5cb6a2318717505a3a44602e54204a9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cb6a2318717505a3a44602e54204a9d_JaffaCakes118
Size

511KB
MD5

5cb6a2318717505a3a44602e54204a9d
SHA1

fb4393383c9ce31b3736d221395488867e54b06f
SHA256

850435b1b2c53f4493065020cd77d8abdc34e67322b4401e40d7015af24916c5
SHA512

2746058f4f4cbfbbd6eb1a4a464f0f079a83425571ae9b30e9226af928f812c39274add38877b20f2d46f70f5be71d4bd92f27024b2d0224d30c3348353c3fa8
SSDEEP

12288:gqDWecMS5sl1fpyWkryTtZhzhQTlC+SByqa4:laJO1fpjZYTlhSv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cb6a2318717505a3a44602e54204a9d_JaffaCakes118

Files

5cb6a2318717505a3a44602e54204a9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

p:\magicjack_release_2_0_x(source)\target\releaseunicode\win32\Splash.pdb

Imports

version

VerQueryValueW

kernel32

SetEndOfFile
CreateFileW
SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RtlUnwind
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
RaiseException
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
InterlockedIncrement
GlobalFlags
WritePrivateProfileStringW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetCurrentProcessId
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
lstrcmpA
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
InterlockedDecrement
GetModuleHandleW
SetLastError
GetTickCount
GetModuleFileNameW
GetCurrentProcess
GetLongPathNameW
FreeLibrary
EnumResourceLanguagesW
FreeResource
GetCommandLineW
ReleaseMutex
WaitForSingleObject
MultiByteToWideChar
CreateMutexW
LockResource
LoadResource
CloseHandle
FindResourceW
SizeofResource
GetProcAddress
LoadLibraryW
GetVersion
GetLastError
GlobalAlloc
ExpandEnvironmentStringsW
HeapCreate

user32

DestroyMenu
GetSysColorBrush
UnregisterClassW
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
ShowWindow
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
UnregisterClassA
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetWindow
SetCursor
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetLastActivePopup
GetCursorPos
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageW
UnhookWindowsHookEx
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
EnableWindow
PostQuitMessage
LoadCursorW
SetClassLongW
SendMessageW
KillTimer
ValidateRect
InvalidateRect
SetWindowRgn
FillRect
GetSysColor
ReleaseDC
GetDC
IsWindow
SetTimer
SetRect
MessageBoxW
GetMessageTime

gdi32

GetStockObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDIBits
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
CreateBitmap
StretchBlt
DeleteObject
SetBkMode
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SelectObject
BitBlt
CombineRgn
CreateRectRgn

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegDeleteKeyW
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey

shell32

ShellExecuteExW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CreateStreamOnHGlobal

oleaut32

OleLoadPicture
VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 291KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b8b697528f0fcc495427f5ee172ef9d4

Headers

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 291KB - Virtual size: 291KB

.rdata Size: 90KB - Virtual size: 89KB

.data Size: 15KB - Virtual size: 31KB

.rsrc Size: 108KB - Virtual size: 112KB

.text
Size: 291KB - Virtual size: 291KB

.rdata
Size: 90KB - Virtual size: 89KB

.data
Size: 15KB - Virtual size: 31KB

.rsrc
Size: 108KB - Virtual size: 112KB