603449d87ce8b2adab97d09673e9a1eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

603449d87ce8b2adab97d09673e9a1eb_JaffaCakes118
Size

872KB
MD5

603449d87ce8b2adab97d09673e9a1eb
SHA1

8f6363214ae6a216c4cb0c111f306c1145d30751
SHA256

2b01087ca9793eebe61e4fd50fef2a1e5b3f7808080626b949ce75c1b4198cba
SHA512

48bdfda9af0b7d2e7fa6b73428bdcb1bb85b9a7ed179d32237c0874001562bcf69fcafb3edaac7291fe6679819d330eee12b1b4ce156439d9ae46eedaf4bba7b
SSDEEP

12288:S8p/lt0A14njSxVj6YMJKKNB6UZgwADQo/56:jp/l6AYGreVjADZ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
603449d87ce8b2adab97d09673e9a1eb_JaffaCakes118

Files

603449d87ce8b2adab97d09673e9a1eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b094ddd0390e97d0a277c73c3b04c54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
RaiseException
HeapAlloc
GetStartupInfoA
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapFree
TerminateProcess
SetUnhandledExceptionFilter
GlobalFindAtomA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindResourceA
LoadResource
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GetProfileStringA
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
SetErrorMode
GetCPInfo
GetOEMCP
LocalReAlloc
GetProcessVersion
TlsGetValue
LeaveCriticalSection
TlsSetValue
EnterCriticalSection
DeleteCriticalSection
TlsFree
GlobalHandle
LocalAlloc
TlsAlloc
InitializeCriticalSection
GlobalFlags
SizeofResource
GetLastError
lstrcpynA
lstrcmpA
CloseHandle
LocalFree
GetCurrentThread
GetModuleFileNameA
WritePrivateProfileStringA
SetLastError
GetPrivateProfileIntA
MulDiv
InterlockedIncrement
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
InterlockedDecrement
GetVersion
GlobalAddAtomA
GlobalGetAtomNameA
lstrcmpiA
VirtualAlloc
GlobalDeleteAtom
GetModuleHandleA
GlobalFree
GetProcAddress
LockResource
IsBadWritePtr
HeapDestroy
HeapCreate
VirtualFree

user32

GetCursorPos
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
GetClassNameA
GetSysColorBrush
GrayStringA
WindowFromPoint
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
TabbedTextOutA
DrawTextA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
LoadBitmapA
UpdateWindow
MessageBeep
CopyIcon
GetParent
GetDC
ReleaseDC
InflateRect
IsWindow
GetSysColor
SetCursor
PtInRect
ReleaseCapture
SetCapture
GetClientRect
GetWindowRect
GetSystemMetrics
SetRect
SetWindowPos
GetWindowDC
DestroyMenu
SetWindowRgn
CreatePopupMenu
ClientToScreen
PostMessageA
InvalidateRect
KillTimer
GetSystemMenu
AppendMenuA
LoadCursorA
EnableWindow
LoadIconA
EndPaint
BeginPaint
LoadStringA
DefWindowProcA
SetTimer
SendMessageA
MoveWindow
ShowWindow
SetWindowTextA
IsDialogMessageA
GetMenuState
GetMenuCheckMarkDimensions
CheckMenuItem
ModifyMenuA
SetMenuItemBitmaps
MapWindowPoints
EnableMenuItem
SendDlgItemMessageA
GetFocus
PeekMessageA
DispatchMessageA
CreateWindowExA
SetFocus
SetWindowsHookExA
GetMenuItemCount
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
CharNextA
DefDlgProcA
IsWindowUnicode

gdi32

CombineRgn
BitBlt
SelectObject
CreateDIBSection
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
DPtoLP
GetMapMode
SetTextColor
SetBkColor
GetClipBox
SaveDC
CreateBitmap
SetBkMode
RestoreDC
DeleteDC
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetDeviceCaps
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
CreateDIBitmap
DeleteObject
ExtCreateRegion
GetStockObject
GetTextExtentPointA
PatBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 736KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b094ddd0390e97d0a277c73c3b04c54

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 736KB - Virtual size: 736KB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 736KB - Virtual size: 736KB