68b1f7df4600f5d2bfcbe440444b970d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

68b1f7df4600f5d2bfcbe440444b970d_JaffaCakes118
Size

596KB
MD5

68b1f7df4600f5d2bfcbe440444b970d
SHA1

2af112c342a72a8f467afe0c5b8a81c65ccd0fbc
SHA256

196472cf63537b78a61a46c98b615011485b5ef6eee1f4b092882400b62eb12d
SHA512

a712bc74892333ca04cb6bed981c578990b136507cb009f00f0a7f67d7640c1e42cd56ce425b48d8be3db400db818f256f5c0e3cc17972f8c5a4f0c0e38d7933
SSDEEP

12288:E0wM04YP0BtAPPxXR7rrdcYKXX0RAfxEkKCjQecDUzULoMv:E0ZWPPxXF/dcYKURAfxjKCjQieoMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68b1f7df4600f5d2bfcbe440444b970d_JaffaCakes118

Files

68b1f7df4600f5d2bfcbe440444b970d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdfe98148972ed2075f28dcc1dafe718

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

RtlUnwind
ExitProcess
TerminateProcess
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
CreateThread
ExitThread
HeapSize
HeapReAlloc
GetACP
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcAddress
FreeLibrary
Sleep
LoadLibraryA
WritePrivateProfileStringA
GetWindowsDirectoryA
WaitForSingleObject
FindFirstFileA
GetCurrentDirectoryA
GetLastError
ResumeThread
GetCurrentProcess
CreateProcessA
GetEnvironmentVariableA
GetModuleFileNameA
GetVersionExA
MultiByteToWideChar
FindClose
CreateDirectoryA
GetStartupInfoA
GetPrivateProfileStringA
CopyFileA
lstrlenA
GetModuleHandleA
lstrcpyA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetProfileStringA
ReadFile
CreateFileA
DuplicateHandle
SetErrorMode
GetThreadLocale
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcpynA
GlobalAlloc
lstrcmpA
GetCurrentThread
FormatMessageA
LocalFree
WideCharToMultiByte
GetVersion
InterlockedIncrement
GlobalFree
InterlockedDecrement
CreateEventA
SuspendThread
SetThreadPriority
SetEvent
CloseHandle
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource

user32

CharNextA
CopyAcceleratorTableA
GetNextDlgGroupItem
MessageBeep
CharUpperA
RegisterClipboardFormatA
PostThreadMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
IsWindow
SetFocus
AdjustWindowRectEx
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
GetWindowLongA
GetSysColorBrush
PtInRect
GetClassNameA
DestroyMenu
ClientToScreen
LoadStringA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
DrawFocusRect
SetRect
FillRect
CopyRect
GetWindowTextA
InflateRect
DrawStateA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadIconA
FindWindowA
BringWindowToTop
SendMessageA
SetTimer
SetActiveWindow
GetDesktopWindow
GetWindowRect
SetForegroundWindow
LoadCursorA
CopyIcon
SetCursor
InvalidateRect
EnableWindow
LoadBitmapA
HideCaret
UnregisterClassA
ScreenToClient

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
MoveToEx
LineTo
DeleteObject
GetStockObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
SelectObject
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
RoundRect
GetTextExtentPoint32A
CreatePen
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetTextExtentPointA
CreateDIBitmap
GetObjectA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
GetUserNameA
RegOpenKeyExA
FreeSid
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
OleFlushClipboard
CoTaskMemAlloc
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
OleIsCurrentClipboard
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cdfe98148972ed2075f28dcc1dafe718

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 184KB - Virtual size: 180KB

.rdata Size: 44KB - Virtual size: 43KB

.data Size: 36KB - Virtual size: 54KB

.rsrc Size: 328KB - Virtual size: 328KB

.text
Size: 184KB - Virtual size: 180KB

.rdata
Size: 44KB - Virtual size: 43KB

.data
Size: 36KB - Virtual size: 54KB

.rsrc
Size: 328KB - Virtual size: 328KB