4c0dd9d78c86c1348a5ff9cfeeb9e03f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4c0dd9d78c86c1348a5ff9cfeeb9e03f_JaffaCakes118
Size

2.7MB
MD5

4c0dd9d78c86c1348a5ff9cfeeb9e03f
SHA1

44b70a30234534d0a5c6cabf32f5fe93d79fddc6
SHA256

871f404196fa072d9bfbc65ee0149c2066eef8d69f779a86e0978c8eeb0c94bd
SHA512

1a306e00c1043ab25b9f1806626fbc2bc8170d9f77376db954977a6147aa1a8d941be2006b6b0b1490e6ee8f5ee651eea30e81d8491eb3e7537ea24ce729efed
SSDEEP

12288:6XyzKAjwOh1Ze2wyD4caeaan3Yao2XEXym0mj:+ymAjf1M11capaIalXEXy7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c0dd9d78c86c1348a5ff9cfeeb9e03f_JaffaCakes118

Files

4c0dd9d78c86c1348a5ff9cfeeb9e03f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

df1608183de6e8e31ed501d57c929742

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapReAlloc
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
CreateThread
ExitThread
InterlockedExchange
GetSystemTimeAsFileTime
ExitProcess
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
GetOEMCP
GetCPInfo
FileTimeToSystemTime
GetFullPathNameA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GlobalFlags
WritePrivateProfileStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
RaiseException
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
FreeResource
InterlockedDecrement
SetEvent
SetThreadPriority
GlobalAddAtomA
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
HeapFree
HeapAlloc
GetVolumeInformationA
OpenMutexA
ReleaseMutex
LocalFree
GetCurrentThreadId
FreeLibrary
TryEnterCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
lstrcpyA
WriteFile
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTempPathA
CreateProcessA
ResumeThread
SuspendThread
GetCurrentThread
GetModuleHandleA
GetModuleFileNameA
lstrcatA
CreateFileA
DeleteFileA
GetTickCount
Sleep
CreateEventA
WaitForSingleObject
GetCurrentProcess
TerminateProcess
CloseHandle
CreateMutexA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
SetHandleCount

user32

SetRect
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
GetSysColorBrush
WindowFromPoint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
TabbedTextOutA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
GetClassNameA
SendDlgItemMessageA
IsChild
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
GetClassInfoA
UnregisterClassA
CallWindowProcA
SetWindowLongA
IntersectRect
CopyAcceleratorTableA
IsIconic
GetWindowPlacement
CopyRect
PtInRect
GetWindow
SetWindowContextHelpId
MapDialogRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
DestroyMenu
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetWindowLongA
GetLastActivePopup
PostQuitMessage
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
RegisterClassA
DestroyIcon
IsWindowVisible
GetFocus
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
RegisterClipboardFormatA
RemovePropA
GetPropA
IsWindowEnabled
SetPropA
GetDlgCtrlID
SetWindowPos
SetWindowRgn
MoveWindow
SetForegroundWindow
SetFocus
GetSysColor
SetCursor
PostThreadMessageA
SystemParametersInfoA
InvalidateRect
OffsetRect
EnumWindows
LoadImageA
LoadIconA
SendMessageA
SetTimer
DrawTextA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
ShowWindow
UpdateWindow
DefWindowProcA
BeginPaint
GetClientRect
EndPaint
GetDesktopWindow
GetWindowRect
GetDC
FillRect
ReleaseDC
DestroyWindow
PostMessageA
EnableWindow
GetParent
wsprintfA
CharUpperA

gdi32

GetRgnBox
GetTextColor
GetBkColor
CreateRectRgnIndirect
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
RestoreDC
SaveDC
GetClipBox
GetMapMode
SetMapMode
CreateBitmap
ExtCreateRegion
GetDeviceCaps
SetViewportOrgEx
GetObjectA
GetPixel
SetBkColor
TextOutA
SetBkMode
SetTextColor
CreateFontIndirectA
GetStockObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateSolidBrush
BitBlt
DeleteDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
FreeSid

shell32

Shell_NotifyIconA

comctl32

ord17
_TrackMouseEvent

shlwapi

SHRegSetUSValueA
SHRegGetUSValueA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CoTaskMemFree
CoInitialize
CoDisconnectObject
CoGetClassObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemAlloc
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoRegisterMessageFilter

oleaut32

SysFreeString
OleCreateFontIndirect
LoadTypeLi
SystemTimeToVariantTime
SafeArrayDestroy
VariantInit
SysAllocString
SysAllocStringLen
VariantChangeType
VariantClear
SysAllocStringByteLen
SysStringLen
VariantCopy

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df1608183de6e8e31ed501d57c929742

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

rpcrt4

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB