7349c7908a672de885fdf9f9cc4547b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7349c7908a672de885fdf9f9cc4547b5_JaffaCakes118
Size

115KB
MD5

7349c7908a672de885fdf9f9cc4547b5
SHA1

c01040b7d2b7c2b69b429dffa21e620a6123d428
SHA256

cced359be66ca5a6bd12eba278cbc703c5c6d99e41e85a1680931b3b5cacd8d4
SHA512

074a9ae6510152ccce44079fdb6206985d2dc50bdd296ac0036482a25a522d7c8cf7fc51d19cd037639dd1271239900cbf5dbcf67e3676917e283827a3f30294
SSDEEP

1536:af8JzzuNmG4gDpCMJKVuwyNMnMnKyTGr9CduiLXg3jI7M9JLFRjUgjjN9yGBPorS:9BzoDprYILsIQ3pxrv3y4orDIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7349c7908a672de885fdf9f9cc4547b5_JaffaCakes118

Files

7349c7908a672de885fdf9f9cc4547b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b489684edab6a1f30d9c9df4410f81b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
lstrcmpiA
GetFileTime
LocalAlloc
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVersion
GetCurrentThreadId
lstrcmpA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
FindClose
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
GetDriveTypeA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
ExitProcess
SetStdHandle
GetFileType
RaiseException
GetACP
HeapSize
HeapReAlloc
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LoadLibraryA
GetProcAddress
MoveFileA
SetEndOfFile
UnlockFile
LockFile
GetCurrentProcess
DuplicateHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
SetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
SetFilePointer
CreateFileA
WriteFile
FlushFileBuffers
GetStartupInfoA
GetSystemDirectoryA
lstrcatA
CreateProcessA
WaitForSingleObject
TerminateProcess
DeleteFileA
GetFileSize
ReadFile
SetErrorMode
CreateMutexA
GetComputerNameA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
ReleaseMutex
CloseHandle
InterlockedExchange
GetTickCount
Sleep
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
lstrlenA
lstrcpyA
GetFileAttributesA
CreateDirectoryA
GlobalAddAtomA
GetLastError

user32

GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
GetSystemMetrics
CharUpperA
LoadStringA
CharNextA
PeekMessageA

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

ws2_32

socket
htons
connect
WSAGetLastError
recv
select
setsockopt
inet_ntoa
closesocket
send
WSAStartup
gethostbyname

iphlpapi

GetAdaptersInfo

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
GetStockObject
GetClipBox
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
ScaleWindowExtEx
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetTextColor
SetBkColor

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b489684edab6a1f30d9c9df4410f81b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

ws2_32

iphlpapi

gdi32

winspool.drv

comdlg32

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 14KB - Virtual size: 29KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 14KB - Virtual size: 29KB