc7a77f3369ac651e70b212fca58ff7d94035
SHA512

4397f5bcd9a84ecfec2893c13f74ca903c584eeadc696ca5307fba524be4bf7f84fb9b21eb868b41a55b9a881bd5f229479a078c84b0033bf895e8cf7d7361c4
SSDEEP

12288:m0n/OXMvp4e6ceCJsybTsj3PegpXYAaTuqyTVwOe5F0KlXH:m0/Obe67SLbpCqbyTXe5N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ab739c1e28ad73e08c83a42e38aec69_JaffaCakes118

Files

4ab739c1e28ad73e08c83a42e38aec69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe204f4aac3f5ad29dd670c29fb6073e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetFileType
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
GetACP
HeapReAlloc
HeapSize
TerminateProcess
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
HeapAlloc
HeapFree
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetCurrentDirectoryA
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GlobalFlags
GetLastError
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetVersionExA
GetPrivateProfileIntA
GetModuleFileNameA
GlobalAlloc
GetCurrentThread
GlobalFree
lstrcmpA
LoadLibraryA
FreeLibrary
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetCurrentThreadId
CloseHandle
lstrcpynA
LocalFree
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
VirtualProtect
lstrcmpiA
FreeResource
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
lstrlenA
GetVersion

user32

IsWindowEnabled
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
CheckDlgButton
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
EndDialog
wvsprintfA
IsZoomed
SetParent
IsRectEmpty
GetSystemMenu
PostQuitMessage
ShowOwnedPopups
GetClassNameA
LoadStringA
SetTimer
KillTimer
WindowFromPoint
SetCapture
InvertRect
GetDCEx
LockWindowUpdate
CharUpperA
DefFrameProcA
BringWindowToTop
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
SetScrollInfo
SetScrollPos
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
ReleaseCapture
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
IsIconic
GetWindowPlacement
UnhookWindowsHookEx
SetWindowLongA
SetRectEmpty
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
IntersectRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
ScreenToClient
DestroyMenu
GetParent
InflateRect
LoadCursorA
InvalidateRect
GetClientRect
SetCursor
UpdateWindow
EnumWindowStationsW
RedrawWindow
OffsetRect
PtInRect
ShowWindow
MoveWindow
GetWindowRect
GetWindow
IsMenu
IsWindow
SendMessageA
EnableWindow
GetDesktopWindow
GetSubMenu
ReleaseDC
GetDC
RemoveMenu
ModifyMenuA
InsertMenuA
DeleteMenu
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
AppendMenuA
CreatePopupMenu
CreateMenu
GrayStringA
LoadBitmapA
TabbedTextOutA
DrawEdge
GetSysColorBrush
LoadAcceleratorsA
DefMDIChildProcA
DrawMenuBar
TranslateAcceleratorA
DefWindowProcA
TranslateMDISysAccel
FillRect
CopyRect
SetRect
GetSystemMetrics
DrawTextA
DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
GetMenuItemInfoA
GetMessagePos
UnregisterClassA

gdi32

RestoreDC
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SaveDC
CreateRectRgn
CreatePatternBrush
CreateBitmap
SetRectRgn
CombineRgn
DPtoLP
StretchDIBits
GetCharWidthA
CreateFontA
GetTextMetricsA
CreateRectRgnIndirect
StrokeAndFillPath
EndPath
BeginPath
AngleArc
GetStockObject
Rectangle
CreateHatchBrush
PatBlt
Escape
GetTextExtentPoint32A
ExtTextOutA
TextOutA
SetPixel
GetPixel
Ellipse
GetObjectA
CreateDIBSection
SelectObject
BitBlt
DeleteObject
DeleteDC
RectVisible
PtVisible
GetBkMode
GetDeviceCaps
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
CreateSolidBrush
CreatePen
GetTextExtentPoint32W

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegSetValueA
RegCloseKey
GetFileSecurityA
SetFileSecurityA

shell32

ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA

comctl32

ImageList_GetIconSize
ImageList_GetImageCount
ImageList_AddMasked
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Draw
FlatSB_SetScrollInfo
InitializeFlatSB
FlatSB_SetScrollPos
ImageList_Destroy
ImageList_Create
ord17

Sections

.text
Size: 232KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Undoer
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.destro
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fe204f4aac3f5ad29dd670c29fb6073e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 232KB - Virtual size: 228KB

.rdata Size: 80KB - Virtual size: 78KB

.data Size: 36KB - Virtual size: 49KB

.Undoer Size: 16KB - Virtual size: 14KB

.destro Size: 264KB - Virtual size: 260KB

.rsrc Size: 4KB - Virtual size: 992B

.text
Size: 232KB - Virtual size: 228KB

.rdata
Size: 80KB - Virtual size: 78KB

.data
Size: 36KB - Virtual size: 49KB

.Undoer
Size: 16KB - Virtual size: 14KB

.destro
Size: 264KB - Virtual size: 260KB

.rsrc
Size: 4KB - Virtual size: 992B