7888c5e948f0cea77a53ae270576abf8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7888c5e948f0cea77a53ae270576abf8_JaffaCakes118
Size

19KB
MD5

7888c5e948f0cea77a53ae270576abf8
SHA1

519e17df3eec00e679273c50d691d1da441e8afd
SHA256

9607deafbd0be68db32c94b74953515298092cde11802b533ad3594483cc4c51
SHA512

f46a451eddcd4ea796b2999d6af48183b62fc26dbc66fa20322ad1ea414d8b359a60bdee00342a22c724c93c3fa96c57a35b23aea74ead8fa130a4f7b91dba9d
SSDEEP

384:aeHT7eHTFbi3G+Sq7qF/E7Kd5RNq85gzvNBVG+SDMyb+vq4g6oi:aeHT7eHTFmG62sKdvsci179SP+vq4g6Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7888c5e948f0cea77a53ae270576abf8_JaffaCakes118

Files

7888c5e948f0cea77a53ae270576abf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

31ab10f4df69bf4d583b626a33f276a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageW
GetParent
CharUpperW
SetWindowLongW
GetWindowThreadProcessId
GetKeyboardLayout
CreateWindowExW
GetForegroundWindow
UpdateWindow
GetDlgCtrlID
RegisterClassExW
CheckMenuItem
GetMessageW
ShowWindow
GetLastActivePopup
RegisterClassW
SetWinEventHook
wsprintfW
SetCursor
TranslateMessage
RegisterWindowMessageA
LoadImageW
GetWindowTextW
EnableMenuItem
DestroyWindow
GetKeyState
SetWindowTextA
PostMessageW
SetScrollPos
IsDialogMessageW
ChildWindowFromPoint
FillRect
GetDlgItem
SetDlgItemTextW
GetFocus
IsClipboardFormatAvailable
GetSystemMetrics
DispatchMessageA
SystemParametersInfoA
CharNextW
DrawTextExW
CloseClipboard
SetTimer
MoveWindow
UnhookWinEvent
GetDesktopWindow
IsChild
GetWindowLongW
IsWindowEnabled
DestroyMenu
RemoveMenu
GetWindowPlacement
DispatchMessageW
CreateDialogParamW
IsWindow
OpenClipboard
LoadCursorW
ScreenToClient
EnableWindow
SetWindowTextW
GetMenuItemID
GetMenuState
ReleaseDC
SendMessageW
MessageBoxW
GetSubMenu
GetMenu
WindowFromPoint
DialogBoxParamA
DialogBoxParamW
SetFocus
LoadAcceleratorsW
DestroyIcon
SetWindowPlacement
LoadIconW
RegisterWindowMessageW
IsIconic
LoadStringW
SetRect
GetDlgItemTextW
TranslateAcceleratorW
MessageBeep
InvalidateRect
SetActiveWindow
GetCursorPos
EndDialog
UnregisterClassW
DefWindowProcW
DrawTextA
DeleteMenu
PostQuitMessage
GetDC
CharLowerW
WinHelpW
SystemParametersInfoW
GetSystemMenu
SendDlgItemMessageW
GetClientRect

