8d96ea6b630fbbd1cf1fd5d2ed48b7e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d96ea6b630fbbd1cf1fd5d2ed48b7e3_JaffaCakes118
Size

287KB
MD5

8d96ea6b630fbbd1cf1fd5d2ed48b7e3
SHA1

3961a3e96855b92d2dd4cdb649d9d35a6a610de8
SHA256

19cef584d3fe580f40fe2a350e3320edcf5d7fa826701a45b5e93c5f86a16aab
SHA512

106e82caa273fbe013ea5075f5a6d41904fff7132824704a7677fe7e0cfab4f7a5b33632be4d3eaf8a9ffa91849593c5ac5d34d8e76c451af85b70fdd43b4852
SSDEEP

6144:s1QTf8UKZweJeRWxLbGwwbwcJ3nEtgSyOCqBhE5Gd:s1c0vUqLShlmXPXsGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d96ea6b630fbbd1cf1fd5d2ed48b7e3_JaffaCakes118

Files

8d96ea6b630fbbd1cf1fd5d2ed48b7e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

72eed55055e1d7ce53d83a751e3e11c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
lstrcpynW
lstrcmpiW
lstrcmpW
_lread
_llseek
WriteFile
WideCharToMultiByte
VirtualFree
VirtualAlloc
UnmapViewOfFile
TlsGetValue
TerminateProcess
SystemTimeToFileTime
SizeofResource
SetThreadPriority
SetLastError
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseSemaphore
ReleaseMutex
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
OutputDebugStringA
OpenProcess
OpenEventW
MultiByteToWideChar
MulDiv
MoveFileW
MapViewOfFile
CloseHandle
LockResource
LocalFree
LocalFileTimeToFileTime
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
IsDBCSLeadByte
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalSize
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GetVersionExW
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTimeFormatW
GetTickCount
GetThreadPriority
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemTime
GetSystemInfo
GetSystemDirectoryA
GetSystemDefaultLangID
GetStdHandle
GetStartupInfoW
GetProfileStringW
GetProcessHeap
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetMailslotInfo
GetLogicalDrives
GetLocaleInfoW
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileTime
GetFileSize
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetExitCodeProcess
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetComputerNameExA
GetCommandLineW
GetACP
FreeLibrary
FormatMessageW
FormatMessageA
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindFirstFileExW
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
FatalAppExitA
ExitThread
ExitProcess
EnterCriticalSection
DuplicateHandle
DosDateTimeToFileTime
DeleteFileW
DeleteFileA
DeleteCriticalSection
DebugBreak
CreateThread
CreateSemaphoreW
CreateProcessW
CreateMutexA
CreateMailslotA
CreateFileW
CreateFileMappingW
CreateFileA
CreateEventW
CreateEventA
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
lstrlenW

gdi32

EnumFontFamiliesExW
BitBlt
CloseEnhMetaFile
CloseFigure
CloseMetaFile
CombineRgn
CreateBitmap
CreateBitmapIndirect
CreateBrushIndirect
UnrealizeObject
TranslateCharsetInfo
TextOutW
StrokePath
StretchDIBits
StretchBlt
StartPage
StartDocW
SetWinMetaFileBits
SetTextColor
SetTextAlign
SetStretchBltMode
SetRectRgn
SetPolyFillMode
SetPixelV
SetPixel
SetMapMode
SetDIBitsToDevice
SetDIBits
SetBrushOrgEx
SetBkMode
SetBkColor
SetBitmapBits
SelectPalette
SelectObject
SelectClipRgn
SelectClipPath
SaveDC
RoundRect
RestoreDC
Rectangle
RectVisible
RealizePalette
PtVisible
PolylineTo
Polyline
Polygon
PolyPolygon
PolyBezierTo
PlayEnhMetaFileRecord
PatBlt
PaintRgn
OffsetRgn
MoveToEx
ModifyWorldTransform
MaskBlt
LineTo
LPtoDP
IntersectClipRect
GetWorldTransform
GetWindowOrgEx
GetWindowExtEx
GetViewportOrgEx
GetViewportExtEx
GetTextMetricsW
GetTextExtentPoint32W
GetTextExtentExPointW
GetTextColor
GetTextCharset
GetTextAlign
GetSystemPaletteEntries
GetStockObject
GetPolyFillMode
GetPixel
GetPath
GetPaletteEntries
GetOutlineTextMetricsW
GetObjectW
GetNearestPaletteIndex
GetNearestColor
GetMetaFileBitsEx
GetMapMode
GetKerningPairsW
GetGlyphOutlineW
GetFontData
GetEnhMetaFileW
GetEnhMetaFileHeader
GetDeviceCaps
GetDIBits
GetCurrentObject
GetClipRgn
GetClipBox
GetCharWidthW
GetBkMode
GetBkColor
GetBitmapBits
GdiFlush
FrameRgn
FillRgn
FillPath
ExtTextOutW
ExtCreatePen
Escape
EnumFontFamiliesW
EnumEnhMetaFile
EndPath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
DeleteDC
DPtoLP
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePen
CreatePatternBrush
CreatePalette
CreateMetaFileW
CreateHatchBrush
CreateFontIndirectW
CreateEnhMetaFileW
CreateDIBitmap
CreateDIBSection
CreateDIBPatternBrushPt
CreateCompatibleDC
CreateCompatibleBitmap
BeginPath

shell32

CommandLineToArgvW
DragAcceptFiles
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHGetDesktopFolder
SHGetFolderPathW
ShellExecuteA
SHGetSpecialFolderPathA
DragFinish
SHGetMalloc

comdlg32

GetOpenFileNameW
PrintDlgW
ChooseColorW
CommDlgExtendedError
GetFileTitleW
GetSaveFileNameW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

winmm

waveOutGetDevCapsW
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutClose
mmioOpenA
mmioDescend
mmioCreateChunk
mmioClose
mmioAscend
timeSetEvent
timeKillEvent
timeGetTime
timeGetDevCaps
timeEndPeriod
mmioWrite
timeBeginPeriod
mmioRead
waveOutWrite
mmioOpenW

msvfw32

ICCompressorFree
ICCompressorChoose

imm32

ImmSetCompositionWindow
ImmSetCompositionFontW
ImmSetCandidateWindow
ImmReleaseContext
ImmNotifyIME
ImmGetVirtualKey
ImmGetContext
ImmGetCompositionStringW

ws2_32

WSAStartup
WSACleanup

shlwapi

PathFileExistsW
SHDeleteKeyW

wininet

HttpAddRequestHeadersW
InternetErrorDlg

ole32

CoTaskMemFree
CoTaskMemAlloc
OleDraw
ReleaseStgMedium
StgCreateDocfile
StgIsStorageFile
StgOpenStorage
CoInitialize
CoFreeUnusedLibraries
CoCreateInstance
CoUninitialize

oleaut32

SysAllocString
VariantClear
SysFreeString

Sections

.text
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72eed55055e1d7ce53d83a751e3e11c2

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

comdlg32

version

winmm

msvfw32

imm32

ws2_32

shlwapi

wininet

ole32

oleaut32

Sections

.text Size: 153KB - Virtual size: 156KB

.rdata Size: 107KB - Virtual size: 108KB

.data Size: 16KB - Virtual size: 92KB

.idata Size: 11KB - Virtual size: 12KB

.rsrc Size: 13KB - Virtual size: 16KB

.text
Size: 153KB - Virtual size: 156KB

.rdata
Size: 107KB - Virtual size: 108KB

.data
Size: 16KB - Virtual size: 92KB

.idata
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 13KB - Virtual size: 16KB