a0a8e70846bb5ad78dd8b4a38a93e78a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a0a8e70846bb5ad78dd8b4a38a93e78a_JaffaCakes118
Size

132KB
MD5

a0a8e70846bb5ad78dd8b4a38a93e78a
SHA1

4f407c37703d5d137dc7ce29ab1b6637c312345c
SHA256

a49d7ea41d874abd7db10470efbc40b9aae7d61169bbe7daf3f978e9af1e4b65
SHA512

f507bf38614514c19e528e4cc83505ab4966b622207851709cb7e01805a7b1ce9f7490fd8d7025bfa3dde79e2254ab98604edaf5008eaad144683515c0ace36d
SSDEEP

1536:qKW2irjJflnLt2cT5QmcCAbKPY6G1MeeVTPZ9uj6XwfofyfWaOroo3qPrgRaWFxH:VW19nxXMVbQY6GCe6DZfgyoo3EKa2xI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0a8e70846bb5ad78dd8b4a38a93e78a_JaffaCakes118

Files

a0a8e70846bb5ad78dd8b4a38a93e78a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cad2922a4b5339aad9397f436bb18f7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetProcessVersion
GetFileAttributesA
GetFileSize
GetFileTime
SetFileAttributesA
SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
GetStartupInfoA
ExitProcess
HeapAlloc
HeapFree
ExitThread
RaiseException
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapReAlloc
HeapSize
LCMapStringA
LCMapStringW
LocalReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MulDiv
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalFindAtomA
GetModuleHandleA
GetTempFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SuspendThread
SetEvent
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalAddAtomA
TerminateProcess
GetCurrentProcess
GetWindowsDirectoryA
CreateMutexA
FreeLibrary
LoadLibraryA
GetProcAddress
GetVersionExA
GetCommandLineA
OpenProcess
CreateThread
SetThreadPriority
ResumeThread
GetCurrentProcessId
CreateProcessA
CreateEventA
WaitForSingleObject
CloseHandle
GetLastError
FormatMessageA
LocalFree
GetModuleFileNameA
lstrlenA
lstrcpyA

user32

CopyRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CharUpperA
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
SetCursor
PostMessageA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
KillTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
SetTimer
LoadIconA
PostQuitMessage
MessageBoxA
wsprintfA
UnregisterClassA

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteObject
DeleteDC
ScaleViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportExtEx
GetObjectA
SetBkColor
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
CreateBitmap
SetTextColor
GetClipBox

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegNotifyChangeKeyValue
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17

wininet

InternetGetConnectedState

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cad2922a4b5339aad9397f436bb18f7a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wininet

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 11KB