8d736bb3a2969b1179200576b52a63aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d736bb3a2969b1179200576b52a63aa_JaffaCakes118
Size

152KB
MD5

8d736bb3a2969b1179200576b52a63aa
SHA1

786f187aa3f53db0aaf3cbc95f97c0fc6abc2223
SHA256

57cd1805011823252bf4db7b9bb64806a439d2ebc1221cc2ac8939c052d89df4
SHA512

918fe422ed0e985ac1d223969e5bbd2c95a7df1f56a05f116fd2e15d8619abbd9d17e6c7cf0075f4316ed05cef884639f2814cc8b67b60a430abf3376c735291
SSDEEP

3072:95oJt1dQHftBpNtk+Eb4CCqHVqZXqc22eiGY8ykoVUm7XJsQQOC:PoJt1dQ13XEcqHVWqW9Go7R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d736bb3a2969b1179200576b52a63aa_JaffaCakes118

Files

8d736bb3a2969b1179200576b52a63aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55eee0ee0989604416d42b663133cd04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
ntohs
gethostbyname
WSACleanup
WSAStartup

kernel32

LocalReAlloc
TlsGetValue
GetProcessVersion
GetFileAttributesA
GlobalFlags
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
ExitProcess
GetACP
CreateThread
ExitThread
RaiseException
TerminateProcess
HeapSize
HeapReAlloc
GetStringTypeA
GlobalReAlloc
TlsSetValue
WideCharToMultiByte
LCMapStringW
SetStdHandle
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
SetErrorMode
GlobalLock
GlobalAlloc
lstrcmpA
GetCurrentThread
FindNextFileA
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
ReadFile
lstrlenA
GetCurrentThreadId
DuplicateHandle
SuspendThread
FileTimeToSystemTime
SetThreadPriority
FileTimeToLocalFileTime
MultiByteToWideChar
LocalFree
GetStringTypeW
InterlockedDecrement
CreateFileA
DeleteCriticalSection
InterlockedIncrement
GetPrivateProfileIntA
SetLastError
GetCommandLineA
WaitForMultipleObjects
WaitForSingleObject
ResumeThread
CreateEventA
GetTickCount
Sleep
OpenEventA
SetEvent
EnterCriticalSection
SetFilePointer
WriteFile
LeaveCriticalSection
lstrcpynA
LCMapStringA
GetProcAddress
GetLastError
DefineDosDeviceA
GetVersionExA
CloseHandle
DeviceIoControl
HeapFree
HeapAlloc
GetProcessHeap
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetFileTime
GetFileSize
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
lstrcpyA
GetModuleFileNameA
InitializeCriticalSection

user32

SetWindowTextA
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ShowWindow
GetMenuState
LoadBitmapA
ModifyMenuA
PostQuitMessage
LoadStringA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
GetMenuCheckMarkDimensions
DestroyMenu
TabbedTextOutA
ClientToScreen
GrayStringA
SetCursor
GetTopWindow
MessageBoxA
GetParent
GetClassInfoA
RegisterClassA
GetMenu
DrawTextA
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CharUpperA
GetActiveWindow
SendMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
EnableWindow
PostThreadMessageA
GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
CharPrevA
wsprintfA
LoadIconA
PostMessageA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
GetCapture
WinHelpA
GetDlgItem
GetMessageTime
RemovePropA
GetMenuItemCount

gdi32

GetClipBox
SetTextColor
SetBkColor
GetObjectA
CreateBitmap
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCreateKeyA
CreateServiceA
DeleteService
SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ChangeServiceConfigA
SetServiceStatus
InitializeSecurityDescriptor
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
QueryServiceStatus
ControlService
RegOpenKeyA

shell32

ShellExecuteA

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55eee0ee0989604416d42b663133cd04

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

version

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB