a3eded6d9a87e2df9c6f4f77fec6dfc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a3eded6d9a87e2df9c6f4f77fec6dfc3_JaffaCakes118
Size

732KB
MD5

a3eded6d9a87e2df9c6f4f77fec6dfc3
SHA1

935f2cc267909c9e7f70c34e3dfb117ecb5aa4bd
SHA256

23f182f1342bde9f7f051fa1d13c772e7c5ab0aed28098c14a6b6e2eecbe9687
SHA512

f25a71864334b4a60d115dde6be85381f0d297e4d5fedb1f751bf62bc474ad09c779d11b34ab4094e5f87f37e3c63801585113ec3d69402fc3d567648ec612b9
SSDEEP

12288:WvsRV3iNcH1B6W4WrNG2UkK9UFb72vlBg0k30JIjnXu7b/wchD1j37VkvDny/3:WkRV3iNUB6WnNuXwigB08e7Z9kvD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3eded6d9a87e2df9c6f4f77fec6dfc3_JaffaCakes118

Files

a3eded6d9a87e2df9c6f4f77fec6dfc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

272b09cd040649fe443e1cf0c1f9f334

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\egq\vah\cu

Imports

winspool.drv

OpenPrinterA
DocumentPropertiesA
ord204

user32

IsWindowVisible
GetLastActivePopup
UnpackDDElParam
GetCapture
GetClassNameW
BeginPaint
BringWindowToTop
InvalidateRgn
GetParent
PostMessageW
InsertMenuItemW
DefWindowProcW
DestroyMenu
EqualRect
GetWindowTextW
LoadMenuW
DestroyWindow
SetTimer
PostQuitMessage
RegisterClassW
GetWindow
IsIconic
IsDlgButtonChecked
GetMenuState
SetFocus
TranslateAcceleratorW
ScrollWindow
WindowFromPoint
GetWindowThreadProcessId
EnableWindow
DialogBoxParamW
TranslateMessage
CreateDialogIndirectParamW
FrameRect
InvalidateRect
CreateDialogParamW
SystemParametersInfoA
GetDC
SetWindowLongW
GetSubMenu
TrackPopupMenuEx
LoadCursorW
GetActiveWindow
CreateWindowExW
GetMenuItemCount
EndPaint
SetScrollInfo
IsClipboardFormatAvailable
TrackPopupMenu
IsWindow
GetSysColor
MessageBoxW
IsZoomed
GetMenuItemInfoW
GetDlgCtrlID
GetClientRect
DrawTextW
LockWindowUpdate
DrawEdge
FillRect
ReleaseDC
DestroyIcon
SetClipboardData
SetCursor
ShowWindow
OpenClipboard
RedrawWindow
GetForegroundWindow
UnregisterClassW
SetWindowPlacement
EnumWindows
MessageBeep
RegisterClassExW
SetForegroundWindow
GetSystemMetrics
SendMessageW
LoadIconW
GetDesktopWindow
GetClipboardData
GetWindowRect
InsertMenuW
CheckMenuItem
DeleteMenu
DispatchMessageW
EndDeferWindowPos
SendMessageTimeoutW
SetCapture
SetWindowPos
CopyRect
SystemParametersInfoW
GetMessageW
CheckDlgButton
DrawFocusRect
MoveWindow
RegisterWindowMessageW
GetFocus
wsprintfW
UnhookWindowsHookEx
GetSysColorBrush
MessageBoxA
DeferWindowPos
SetRect
ScrollWindowEx
GetNextDlgTabItem
EmptyClipboard
BeginDeferWindowPos
MapVirtualKeyW
AttachThreadInput
CreatePopupMenu

advapi32

RegDeleteKeyA
RegEnumKeyExA
OpenServiceA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetFolderPathA
ord155

