602eac81f7d39fdc77d186655a0f6f88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

602eac81f7d39fdc77d186655a0f6f88_JaffaCakes118
Size

284KB
MD5

602eac81f7d39fdc77d186655a0f6f88
SHA1

2d09b4eb05207691462744ceff2da05464676d96
SHA256

654c8569e07a6bd31d6464f99c854ef382ba10eccfdeaf7bf3e772688edd727c
SHA512

32e02fc1078a335d7f8c7937757b05a8a55530d9600215c16923ce11dc74e8f7f82261ecd95e0dcbba9144bb9db8924c3176a3fec656dfa8503cc40d013112b4
SSDEEP

6144:lzU9flBwLCFKCZkH8uOH6HTdORisNbbUidoooooCoooXXeyIBER3unzciQXdD:lzU9flBaCF3qcuXpORistbFoIKR+nzcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
602eac81f7d39fdc77d186655a0f6f88_JaffaCakes118

Files

602eac81f7d39fdc77d186655a0f6f88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9152c3530fbe5db84801182ecea5d084

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

actnioc

MacIoctl
MacOpen
MacFindFirstMatchEx
MacFreeNames
MacGetNamesEx
MacClose

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumValueA
QueryServiceStatus
OpenServiceA
OpenSCManagerA
RegDeleteValueA

kernel32

IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapSize
GetOEMCP
GetACP
GetCPInfo
RaiseException
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetVersionExA
GetModuleFileNameA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetProcessVersion
SetLastError
WritePrivateProfileStringA
GlobalFlags
MulDiv
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
lstrcatA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcpyA
GetProcAddress
LoadLibraryA
CreateMutexA
ReleaseMutex
CloseHandle
FreeLibrary
WideCharToMultiByte
GetLastError
LocalAlloc
LocalLock
MultiByteToWideChar
LocalUnlock
LocalFree
GetVersion
GetStdHandle

user32

GetSysColorBrush
CharUpperA
FindWindowA
InvalidateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
IsIconic
BringWindowToTop
ReleaseDC
GetDC
PtInRect
GetClassNameA
ClientToScreen
WindowFromPoint
GetDesktopWindow
ReleaseCapture
LoadCursorA
LoadStringA
ShowWindow
SetWindowTextA
IsDialogMessageA
UpdateWindow
SendDlgItemMessageA
GrayStringA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetMenu
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetPropA
GetLastActivePopup
GetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
DestroyMenu
UnhookWindowsHookEx
EndDialog
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
SystemParametersInfoA
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
GetSystemMenu
AppendMenuA
GetParent
IsCharAlphaNumericA
IsCharAlphaA
PostMessageA
SetForegroundWindow
KillTimer
GetAsyncKeyState
GetCursorPos
GetSubMenu
LoadIconA
LoadMenuA
EnableMenuItem
CheckMenuRadioItem
LoadImageA
GetSystemMetrics
SetTimer
MessageBeep
EnableWindow
RegisterWindowMessageA
SendMessageA
wsprintfA
ScrollWindow
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetStockObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetObjectA
SetBkColor
SetTextColor
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

DragFinish
Shell_NotifyIconA
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

i
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9152c3530fbe5db84801182ecea5d084

Headers

File Characteristics

Imports

actnioc

advapi32

kernel32

user32

gdi32

winspool.drv

shell32

comctl32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 16KB - Virtual size: 29KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 15KB - Virtual size: 14KB

i Size: 89KB - Virtual size: 92KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 29KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 15KB - Virtual size: 14KB

i
Size: 89KB - Virtual size: 92KB