73399da63852d514b58cfeca3455b1e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73399da63852d514b58cfeca3455b1e6_JaffaCakes118
Size

185KB
MD5

73399da63852d514b58cfeca3455b1e6
SHA1

6cd6a1822be60be3d266f8a49993d2a7397f1781
SHA256

0d9a560dfd1238452a8241bda8b77c0156fc407fe6114b3f23e3b83251075a85
SHA512

d7fdfd709e06b270ba5de63249714437d08a513309ba5aa249b2e298433322c07c4edb2ae889697b32d1c140514d4752f167cf3c4bb98d3ad1d85d4cdc773808
SSDEEP

3072:EvDJGI06XdMdzQS/qlboTlUyNPeSwxNTOWsDFfBC5+4IcMT9eWcJv6:9I06Xq5cVQPeSwxRQnCrVMT9eB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73399da63852d514b58cfeca3455b1e6_JaffaCakes118

Files

73399da63852d514b58cfeca3455b1e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2675bbbf7e8fc391ef9bd3ac31fd0132

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname
WSAGetLastError
WSAStartup
WSACleanup

kernel32

GetProcessVersion
lstrcmpA
GetCPInfo
GetOEMCP
GlobalFlags
GetCurrentProcess
WriteFile
FlushFileBuffers
lstrcatA
SetFilePointer
CreateThread
GlobalAddAtomA
ExitProcess
HeapAlloc
HeapFree
RaiseException
HeapSize
HeapReAlloc
TerminateProcess
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GlobalGetAtomNameA
lstrcmpiA
lstrcpyA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetCurrentThreadId
ResumeThread
TlsGetValue
GetVersion
GlobalAlloc
LocalReAlloc
TlsSetValue
ReleaseMutex
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
SetLastError
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
LocalFree
lstrlenA
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryA
GetStartupInfoA
GetCommandLineA
CreateMutexA
OpenMutexA
SetThreadPriority
GetCurrentThread
GetVersionExA
GetModuleFileNameA
CreateProcessA
CloseHandle
GetLastError
ExitThread
RtlUnwind

user32

GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
CopyRect
GetDlgItem
GetMenuItemID
WinHelpA
GetDlgCtrlID
DestroyWindow
GetClassLongA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
LoadStringA
GetSubMenu
SetPropA
PostMessageA
DefWindowProcA
PostQuitMessage
CreateWindowExA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetTopWindow
GetCapture
GetWindowTextA
GetNextDlgTabItem
GetFocus
GetSystemMetrics

advapi32

InitializeSecurityDescriptor
RegOpenKeyA
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA

shell32

ShellExecuteA

comctl32

ord17

gdi32

CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2675bbbf7e8fc391ef9bd3ac31fd0132

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

shell32

comctl32

gdi32

winspool.drv

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 4KB - Virtual size: 904B

.trdata Size: 76KB - Virtual size: 76KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 904B

.trdata
Size: 76KB - Virtual size: 76KB