a0a4b2aeb48778c65ef779932c02bb6e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0a4b2aeb48778c65ef779932c02bb6e_JaffaCakes118
Size

680KB
MD5

a0a4b2aeb48778c65ef779932c02bb6e
SHA1

d6a4d245737c0829e82e6465cab04f90435b8a6d
SHA256

04fa51050585368db55092285416ac12c4794274e7d85a442a5a66b635107580
SHA512

5d2013b1b72ce6303046f9121b461bf9b2bc106434db283a883049d86c210c34696473bef2accc157c05915ce056ed16eec3c0fbd65916e9dbc0fd82bafea5df
SSDEEP

12288:vF9/BbbAUc+PPGIIgePYZEfpXtEmSmKQLMK1i13tET9Imgsg3LK4WPytiYDCIQ:vPJvdPGIIgD2fp9Z1LLMgiltECXsEK4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a4b2aeb48778c65ef779932c02bb6e_JaffaCakes118

Files

a0a4b2aeb48778c65ef779932c02bb6e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

208067b8c0c4e5b53682585adbd82762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\acowowampv\ctmaiqfc.pdb

Imports

kernel32

SetEnvironmentVariableA
ExitProcess
TerminateProcess
InterlockedExchange
GetCPInfo
ReadFile
LeaveCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
VirtualQuery
SetLastError
InterlockedDecrement
GetCurrentProcessId
TlsAlloc
RtlUnwind
HeapFree
HeapCreate
GetVersion
TlsSetValue
LCMapStringA
GetFileType
GetStringTypeW
SetUnhandledExceptionFilter
GetCurrentProcess
CompareStringA
GetACP
RaiseException
GetStringTypeA
GetCurrentThreadId
CloseHandle
GetModuleHandleA
GetStdHandle
SetStdHandle
LoadLibraryA
GetStartupInfoA
FlushFileBuffers
CompareStringW
IsBadCodePtr
GetCommandLineA
SetFilePointer
QueryPerformanceCounter
SetHandleCount
HeapDestroy
FreeEnvironmentStringsA
HeapAlloc
GetOEMCP
WriteFile
LCMapStringW
GetProcAddress
GetTickCount
CreateMutexA
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStringsW
TlsGetValue
WideCharToMultiByte
GetLocalTime
GetLastError
GetModuleFileNameA
InterlockedIncrement
GetSystemTime
OpenMutexA
HeapReAlloc
VirtualFree
InitializeCriticalSection
EnterCriticalSection
GetTimeZoneInformation
GetEnvironmentStrings
UnhandledExceptionFilter
VirtualAlloc

gdi32

FrameRgn
PlgBlt
PolyPolyline
Escape
UnrealizeObject
CreateRectRgnIndirect
SetBitmapDimensionEx
GetClipRgn
ExtTextOutA
GetROP2
CreateDiscardableBitmap
GetCharABCWidthsFloatA
DrawEscape
PtInRegion
CreateBitmapIndirect
SetROP2
Ellipse
CreateHalftonePalette
GetTextColor
GetBrushOrgEx
GetColorAdjustment
GetRgnBox
AbortDoc
EnumObjects
SetRectRgn
WidenPath
GetObjectA
GetCharWidthA
CreatePolyPolygonRgn
DeleteObject
GetMiterLimit
ExcludeClipRect
GetRegionData
MoveToEx
AbortPath
StretchBlt
PlayMetaFile
ResetDCA
CreateCompatibleBitmap
GetBitmapDimensionEx
GetDeviceCaps
AnimatePalette
AngleArc
CreateDCA
ExtEscape
CloseFigure
CreateBrushIndirect
SelectObject
GetCharABCWidthsA
CreatePen
RectInRegion
RealizePalette
SetViewportOrgEx
CreatePenIndirect
SetMapMode
GetAspectRatioFilterEx
GetBkColor
SetTextColor
CreateCompatibleDC
GetBitmapBits
Pie
GetTextExtentPointA
GetOutlineTextMetricsA
GetTextFaceA
GetCurrentObject
SetTextAlign
DeleteDC
GdiComment
GetCharWidthFloatA
GetKerningPairsA
CreateRoundRectRgn
RoundRect
SetMiterLimit

comctl32

ImageList_GetDragImage
ImageList_Merge
ImageList_DragLeave
ImageList_GetImageCount
ImageList_SetOverlayImage
ImageList_Write
ImageList_Destroy
ImageList_GetIcon
ImageList_EndDrag
ImageList_Read
ImageList_Replace
ImageList_LoadImageA
ord17
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_GetImageInfo
ImageList_AddMasked
ImageList_Create
PropertySheetA
ImageList_DragMove
ImageList_Add
ImageList_Remove
ImageList_BeginDrag
ImageList_Draw
CreatePropertySheetPageA
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_DragEnter
ImageList_DragShowNolock
DestroyPropertySheetPage

user32

GetMenu
GetSystemMenu
SetWindowsHookExA
CallNextHookEx
PostQuitMessage
ShowWindow
LoadBitmapA
GetMenuStringA
FindWindowA
RemovePropA
GetWindowLongA
GetMessageTime
DestroyCursor
SystemParametersInfoA
OffsetRect
PostMessageA
BeginPaint
EnableWindow
CreateWindowExA
ReleaseDC
LoadCursorA
GetNextDlgTabItem
GetMenuItemCount
SetCapture
RegisterWindowMessageA
DestroyIcon
IsZoomed
GetFocus
CreateCaret
ClientToScreen
SetWindowTextA
SendMessageA
CallWindowProcA
GetMenuState
GetWindowTextLengthA
GetClassNameA
GetForegroundWindow
LoadStringA
GetActiveWindow
DrawFrameControl
InflateRect
IsWindow
EndPaint
MessageBeep
RegisterClassA
wvsprintfA
GetSystemMetrics
MapWindowPoints
MessageBoxA
TrackPopupMenu
CheckMenuItem
GetUpdateRect
DestroyWindow
GetDC
RedrawWindow
LoadIconA
GetWindowTextA
SetScrollPos
SetWindowLongA
GetCapture
SetTimer
GetClientRect
GetSubMenu
UpdateWindow
GetMenuItemInfoA
RegisterClassExA
KillTimer
GetCursorPos
SetActiveWindow
LoadMenuA

winspool.drv

EnumPrintersA
GetPrinterDriverDirectoryA
AddPrinterDriverA
AddPrinterA
ClosePrinter
ord204
DeviceCapabilitiesA
EnumPrinterDriversA
EnumJobsA
GetPrinterA
OpenPrinterA
DocumentPropertiesA

advapi32

GetLengthSid
SetSecurityDescriptorGroup
RegDeleteKeyA
InitializeAcl
RegOpenKeyExA
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
RegEnumKeyA
AllocateAndInitializeSid

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 469KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

208067b8c0c4e5b53682585adbd82762

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

user32

winspool.drv

advapi32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 472KB - Virtual size: 469KB

.data Size: 104KB - Virtual size: 117KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 472KB - Virtual size: 469KB

.data
Size: 104KB - Virtual size: 117KB

.rsrc
Size: 24KB - Virtual size: 21KB