8787ab0122b63692d45c711c62a9ae5b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8787ab0122b63692d45c711c62a9ae5b_JaffaCakes118
Size

415KB
MD5

8787ab0122b63692d45c711c62a9ae5b
SHA1

08775e96e366e268baef80c5f24da6f3ca2b657e
SHA256

858c1a15ec73430b4d1dc2f3c3fa1365ba935c4d2d03718d290f71847e352935
SHA512

56f375b0ef196327a9c75714ab8435a5dd49d9bec8ff7073ba487bfacb407152ace3910b6107bba5d016fb7d89615c9ef161d3b074504bc28ffa3fdcee859592
SSDEEP

6144:qE5WuXs2oRlewgvbhHm+UQVgz2kSnzcuxuCQWHX9VPF15FfbXuZow1C7uDZ1w+:jqZE9G+UQVgz2kSouxuRgXFdSowb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8787ab0122b63692d45c711c62a9ae5b_JaffaCakes118

Files

8787ab0122b63692d45c711c62a9ae5b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b16041ed7dcb3a5a3992074d4558124

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
ScreenToClient
RegisterWindowMessageW
IsDialogMessageW
SetFocus
SetScrollPos
RedrawWindow
CharLowerW
DefWindowProcW
UpdateWindow
GetDlgItem
ShowWindow
GetMessageW
DestroyIcon
SendMessageW
DeleteMenu
GetWindowTextLengthW
DestroyWindow
SetWindowPlacement
SetActiveWindow
SetDlgItemTextW
EqualRect
CharNextW
DrawIconEx
GetWindowRect
CheckMenuItem
SetWindowRgn
PostQuitMessage
IsClipboardFormatAvailable
DrawFocusRect
IsIconic
GetDC
GetSystemMetrics
GetMenu
RegisterClassExW
GetCursorPos
DestroyMenu
GetForegroundWindow
GetMenuItemID
LoadCursorW
EnableMenuItem
WinHelpW
GetFocus
wsprintfA
LoadStringW
GetWindowTextW
TranslateAcceleratorW
LoadIconW
InvalidateRect
GetSubMenu
CreateDialogParamW
GetWindowLongW
SendDlgItemMessageW
EnableWindow
GetDlgCtrlID
LoadImageW
GetKeyboardLayout
GetWindowPlacement
UnregisterClassA
DispatchMessageW
CreateWindowExA
MessageBoxW
OpenClipboard
ReleaseDC
SetWindowTextW
SetCursor
DrawIcon
GetDesktopWindow
TranslateMessage
wsprintfW
PostMessageW
GetClientRect
CreateWindowExW
SetWindowLongW
UnhookWinEvent
SetWinEventHook
ChildWindowFromPoint
DialogBoxParamW
PeekMessageW
GetMenuState
CharUpperW
GetParent
GetSystemMenu
MessageBeep
CloseClipboard
DrawTextExW
MoveWindow
LoadAcceleratorsW
EndDialog

kernel32

CreateEventW
OpenEventW
InterlockedIncrement
LocalUnlock
QueryPerformanceCounter
SetHandleCount
GetStartupInfoA
GlobalUnlock
SetFilePointer
CompareStringW
SetEndOfFile
VirtualAlloc
DisableThreadLibraryCalls
GlobalFree
HeapReAlloc
FindFirstFileW
GetTimeFormatW
GetEnvironmentStrings
UnhandledExceptionFilter
GetUserDefaultLCID
LocalLock
MultiByteToWideChar
GetLocaleInfoA
GetSystemInfo
GlobalLock
GetFileInformationByHandle
GetStartupInfoW
VirtualProtect
FreeLibrary
GetCurrentProcess
GetModuleFileNameA
FoldStringW
GetFileAttributesA
HeapDestroy
CreateProcessA
lstrcatW
lstrlenW
GetUserDefaultUILanguage
GetSystemTimeAsFileTime
HeapCreate
GetFullPathNameW
GetTempFileNameA
FormatMessageW
GetFileTime
DeleteFileW
CompareFileTime
Sleep
GetTickCount
MapViewOfFile
lstrcpyW
FindClose
LocalAlloc
GetModuleHandleA
GetModuleHandleW
LocalReAlloc
GetLastError
lstrcmpA
HeapAlloc
GetLocaleInfoW
LoadLibraryA
RaiseException
GetStringTypeW
GetTempPathW
EnterCriticalSection
GetEnvironmentVariableW
CreateFileMappingW
UnmapViewOfFile
GetACP
WideCharToMultiByte
LocalFree
ReadFile
InitializeCriticalSection
WriteFile
GetCommandLineW
SetLastError
GetFileAttributesW
TlsAlloc
GetCommandLineA
LoadLibraryW
TerminateProcess
CloseHandle
SetStdHandle
GetLocalTime
SizeofResource
InterlockedExchange
GetFullPathNameA
CreateFileW
GetDateFormatW
FreeEnvironmentStringsW
GlobalReAlloc
GetCurrentProcessId
SetUnhandledExceptionFilter
lstrcmpW
GetCurrentThreadId
LCMapStringA
MulDiv
lstrcmpiW
GetCPInfo
GetProcAddress
MoveFileExW
lstrcpynW
CreateThread
GetStdHandle
LocalSize
SetCurrentDirectoryA
ExitProcess

msvcrt

_XcptFilter
time
_acmdln
_c_exit
__p__commode
__setusermatherr
_CxxThrowException
_cexit
iswctype
localtime
_exit
_adjust_fdiv
_wtoi
_controlfp
wcsncpy
memset
exit
_initterm
__getmainargs
_snwprintf
_wtol
wcschr
__p__fmode
wcsncmp
__set_app_type

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
FindTextW
PageSetupDlgW
PrintDlgExW
GetFileTitleW
ReplaceTextW
CommDlgExtendedError

gdi32

EnumFontsW
LPtoDP
SetBkMode
SelectObject
GetStockObject
GetTextFaceW
DeleteObject
CreateFontIndirectW
CreateDCW
EndDoc
EndPage
GetObjectW
StartDocW
TextOutW
SetAbortProc
SetMapMode
GetTextExtentPoint32W
SetViewportExtEx
GetTextMetricsW
DeleteDC
AbortDoc
GetDeviceCaps
StartPage
SetWindowExtEx

shell32

DragAcceptFiles
DragQueryFileW
ShellAboutW
DragFinish

advapi32

IsTextUnicode
RegOpenKeyExA
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegCreateKeyW
RegQueryValueExW

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

comctl32

CreateStatusWindowW

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 254B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b16041ed7dcb3a5a3992074d4558124

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

comdlg32

gdi32

shell32

advapi32

winspool.drv

comctl32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 331KB - Virtual size: 330KB

.data Size: 71KB - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 254B

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 331KB - Virtual size: 330KB

.data
Size: 71KB - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 254B

.rsrc
Size: 2KB - Virtual size: 1KB