78d934b51f27471ef9ffe2fefe940693_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78d934b51f27471ef9ffe2fefe940693_JaffaCakes118
Size

144KB
MD5

78d934b51f27471ef9ffe2fefe940693
SHA1

ee44c02de43ec71d80e57973ff93353797eabc15
SHA256

d51188308ad9880fbbd27bfecbef4ad9a0420e1cc7490e0ba037815556af071a
SHA512

beade92c4cd6f6577a1f8a3051f13d729cad9e7a12effd13307e5171d0a35b1b6a71bb1b29277c90b11523887f87414f34004e330034c8b8c12f425e81502d2a
SSDEEP

3072:W5idsRjAkZasjH6+B4nYP6oH6ugqzoI7h+aS1GM:W5iGRcoN++qYdgqzo0naGM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78d934b51f27471ef9ffe2fefe940693_JaffaCakes118

Files

78d934b51f27471ef9ffe2fefe940693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9944106028887be4cffb9ae0d478b72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
HeapFree
RaiseException
HeapReAlloc
HeapSize
HeapAlloc
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
TerminateProcess
WideCharToMultiByte
WritePrivateProfileStringA
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
SetStdHandle
IsBadReadPtr
IsBadCodePtr
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetCommandLineA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalLock
SetEndOfFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
GetProcessVersion
GetVersion
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
MultiByteToWideChar
GetLastError
SetLastError
GetStdHandle
InterlockedIncrement
GlobalSize
GlobalUnlock
GetFileType
FreeLibrary
InterlockedDecrement
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
lstrlenA
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
GetModuleFileNameA
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetStartupInfoA
HeapDestroy
GetEnvironmentStringsW
SetHandleCount
GlobalFree
InterlockedExchange

user32

GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetDlgItem
SetWindowLongA
SetWindowPos
DefWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
LoadStringA
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
wsprintfA
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
SetCursor
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
SetForegroundWindow
GetForegroundWindow
RegisterWindowMessageA
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
PostMessageA
PostQuitMessage
ClientToScreen
GetWindow

gdi32

DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap
DeleteDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9944106028887be4cffb9ae0d478b72

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 40KB - Virtual size: 39KB