8e0b598dc2ed8f5ca25b720899f0f722_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e0b598dc2ed8f5ca25b720899f0f722_JaffaCakes118
Size

184KB
MD5

8e0b598dc2ed8f5ca25b720899f0f722
SHA1

25a655367e980804f63d6fc8416c10d5fbba087e
SHA256

2dd835ee0545bb4a519bd6325e796892cca33516391f511951264fec1eddc1f1
SHA512

d39c3f86cb72e51b79f1657d8dfef1e04527ae64b11a31b450ce8aa5d1694d009a788dca9a55da632acc268c9e02249f9c919b52504a9f73e2ef60d892890a11
SSDEEP

3072:EyP1rwI+PWTu1GfjABMqHnDI9UPmnJBrop2EJXo1j8ScKreNXW:fVQWTPfsBMEnU9UPmJSpVpDNX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e0b598dc2ed8f5ca25b720899f0f722_JaffaCakes118

Files

8e0b598dc2ed8f5ca25b720899f0f722_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c1f946de0ae8783ae92980d8efd2ad46

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileInformationByHandle
PeekNamedPipe
GetSystemTime
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
WinExec
CopyFileA
GetLocalTime
GetPrivateProfileIntA
GetPrivateProfileStringA
ResetEvent
MoveFileExA
GetStdHandle
LocalAlloc
RtlUnwind
ExitProcess
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetFileType
ResumeThread
TlsSetValue
ExitThread
GetTimeZoneInformation
GetCommandLineA
HeapSize
GetProcessHeap
DeleteCriticalSection
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
SetHandleCount
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetEndOfFile
UnhandledExceptionFilter
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpynA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalAlloc
LocalReAlloc
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
GetProcessVersion
lstrcmpA
GlobalFlags
HeapAlloc
HeapFree
MoveFileA
FindNextFileA
OpenEventA
GetOverlappedResult
ReleaseMutex
WaitForSingleObject
GetLogicalDrives
GetVersionExA
GetCurrentDirectoryA
lstrlenA
FindFirstFileA
SearchPathA
FindClose
GetDriveTypeA
DeviceIoControl
CreateMutexA
CreateDirectoryA
CreateThread
CreateEventA
FormatMessageA
LocalFree
SetEvent
DeleteFileA
GetTickCount
GetTempPathA
WideCharToMultiByte
SetFileAttributesA
WriteFile
CreateProcessA
Sleep
GetShortPathNameA
GetFileSize
IsBadReadPtr
ReadFile
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
SetFilePointer
GetWindowsDirectoryA
GetSystemDirectoryA
CreateFileA
GetCurrentProcess
GetLastError
GetVersion
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
CloseHandle
GetModuleFileNameA
LoadLibraryA
GetProcAddress
InitializeCriticalSection
FreeLibrary
RaiseException

user32

GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetMenuItemCount
WinHelpA
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
LoadStringA
FindWindowA
MessageBoxA
GetSubMenu
GetMenuItemID
GetClassInfoA
RegisterClassA
GetMenu
ShowWindow
wsprintfA

advapi32

GetLengthSid
AddAccessAllowedAce
RegSetKeySecurity
FreeSid
RegDeleteValueA
CreateProcessAsUserA
StartServiceCtrlDispatcherA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
CloseServiceHandle
SetServiceStatus
RegCreateKeyA
RegOpenKeyExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegisterServiceCtrlHandlerA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
AllocateAndInitializeSid
InitializeSid
GetSidLengthRequired
RegQueryInfoKeyA
RegEnumValueA
StartServiceA
InitializeAcl

shlwapi

PathFileExistsA
StrToIntA
SHDeleteKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ord17

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

Sections

.text
Size: 136KB - Virtual size: 133KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1f946de0ae8783ae92980d8efd2ad46

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

version

comctl32

gdi32

winspool.drv

Sections

.text Size: 136KB - Virtual size: 133KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 20KB - Virtual size: 1.4MB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 136KB - Virtual size: 133KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 20KB - Virtual size: 1.4MB

.rsrc
Size: 4KB - Virtual size: 2KB