78391c7448f6b1f0a79e1b7080df5e28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78391c7448f6b1f0a79e1b7080df5e28_JaffaCakes118
Size

266KB
MD5

78391c7448f6b1f0a79e1b7080df5e28
SHA1

cebdc4d53be6dfc13b40561f41d37c7c00dcef51
SHA256

61def9bb4a05f677c08bdd4774d0c8fec4ca6de40adef9df44349d0b719eccd1
SHA512

438be1426fc7cab357a1f8a0b3d9900043139aba5ebaa34227a9da6038c1582e07a440fcd2e65de3c22fc26ef05ea09877521e9c7eb66ad8bdfac8046a4ef3cb
SSDEEP

3072:6f41o0R22c+LpqSypM8nyj+GzpAtVgrHlG+iRDS8VQi5Cv2h+K+GCF44Fx594Ral:6f4LkgXSQgVgLixSgF7Unrwa8/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78391c7448f6b1f0a79e1b7080df5e28_JaffaCakes118

Files

78391c7448f6b1f0a79e1b7080df5e28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ca89149bc9bdfcd38744c2991d7f9f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
GlobalFree
GlobalHandle
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalFree
LocalReAlloc
LockResource
QueryPerformanceCounter
ReadFile
SetErrorMode
GlobalAlloc
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpA
lstrcmpW
GlobalAddAtomW
GetVolumeInformationW
GetVersion
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStringTypeA
GetProcessHeap
GetOEMCP
GetModuleHandleA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetCommandLineA
GetCPInfo
GetBinaryTypeW
FreeLibraryAndExitThread
FreeEnvironmentStringsW
FreeLibrary
FindResourceW
FileTimeToLocalFileTime
EnumSystemLocalesA
DuplicateHandle
CreateHardLinkA
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
SetFileAttributesW
CloseHandle

gdi32

StartPage
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkColor
SelectObject
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetMapMode
GetDeviceCaps
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
TextOutW

wininet

GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoW
HttpOpenRequestW
HttpSendRequestW
InternetGetLastResponseInfoW
InternetOpenW
InternetReadFile
GetUrlCacheConfigInfoW

oleaut32

SysAllocString
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VarDecFromBool
VarR8Pow
VariantChangeType
VariantClear
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit

user32

DefWindowProcW
DestroyWindow
DispatchMessageW
DrawTextExW
DrawTextW
EnableMenuItem
EndDialog
EndPaint
EnumDisplayDevicesA
EqualRect
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetPropW
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowTextLengthW
GetWindowTextW
GrayStringW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
CreateWindowExW
IsWindow
IsWindowEnabled
IsWindowVisible
BeginPaint
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
AdjustWindowRectEx
CopyRect
CopyAcceleratorTableW
CharUpperW
IsIconic
CharNextW
LoadBitmapW

comdlg32

PageSetupDlgA
PageSetupDlgW
ChooseFontW
GetFileTitleW

shell32

DoEnvironmentSubstW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW

winspool.drv

OpenPrinterW
GetPrintProcessorDirectoryW
EnumPrinterDataW
DocumentPropertiesW
ClosePrinter

advapi32

GetTrusteeTypeW
OpenTraceW
RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegisterEventSourceW
AddUsersToEncryptedFile

Sections

.text
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ca89149bc9bdfcd38744c2991d7f9f6

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

oleaut32

user32

comdlg32

shell32

winspool.drv

advapi32

Sections

.text Size: 54KB - Virtual size: 56KB

.rdata Size: 149KB - Virtual size: 152KB

.data Size: 34KB - Virtual size: 148KB

.idata Size: 6KB - Virtual size: 7KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 54KB - Virtual size: 56KB

.rdata
Size: 149KB - Virtual size: 152KB

.data
Size: 34KB - Virtual size: 148KB

.idata
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 21KB - Virtual size: 23KB