kernel32

GetCurrentProcess
WaitForMultipleObjects
FindClose
FoldStringW
GetUserDefaultLCID
lstrcpynA
SetFileAttributesW
LeaveCriticalSection
CreateFileMappingW
GetStringTypeA
SetUnhandledExceptionFilter
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
TlsSetValue
HeapReAlloc
GetLocalTime
GetModuleHandleA
GetCurrentProcessId
GetCommandLineW
GetVersionExW
GetSystemTimeAsFileTime
LocalReAlloc
GetTempPathA
GetSystemInfo
LoadLibraryA
GetStartupInfoA
lstrlenA
GlobalUnlock
GetCurrentThreadId
GetSystemDefaultLCID
GetSystemDirectoryA
lstrcatW
TlsGetValue
InitializeCriticalSection
CreateMutexW
LocalSize
GetCommandLineA
GetTempFileNameA
FindFirstFileW
CompareStringW
HeapSize
FindFirstFileA
CreateFileW
GetDriveTypeA
MultiByteToWideChar
GlobalFree
SetFilePointer
lstrcmpW
IsDBCSLeadByte
UnmapViewOfFile
VirtualFree
lstrcpynW
GetModuleFileNameW
lstrlenW
GetTickCount
GetACP
FreeEnvironmentStringsW
GetFileType
IsValidCodePage
VirtualAlloc
LocalLock
CreateProcessA
OutputDebugStringA
MulDiv
RaiseException
LocalUnlock
CreateFileA
LCMapStringW
SetHandleCount
GetLastError
OpenEventW
MapViewOfFile
IsBadWritePtr
InterlockedCompareExchange
VirtualProtect
FreeLibrary
OpenProcess
GetUserDefaultUILanguage
GetEnvironmentStrings
SetFileAttributesA
GetTimeFormatW
FormatMessageW
GetProcAddress
CreateThread
UnhandledExceptionFilter
lstrcmpiW
lstrcpyA
CloseHandle
SetEndOfFile
InterlockedIncrement
WriteFile
GetVersion
TerminateProcess
SetLastError
GetVersionExA
GetLocaleInfoA
Sleep
SetEvent
ExpandEnvironmentStringsW
GetLocaleInfoW
ExitProcess
lstrcpyW
GetFileAttributesW
DeleteFileW
HeapFree
InterlockedExchange
GetFileInformationByHandle
GlobalLock
GetDateFormatW
LoadLibraryW
WideCharToMultiByte
CompareStringA
SetStdHandle
LocalAlloc
QueryPerformanceCounter
OpenMutexA
GetProcessHeap
ReadFile
GetModuleHandleW
LocalFree
RtlUnwind
FindResourceW
InterlockedDecrement
TlsAlloc
HeapAlloc

gdi32

EnumFontsW
GetTextMetricsW
SetAbortProc
LPtoDP
DeleteObject
AbortDoc
TextOutW
SetBkMode
GetTextExtentPoint32W
EndDoc
GetDeviceCaps
SelectObject
CreateDCW
GetObjectW
SetViewportExtEx
GetTextFaceW
GetStockObject
StartPage
CreateFontIndirectW
SetMapMode
StartDocW
EndPage
SetWindowExtEx
DeleteDC

msvcrt

_acmdln
_exit
__setusermatherr
__getmainargs
_wtol
wcsncmp
malloc
_cexit
_fileno
wcschr
_amsg_exit
exit
_c_exit
_snwprintf
time
??0exception@@QAE@XZ
localtime
_XcptFilter
?terminate@@YAXXZ
??0exception@@QAE@ABV0@@Z
__p__fmode
_controlfp
wcsncpy
_initterm
??1type_info@@UAE@XZ
__p__commode
_adjust_fdiv
iswctype
__set_app_type

shell32

DragFinish
DragAcceptFiles
ShellAboutW
DragQueryFileW

comdlg32

GetFileTitleW
PrintDlgExW
ReplaceTextW
GetOpenFileNameW
ChooseFontW
PageSetupDlgW
CommDlgExtendedError
FindTextW
GetSaveFileNameW

advapi32

RegQueryValueExW
RegOpenKeyExA
RegSetValueExW
IsTextUnicode
RegCreateKeyW
RegQueryValueExA
RegCloseKey

winspool.drv

ClosePrinter
GetPrinterDriverW
OpenPrinterW

comctl32

CreateStatusWindowW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31ab10f4df69bf4d583b626a33f276a1

Headers

File Characteristics

Imports

user32

kernel32

gdi32

msvcrt

shell32

comdlg32

advapi32

winspool.drv

comctl32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 5.0MB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 5.0MB

.rsrc
Size: 2KB - Virtual size: 2KB