5f8698b709fcd1fe68387830cd6ccc0b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f8698b709fcd1fe68387830cd6ccc0b_JaffaCakes118
Size

269KB
MD5

5f8698b709fcd1fe68387830cd6ccc0b
SHA1

da59501c27c0bdc63868c5ac4e6e25f5bbcd4f78
SHA256

046d0aee121c8416de3cf1697cdab1418987d5b6751fb0405934fbfbc6346321
SHA512

bed4915e928c10ba3f21e4f39369c7ecaaad6566853130b28b78a2ae3de5729a4711dcbca30b71c2fb09c4141a2277e4ef6bd91dab141d6e09f852aee8b0b439
SSDEEP

6144:V/sjgfHyz33N+OYiCo89RNG5KWvfcOF3kS:VDyzHN/89G5KW3ci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f8698b709fcd1fe68387830cd6ccc0b_JaffaCakes118

Files

5f8698b709fcd1fe68387830cd6ccc0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

839ce794e8e5e7264affac42a296d155

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

registry

SetRegDWORDValue
GetRegValue

filewrap

my_lseek
my_read
my_close
my_open
my_open_create
my_write
my_unlink

onlnmf

ord6
ord5
ord3
ord4
ord1

modlog

ord1

kernel32

SetLastError
lstrcpyA
EnumResourceLanguagesA
ConvertDefaultLocale
lstrcmpA
GetCurrentThread
InterlockedDecrement
RaiseException
InitializeCriticalSection
DeleteCriticalSection
GlobalFlags
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
SetErrorMode
GetFileAttributesA
RtlUnwind
GetFileType
ExitThread
CreateThread
GetTimeFormatA
GetDateFormatA
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
HeapSize
SetHandleCount
GetStdHandle
SetStdHandle
GetTimeZoneInformation
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
MulDiv
GlobalAlloc
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetPrivateProfileIntA
GetLogicalDrives
LoadLibraryW
SetFilePointer
GetModuleFileNameW
GetShortPathNameW
WritePrivateProfileStringA
ExitProcess
GetCurrentProcessId
CreateMutexA
DeviceIoControl
SetFileAttributesA
LoadLibraryExA
LoadLibraryA
GetProcAddress
FreeLibrary
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
CreateProcessA
GetExitCodeProcess
GetLocalTime
LocalAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetShortPathNameA
OpenFileMappingA
MapViewOfFile
OpenEventA
UnmapViewOfFile
SetEvent
WideCharToMultiByte
MultiByteToWideChar
WaitForMultipleObjects
FormatMessageA
LocalFree
ReadFile
CreateEventA
ResetEvent
WriteFile
GetLastError
WaitForSingleObject
GetOverlappedResult
CloseHandle
CreateFileA

user32

TranslateMessage
DestroyMenu
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
GetSysColorBrush
LoadCursorA
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ShowWindow
SetWindowTextA
IsDialogMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
ValidateRect
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
PostMessageA
GetMenuItemID
GetMenuItemCount
GetSysColor
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
GetDesktopWindow
MessageBoxA
EnableWindow
SendMessageA
LoadStringW
GetActiveWindow
GetSystemMetrics
DispatchMessageA
GetMessageA
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
DestroyIcon
RegisterWindowMessageA
ModifyMenuW
SetMenuDefaultItem
SetCursor
PostQuitMessage
DeleteMenu
GetCursorPos
wsprintfA
SetMenuItemBitmaps
ModifyMenuA
TrackPopupMenu
GetMenuState
FindWindowA
MessageBoxW
LoadIconA
DrawIcon
AppendMenuA
EnableMenuItem
GetSubMenu
LoadMenuA
GetSystemMenu
IsIconic
GetClientRect
SetTimer
KillTimer
SetForegroundWindow
AdjustWindowRectEx

gdi32

Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
DeleteDC
TextOutA
GetStockObject
RestoreDC
SaveDC
ExtTextOutA
GetDeviceCaps
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteObject
SetMapMode
RectVisible

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
AllocateAndInitializeSid
SetEntriesInAclA
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA

shell32

Shell_NotifyIconW
ShellExecuteExA

comctl32

ord17

shlwapi

PathFindFileNameA
PathFindExtensionA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

839ce794e8e5e7264affac42a296d155

Headers

File Characteristics

Imports

registry

filewrap

onlnmf

modlog

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 24KB - Virtual size: 23KB

.trdata Size: 60KB - Virtual size: 60KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 24KB - Virtual size: 23KB

.trdata
Size: 60KB - Virtual size: 60KB