kernel32

CreateMutexA
SetStdHandle
GetCPInfo
GetModuleFileNameA
CreateFileMappingA
GlobalFree
SetUnhandledExceptionFilter
GetDriveTypeA
RtlUnwind
WideCharToMultiByte
GetTimeFormatA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
lstrcmpW
CreateDirectoryA
MultiByteToWideChar
GetVersionExW
IsValidLocale
ConvertDefaultLocale
GetOEMCP
GetFileSize
SetEndOfFile
GetACP
HeapAlloc
FlushFileBuffers
HeapFree
InterlockedCompareExchange
FatalAppExitA
GetSystemTime
GetFileAttributesA
GetTickCount
GetProcessHeap
IsDebuggerPresent
WaitForSingleObject
GetTempPathW
UnhandledExceptionFilter
GetFileTime
GetConsoleOutputCP
GetVersionExA
GetTempPathA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetUserDefaultLCID
DeleteFileA
SetLastError
LCMapStringW
GetVersion
lstrcpynA
FileTimeToLocalFileTime
GetFileType
GetStringTypeA
FindFirstFileW
SetFilePointer
TlsSetValue
ExitProcess
GlobalHandle
IsBadWritePtr
TlsFree
GetCommandLineW
EnterCriticalSection
GetModuleHandleW
SuspendThread
SizeofResource
GlobalUnlock
DeleteCriticalSection
GetCurrentProcess
CreateMutexW
HeapReAlloc
GetStartupInfoW
InterlockedIncrement
GlobalAlloc
VirtualFree
GetCurrentThread
TlsGetValue
CompareStringA
GetLastError
FindClose
GetSystemTimeAsFileTime
CreateProcessA
CompareStringW
MulDiv
HeapCreate
VirtualQuery
SetFileTime
LocalReAlloc
lstrlenA
GetConsoleCP
WriteFile
QueryPerformanceCounter
FileTimeToSystemTime
SetEvent
FormatMessageA
SetEnvironmentVariableA
GetExitCodeProcess
HeapDestroy
CopyFileW
GetStringTypeW
GetProcAddress
GetEnvironmentStringsW
GetCurrentProcessId
lstrcmpiW
DuplicateHandle
GetConsoleMode
RaiseException
GetLocaleInfoW
TlsAlloc
CloseHandle
SetThreadPriority
GetTimeZoneInformation
ReadFile
InitializeCriticalSection
GetCommandLineA
HeapSize
GetCurrentThreadId
InterlockedExchange
GetModuleFileNameW
InterlockedDecrement
CreateFileW
LCMapStringA
Sleep
GetSystemInfo
GetStdHandle
SetHandleCount
VirtualAlloc
GetEnvironmentStrings
LocalAlloc
CreateThread
LeaveCriticalSection
ExitThread
TerminateProcess
LocalFileTimeToFileTime
GlobalDeleteAtom
MapViewOfFile
WriteConsoleA
GetLocalTime

gdi32

Polygon
Ellipse
PtVisible
GetROP2
CreatePenIndirect
GetCharWidthFloatA
ExtTextOutA
SetPolyFillMode
GetBrushOrgEx
DeleteDC
SetBrushOrgEx
GetMiterLimit
DeleteMetaFile
SetTextJustification
GetAspectRatioFilterEx
OffsetViewportOrgEx
CreateDiscardableBitmap
CreateBitmapIndirect
PlgBlt
DrawEscape
DeleteObject
SetStretchBltMode
WidenPath
GdiComment
SetMiterLimit
SetBkMode
ExcludeClipRect
SetPixel
GetKerningPairsA
AbortPath
GetCharABCWidthsFloatA
CreateCompatibleDC
ExtSelectClipRgn
SetMapMode
RealizePalette
SetWindowExtEx
ExtEscape
GetColorAdjustment
EnumObjects
AnimatePalette
AbortDoc
CreatePolyPolygonRgn
AngleArc

mfc42

ord1576

Sections

.text
Size: 76KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 455KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

272b09cd040649fe443e1cf0c1f9f334

Headers

File Characteristics

PDB Paths

Imports

winspool.drv

user32

advapi32

shell32

kernel32

gdi32

mfc42

Sections

.text Size: 76KB - Virtual size: 73KB

.rdata Size: 456KB - Virtual size: 455KB

.data Size: 100KB - Virtual size: 97KB

.rsrc Size: 96KB - Virtual size: 93KB

.text
Size: 76KB - Virtual size: 73KB

.rdata
Size: 456KB - Virtual size: 455KB

.data
Size: 100KB - Virtual size: 97KB

.rsrc
Size: 96KB - Virtual size: 93KB