a8b48bd44551e34b06cfcd0b7e3edccf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8b48bd44551e34b06cfcd0b7e3edccf_JaffaCakes118
Size

424KB
MD5

a8b48bd44551e34b06cfcd0b7e3edccf
SHA1

e21334a29b7edface798d080f4c8c11f7a3997e3
SHA256

ea06c1fdf59cfa29768134e2cca9575d23ba382beee4efce61fd3fe0a66ef842
SHA512

92d2592a4ab9dcbda19e98ad9f9f7e31ff0fb84b507b716d181b41146eee93e1735795bfe9f084b391a43e78a9f9502a869733f9c98af2204d1c4feb16e042ba
SSDEEP

12288:z7K4FXzWzEnyZXZTEmpkd9CCMDWmcVgQp0:3KQXpnAiaQxMtcV10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b48bd44551e34b06cfcd0b7e3edccf_JaffaCakes118

Files

a8b48bd44551e34b06cfcd0b7e3edccf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f7a7e90204f0173ce1757e27d1a583fe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetUserDefaultLCID
WideCharToMultiByte
SetLastError
SetEndOfFile
DeleteFileW
GetACP
UnmapViewOfFile
LocalReAlloc
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
FormatMessageW
GetUserDefaultLangID
LocalSize
lstrcmpiW
GlobalUnlock
GlobalLock
IsDBCSLeadByte
GetCPInfo
GetDateFormatW
SetEnvironmentVariableA
CompareStringA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
EnterCriticalSection
GetTimeFormatW
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
DeleteCriticalSection
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
GetTimeZoneInformation
GetStringTypeW
IsValidCodePage
GetOEMCP
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
HeapFree
VirtualQuery
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetStartupInfoA
GetCommandLineA
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExpandEnvironmentStringsA
FoldStringW
LocalLock
CompareStringW
LocalUnlock
lstrlenW
GetLastError
LocalAlloc
lstrcmpW
FindFirstFileW
FindClose
lstrcatW
GetCommandLineW
LocalFree
lstrcpyW
CreateFileW
lstrcpynW
MulDiv
GetLocaleInfoW
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
GetThreadContext
VirtualQueryEx
FreeLibrary
GlobalAlloc
VirtualAlloc
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
LoadLibraryA
CreateProcessA
WaitForSingleObject
lstrcpyA
GetCurrentThreadId
lstrlenA
lstrcatA
FindAtomA
OpenProcess
GetModuleHandleA
GetProcAddress
LeaveCriticalSection

advapi32

RegOpenKeyExA
RegQueryValueExA
CreateProcessAsUserA
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode

comdlg32

GetFileTitleW
GetOpenFileNameW
GetSaveFileNameW
ReplaceTextW
FindTextW
PageSetupDlgW
CommDlgExtendedError
ChooseFontW
PrintDlgExW

gdi32

StartPage
StartDocW
SetAbortProc
GetObjectW
EndDoc
EndPage
TextOutW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateDCW
GetTextExtentPoint32W
SelectObject
GetTextFaceW
EnumFontsW
GetDeviceCaps
CreateFontIndirectW
DeleteObject
GetBkMode
GetTextMetricsW
GetBkColor
GetStockObject
DeleteDC

shell32

DragFinish
DragAcceptFiles
DragQueryFileW
ShellAboutW

user32

GetWindowTextW
EnableWindow
CreateDialogParamW
DrawTextExW
PeekMessageW
CharLowerW
LoadImageW
RegisterClassExW
RegisterWindowMessageW
LoadCursorW
CreateWindowExW
SetWindowPlacement
GetClientRect
ShowWindow
CharUpperW
GetSystemMenu
SetWindowLongW
LoadStringW
GetWindowPlacement
SetScrollPos
UpdateWindow
CloseDesktop
ClientToScreen
GetWindowThreadProcessId
FindWindowA
GetWindowLongW
SetDlgItemTextW
GetDlgItemTextW
EndDialog
wsprintfW
GetMenuState
OpenClipboard
IsClipboardFormatAvailable
CloseClipboard
CheckMenuItem
SetWindowTextW
GetSystemMetrics
GetMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
CharNextW
DefWindowProcW
IsIconic
PostQuitMessage
DestroyWindow
MessageBeep
GetForegroundWindow
GetKeyboardLayout
SetActiveWindow
PostMessageW
GetMenu
SendMessageW
GetSubMenu
EnableMenuItem
SetFocus
DialogBoxParamW
LoadIconW
GetDesktopWindow
MessageBoxW
GetDC
ReleaseDC
SetCursor
SendDlgItemMessageW
GetDlgCtrlID
WinHelpW
ScreenToClient
ChildWindowFromPoint
InvalidateRect
MoveWindow
EqualRect
GetCursorPos
wsprintfA
InflateRect
GetFocus
GetWindowRect
IsWindowVisible
OpenInputDesktop
GetThreadDesktop
SetThreadDesktop
LoadAcceleratorsW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7a7e90204f0173ce1757e27d1a583fe

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comdlg32

gdi32

shell32

user32

winspool.drv

Sections

.text Size: 95KB - Virtual size: 95KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 292KB - Virtual size: 300KB

.rsrc Size: 18KB - Virtual size: 21KB

.text
Size: 95KB - Virtual size: 95KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 292KB - Virtual size: 300KB

.rsrc
Size: 18KB - Virtual size: 21KB