8529cb979ede6e3e1358110e3df30b2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8529cb979ede6e3e1358110e3df30b2c_JaffaCakes118
Size

290KB
MD5

8529cb979ede6e3e1358110e3df30b2c
SHA1

185a1cd76162f35aec97d2950debb4224bf8de2f
SHA256

655613d9af9236d2dabf6b3d488ef8ac00a5c41f454f32d75be059434d21fddc
SHA512

2a171e52833b93f5330d0d55c5bcb398a1c4b3ac5a678c01091000a15c9d0ce64e0573d7093b2c2148a583f35bb6aebaa20091850d9bee49b985501b3c810c2f
SSDEEP

6144:C6wCMW49E6M+lHvGvhwR3GmtcjUpFJaClWe+JgY:C62lxvGvhwl9cjUpntEgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8529cb979ede6e3e1358110e3df30b2c_JaffaCakes118

Files

8529cb979ede6e3e1358110e3df30b2c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17d8d28ea070f8285321b9e1d84fcbfc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
GetCPInfo
HeapFree
GetACP
GetOEMCP
GetTimeZoneInformation
GetCommandLineA
HeapAlloc
CreateThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
TlsAlloc
GetStartupInfoA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SleepEx
GetExitCodeThread
Sleep
SetEvent
CloseHandle
WaitForSingleObject
ResumeThread
GetCurrentThreadId
SuspendThread
CreateEventA
LoadResource
LockResource
lstrcatA
LocalFree
MultiByteToWideChar
GetProfileStringA
GetModuleHandleA
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
SizeofResource
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetModuleFileNameA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
LoadLibraryA
GetProcAddress
GetLastError
SetLastError
TlsGetValue
LocalReAlloc
TlsSetValue
WideCharToMultiByte
lstrlenA
GlobalReAlloc
GlobalHandle
GlobalFlags
LocalAlloc
InterlockedDecrement
InterlockedIncrement
GetProcessVersion
lstrcmpiA
MulDiv
GlobalGetAtomNameA
GetVersion
lstrcpyA
GlobalDeleteAtom
GlobalAddAtomA
GlobalAlloc
LCMapStringW
GetDiskFreeSpaceA
lstrcmpA
ExitThread
GetCurrentThread
GetFileTime
GetFullPathNameA
GetTempFileNameA
GetFileAttributesA
SetFileTime
lstrcpynA
GlobalLock
ReleaseSemaphore
CreateSemaphoreA
FreeLibrary
GlobalUnlock
GlobalFree
FindResourceA
IsBadCodePtr
LCMapStringA

user32

IsIconic
FillRect
InvalidateRect
IsRectEmpty
OffsetRect
SetRectEmpty
IsZoomed
ReleaseDC
GetDC
PostQuitMessage
ShowOwnedPopups
SetCursor
MessageBoxA
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
GetDesktopWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
WindowFromPoint
SetRect
IntersectRect
InflateRect
InsertMenuA
DeleteMenu
GetMenuStringA
DestroyIcon
GetDCEx
LockWindowUpdate
SetCapture
SetParent
AppendMenuA
GetSystemMenu
InvertRect
PostMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScreenToClient
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
IsChild
EndDialog
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
DestroyWindow
CreateWindowExA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindowRect
RegisterWindowMessageA
SetFocus
IsWindowEnabled
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgCtrlID
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
CharUpperA
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
MessageBeep
GetParent
KillTimer
UpdateWindow
LoadIconA
SetTimer
EnableWindow
GetWindow
SendMessageA
GetSystemMetrics
CreateDialogIndirectParamA
WaitMessage
GetCapture
WinHelpA
DefWindowProcA
SetForegroundWindow
GetForegroundWindow
GetTopWindow
ExcludeUpdateRgn
DrawFocusRect
ShowCaret
UnregisterClassA
HideCaret
CharNextA
IsWindowUnicode
DefDlgProcA

gdi32

SetTextColor
LPtoDP
GetObjectA
GetTextExtentPointA
GetTextMetricsA
SelectObject
CreateRectRgnIndirect
GetDeviceCaps
PatBlt
DeleteDC
DeleteObject
RestoreDC
GetStockObject
SaveDC
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
SelectClipRgn
ScaleWindowExtEx
CreateBitmap
ExcludeClipRect
IntersectClipRect
SetBkColor
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
CombineRgn
SetRectRgn
BitBlt
CreateCompatibleDC
CreateDIBitmap

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegSetValueA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
SetFileSecurityA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegQueryValueA
GetFileSecurityA

shell32

ExtractIconA
SHGetFileInfoA
DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

wsock32

accept
htons
WSAGetLastError
bind
closesocket
recv
send
WSAAsyncSelect
inet_ntoa
socket
recvfrom
sendto
connect
WSASetLastError
WSAStartup
WSACleanup
htonl
ioctlsocket
gethostbyname

Sections

.text
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17d8d28ea070f8285321b9e1d84fcbfc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 182KB - Virtual size: 181KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 11KB - Virtual size: 26KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 25KB - Virtual size: 25KB

.text
Size: 182KB - Virtual size: 181KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 11KB - Virtual size: 26KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 25KB - Virtual size: 25KB