a3a404d987b175a0d2857058f0dd0255_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3a404d987b175a0d2857058f0dd0255_JaffaCakes118
Size

288KB
MD5

a3a404d987b175a0d2857058f0dd0255
SHA1

9e9504c8d396b188a1904c004fe94964080d5a56
SHA256

0d05f426ed54e4b6485198c630276b77be33caa99e15768f118670a996948b4d
SHA512

2c8f91ccb9165d073dfb7113c22f5d0598cf01d39e3eac42bc156748e33a3fa02cc933d8278f1f8077e5b6d02b8cae0754b8e9baa78eca60ccf7eb5c35689c3d
SSDEEP

3072:SBtKA7auJPvwdTNHlO/+iiW3VDu20Rn5PNOHz7aVP/dhSwjjT1HWSSUiYOFv3+mi:i7auJHsT1cGAu/RWWVXSwjXgn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3a404d987b175a0d2857058f0dd0255_JaffaCakes118

Files

a3a404d987b175a0d2857058f0dd0255_JaffaCakes118
.exe windows:4 windows x86 arch:x86

afe65a8b7a72de804806d13c23c46cdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetImageCount
ImageList_SetBkColor
ord17
ImageList_ReplaceIcon

user32

SetWindowLongW
GetWindowRect
SendMessageW
SetWindowPos
EndDeferWindowPos
GetKeyState
DestroyCursor
SetTimer
GetWindow
EnableMenuItem
InflateRect
BeginDeferWindowPos
GetWindowLongW
GetDC
DestroyAcceleratorTable
WindowFromPoint
GetMessageW
RegisterClassExW
UpdateWindow
CreateAcceleratorTableW
GetWindowTextLengthW
DestroyMenu
CheckMenuItem
AppendMenuW
LoadIconW
ScreenToClient
CopyAcceleratorTableW
DrawEdge
InsertMenuW
BeginPaint
LoadAcceleratorsW
GetCursorPos
IsIconic
EmptyClipboard
SetWindowPlacement
GetClassInfoExW
LoadMenuW
GetSystemMetrics
InvalidateRect
SetCapture
GetWindowTextW
LoadBitmapW
IsWindowEnabled
SetRectEmpty
SetScrollPos
RegisterWindowMessageW
GetMenuItemCount
PostMessageW
CreateDialogIndirectParamW
TranslateMessage
MapWindowPoints
GetMessagePos
PtInRect
GetMenuItemID
GetClassNameW
LoadStringW
TrackPopupMenu
GetDlgItem
OffsetRect
IntersectRect
EnableWindow
DeferWindowPos
EqualRect
DestroyIcon
RegisterClassW
EndPaint
PostQuitMessage
SetForegroundWindow
GetWindowPlacement
CreateWindowExW
UnhookWindowsHookEx
GetSysColor

winspool.drv

ord204
OpenPrinterA
DocumentPropertiesA

advapi32

GetSidSubAuthority
GetSidSubAuthorityCount
RegDeleteValueW
OpenProcessToken
RegOpenKeyExA
RegQueryValueW

gdi32

ExtFloodFill
DeleteDC
PtVisible
StretchDIBits
SetTextColor
Polyline
CreateCompatibleDC
ExtCreatePen
EnumFontFamiliesExW
SetStretchBltMode
SetBkColor
PatBlt
CreateSolidBrush
RoundRect
RestoreDC
GetDeviceCaps
SetBkMode
ExcludeClipRect
GetTextMetricsW
CreatePen
DPtoLP
CreatePolygonRgn
SetWindowExtEx
Rectangle
DeleteObject
StartDocW
CombineRgn
BitBlt
Escape
SetMapMode
SelectClipRgn
MoveToEx
GetBkMode
SetViewportOrgEx
TextOutW
GetDIBits
CreateDIBSection
SetPixel
Polygon
OffsetRgn
SetTextAlign
GetStockObject
CreateFontIndirectW
CreateBrushIndirect
IntersectClipRect
SaveDC
CreateEllipticRgn
ExtTextOutW
GetClipBox
SetAbortProc
CreateCompatibleBitmap
GdiFlush
LineTo
StretchBlt
SelectObject
PtInRegion
GetObjectW
CreateRectRgn
CreateDCW
SetROP2

