7914ddf91a1bbb009432ec51b22bcc80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7914ddf91a1bbb009432ec51b22bcc80_JaffaCakes118
Size

494KB
MD5

7914ddf91a1bbb009432ec51b22bcc80
SHA1

a7c74e7977db75f3704bc3325fbea201f41ba7cb
SHA256

c56efe96c28b1954f33c2176f9cf995efffa85e68b353c579406a2b073725878
SHA512

b0420b0df2396504f81a51b730491e8529e74992ac99a0de65cbd6229cf9810e2c5059cd56a95bb390b6a8d259392f15616de32e4af059c26f93885c787471df
SSDEEP

12288:N3tNSfiyTDlEbSfiIzjKMelnfkYMj9LdKvg6/:dtYfbTDl+SjjKMelfkYnY6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7914ddf91a1bbb009432ec51b22bcc80_JaffaCakes118

Files

7914ddf91a1bbb009432ec51b22bcc80_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06af35bae227dd083a1211985ebfc1b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\x

Imports

user32

GetMenuItemCount
DestroyIcon
ClientToScreen
LoadAcceleratorsW
GetMenuItemInfoW
SystemParametersInfoW
UnhookWindowsHookEx
DestroyWindow
RegisterClassW
ReleaseDC
WindowFromPoint
TranslateMessage
SetForegroundWindow
DestroyAcceleratorTable
TranslateAcceleratorW
LoadIconW
CreateWindowExW
EndDialog
GetIconInfo
MessageBoxW
ShowWindow
DefWindowProcW
GetSysColor
GetFocus
LoadStringW
RegisterClassExW
EmptyClipboard
LoadCursorW
GetWindowLongW
LoadBitmapW
CallNextHookEx
CopyAcceleratorTableW

comctl32

ImageList_Create
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetIconSize

advapi32

InitializeSecurityDescriptor
RegDeleteValueA
StartServiceA
RegQueryInfoKeyA
SetSecurityDescriptorDacl
RegQueryValueA
AdjustTokenPrivileges
RegCreateKeyA
RegEnumValueA
DeleteService
RegSetValueA
LookupPrivilegeValueA
CreateServiceA
QueryServiceConfigA
RegEnumKeyA
OpenSCManagerA
OpenProcessToken
OpenServiceA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
ControlService
CloseServiceHandle
GetUserNameA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

ole32

CreateStreamOnHGlobal
OleIsCurrentClipboard
StringFromCLSID
OleUninitialize
OleInitialize
CoTaskMemAlloc
OleLockRunning
CLSIDFromString

shell32

DragAcceptFiles
SHGetDesktopFolder
SHGetPathFromIDListA
DragQueryFileA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

kernel32

FreeEnvironmentStringsA
GetLastError
GetModuleHandleW
DeleteCriticalSection
GetStartupInfoA
VirtualQuery
WriteFile
TlsAlloc
GetLocaleInfoA
GetProcessHeap
EnterCriticalSection
HeapCreate
GetDateFormatA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
TerminateProcess
SetStdHandle
GetOEMCP
VirtualAlloc
QueryPerformanceCounter
LCMapStringA
GetStartupInfoW
SetHandleCount
TlsGetValue
GetTickCount
TlsFree
GetCurrentProcess
GetConsoleMode
GetCurrentProcessId
RtlUnwind
CreateMutexW
MultiByteToWideChar
WriteConsoleW
HeapDestroy
UnhandledExceptionFilter
GetFileType
GetTimeFormatA
GetVersionExA
LCMapStringW
LeaveCriticalSection
WriteConsoleA
CloseHandle
SetFilePointer
ExitProcess
GetProcAddress
InitializeCriticalSection
GetStringTypeA
GetTimeZoneInformation
HeapReAlloc
GetModuleFileNameA
InterlockedExchange
GetStringTypeW
GetCurrentThreadId
GetConsoleCP
TlsSetValue
SetEnvironmentVariableA
HeapSize
VirtualFree
IsDebuggerPresent
GetConsoleOutputCP
WideCharToMultiByte
IsValidCodePage
GetCPInfo
Sleep
InterlockedDecrement
GetStdHandle
GetCommandLineW
GetEnvironmentStrings
GetACP
GetModuleFileNameW
SetLastError
GetModuleHandleA
LoadLibraryW
CreateFileA
RaiseException
ReadFile
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
FlushFileBuffers
CompareStringW
InterlockedIncrement
LoadLibraryA
CompareStringA
GetCommandLineA
HeapAlloc
HeapFree

gdi32

GetTextExtentPoint32W
GetObjectW
AbortDoc
GetBkMode
GetStockObject
CreateDCW
CreateDIBSection
CreateRectRgnIndirect
ExtFloodFill
SetWindowOrgEx
SelectClipRgn
DeleteDC
SelectObject
PatBlt
SetTextAlign
StretchDIBits
DeleteObject
CreatePalette
SetStretchBltMode
CreatePen
CreatePolygonRgn
SetWindowExtEx
SetBkColor
GetDeviceCaps

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06af35bae227dd083a1211985ebfc1b8

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

advapi32

ole32

shell32

winspool.drv

kernel32

gdi32

Sections

.text Size: 118KB - Virtual size: 117KB

.rdata Size: 256KB - Virtual size: 256KB

.data Size: 81KB - Virtual size: 91KB

.rsrc Size: 38KB - Virtual size: 37KB

.text
Size: 118KB - Virtual size: 117KB

.rdata
Size: 256KB - Virtual size: 256KB

.data
Size: 81KB - Virtual size: 91KB

.rsrc
Size: 38KB - Virtual size: 37KB