8e744f3c5f67e072740b49b2f976d30a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e744f3c5f67e072740b49b2f976d30a_JaffaCakes118
Size

185KB
MD5

8e744f3c5f67e072740b49b2f976d30a
SHA1

bcc59ed9f1d2afa811c38c18456c2d92eae7e254
SHA256

dfbe618b71e92a042a6964abe7814f99d7498b9f6cfc7cf2075edcc1fc35a3f9
SHA512

db54ba81125cd84882fb2aea350f6ebbe829772b8ef4c156f584b50666d309baa11f570cb03d70e7a6fbc52287e5fc9c86326c09cd5a939786cad4595c6bb671
SSDEEP

3072:B2A3TIdLPlK6/hGOjgHkejqNnBl3iBU3FYv2cgT5pZdP:BVUPI6pZgHxqNBli42XGpdP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e744f3c5f67e072740b49b2f976d30a_JaffaCakes118

Files

8e744f3c5f67e072740b49b2f976d30a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3226dad808f0a71a019c17d8bb866ff9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathFileExistsW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathAppendW

oledlg

OleUIBusyW

comdlg32

GetFileTitleW

gdi32

GetDeviceCaps
GetWindowExtEx
SaveDC
RectVisible
GetClipBox
GetTextColor
OffsetViewportOrgEx
GetBkColor
SetMapMode
SelectObject
GetMapMode
ScaleWindowExtEx
SetBkColor
DeleteDC
Escape
CreateBitmap
SetWindowExtEx
SetTextColor
ExtTextOutW
PtVisible
DeleteObject
RestoreDC
TextOutW
ExtSelectClipRgn
ScaleViewportExtEx
SetViewportExtEx
GetViewportExtEx
GetObjectW
GetRgnBox
SetViewportOrgEx
GetStockObject
CreateRectRgnIndirect

user32

GetTopWindow
InvalidateRect
LoadIconW
SetActiveWindow
GetMessageTime
UpdateWindow
CopyAcceleratorTableW
WinHelpW
MapWindowPoints
GetClientRect
GetClassLongW
GetMessagePos
SetForegroundWindow
EqualRect
IsIconic
RegisterWindowMessageW
IsWindow
SendDlgItemMessageA
IsRectEmpty
OffsetRect
SetPropW
CreateWindowExW
GetMenu
GetNextDlgGroupItem
GetClassInfoExW
CharNextW
GetPropW
RemovePropW
MessageBeep
DefWindowProcW
IntersectRect
AdjustWindowRectEx
GetForegroundWindow
CharUpperW
CallWindowProcW
InvalidateRgn
GetClassInfoW
IsChild
RegisterClassW
SetRect
GetWindowPlacement
GetNextDlgTabItem
DestroyMenu

ole32

StgCreateDocfileOnILockBytes
CoInitialize
StgOpenStorageOnILockBytes
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject
CoCreateInstance
CoFreeUnusedLibraries
CLSIDFromProgID
OleInitialize
OleUninitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CoUninitialize
OleIsCurrentClipboard
CoTaskMemAlloc
OleFlushClipboard
CLSIDFromString

kernel32

SizeofResource
MoveFileW
GetFileAttributesW
LockResource
EnumResourceLanguagesW
LoadLibraryW
GetCalendarInfoA
MultiByteToWideChar
LoadResource
FindResourceW
CreateFileW
GetThreadContext
CreateMutexW
GetCurrentDirectoryW
GetThreadLocale
InterlockedDecrement
RaiseException
SystemTimeToFileTime
DeleteCriticalSection
WideCharToMultiByte
FreeLibrary
GetLocaleInfoA
InterlockedExchange
EnumResourceNamesA
ReadFile
FindFirstFileW
InitializeCriticalSection
lstrcpyW
WriteFile
GetModuleHandleW
CloseHandle
GetVersion
GetCurrentProcessId
VirtualFree
GetACP
ConvertDefaultLocale
CreateDirectoryW
WaitForSingleObject
DeleteFileW
GetLocaleInfoW
ExitProcess
RemoveDirectoryW
SetFileTime
GetProcAddress
FindClose
FindNextFileW
lstrcmpiA
SetFilePointer
GetSystemDefaultLangID
GetVersionExW
LocalFileTimeToFileTime
GetModuleFileNameW
ReleaseMutex
lstrcmpA

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3226dad808f0a71a019c17d8bb866ff9

Headers

File Characteristics

Imports

winspool.drv

advapi32

shell32

shlwapi

oledlg

comdlg32

gdi32

user32

ole32

kernel32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 78KB - Virtual size: 77KB

.edata Size: 1024B - Virtual size: 236KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 78KB - Virtual size: 77KB

.edata
Size: 1024B - Virtual size: 236KB