kernel32

HeapAlloc
HeapFree
GlobalSize
TlsFree
GetFileTime
OpenProcess
GetTimeFormatA
WideCharToMultiByte
VirtualAlloc
GetDateFormatA
GetCurrentProcess
GetTimeZoneInformation
GetCPInfo
ExitProcess
TlsSetValue
VirtualQuery
SetFilePointer
GetExitCodeThread
FreeEnvironmentStringsW
MapViewOfFile
IsBadCodePtr
VirtualProtect
ResumeThread
LockResource
SuspendThread
QueryPerformanceCounter
SystemTimeToFileTime
GetStringTypeA
GetModuleFileNameW
GetThreadLocale
GetSystemInfo
CopyFileW
GetCurrentProcessId
GetStringTypeW
CloseHandle
GetCommandLineA
MultiByteToWideChar
GetCommandLineW
UnhandledExceptionFilter
GetStartupInfoW
HeapDestroy
GetEnvironmentStringsW
GetVersionExA
GetEnvironmentStrings
LoadLibraryA
LeaveCriticalSection
CreateThread
GetCurrentThreadId
VirtualFree
GetOEMCP
SetEvent
TlsAlloc
LoadLibraryW
SetEnvironmentVariableA
CompareStringW
HeapSize
lstrlenW
FreeEnvironmentStringsA
GlobalLock
CreateMutexW
GetStdHandle
Sleep
DeleteFileA
HeapCreate
GetCurrentThread
DeleteCriticalSection
InitializeCriticalSection
QueryPerformanceFrequency
GetModuleHandleA
GetLocaleInfoA
SetErrorMode
GetSystemTimeAsFileTime
WaitForMultipleObjects
GetProcAddress
ResetEvent
GetStartupInfoA
LCMapStringA
GetVersion
FreeResource
GetLastError
GlobalUnlock
LocalFree
FindClose
InterlockedExchange
GetTempPathA
GetFileSize
GetModuleHandleW
GetTempPathW
RtlUnwind
LoadResource
GetCurrentDirectoryA
WriteFile
GlobalAlloc
GlobalFree
ReadFile
EnterCriticalSection
InterlockedDecrement
HeapReAlloc
SetHandleCount
WaitForSingleObject
SetLastError
CreateFileA
SetEndOfFile
SetUnhandledExceptionFilter
GetModuleFileNameA
GetTickCount
RaiseException
SetFileTime
FreeLibrary
CreateFileMappingA
TlsGetValue
TerminateProcess
SetThreadPriority
lstrcpyA
GetFileType
GetFullPathNameW
FlushFileBuffers
CreateFileW
SetStdHandle
GetACP
CompareStringA
LCMapStringW

oleaut32

LoadTypeLi

ole32

CoMarshalInterThreadInterfaceInStream
CoFreeUnusedLibraries
CoGetClassObject
CoUninitialize
CoTaskMemFree
CLSIDFromString
OleDuplicateData
CoUnmarshalInterface
CoTaskMemAlloc
RevokeDragDrop
DoDragDrop
StringFromCLSID
OleUninitialize
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
OleLockRunning
OleFlushClipboard
CoGetInterfaceAndReleaseStream
OleInitialize
ReleaseStgMedium
CoCreateInstance
OleGetClipboard
CoRegisterMessageFilter
RegisterDragDrop
CoRevokeClassObject
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoInitialize

shlwapi

PathAddBackslashA
PathFindExtensionA
PathFindFileNameA
PathFileExistsA

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afe65a8b7a72de804806d13c23c46cdb

Headers

File Characteristics

Imports

comctl32

user32

winspool.drv

advapi32

gdi32

kernel32

oleaut32

ole32

shlwapi

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 104KB - Virtual size: 103KB

.data Size: 60KB - Virtual size: 80KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 104KB - Virtual size: 103KB

.data
Size: 60KB - Virtual size: 80KB

.rsrc
Size: 44KB - Virtual size: 43KB