a67f204821e5774cd87501684489945e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a67f204821e5774cd87501684489945e_JaffaCakes118
Size

188KB
MD5

a67f204821e5774cd87501684489945e
SHA1

ceb260c276a37269be527ea018c508fa7d635989
SHA256

6d95d9b3bdb54c3450b6c519a0e132760bd6bb1b88ec82fb799e63e61201af32
SHA512

924828b1dd55e368d7d5a1e5641b4c8af784b3ea1e728f69b9f3f7f9c008e537dd232501f708607ea04edce0eb2f0c5d8fe1b33b1939c598ede6b02022e78d0d
SSDEEP

3072:VvVT0wTgGTdBVEejjgMaLkr32Obf2sj6wktqs:VNAwTgsB6ejjg3LkrPzXls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a67f204821e5774cd87501684489945e_JaffaCakes118

Files

a67f204821e5774cd87501684489945e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79866c2f3b6fb21ad1561c2ddf13705b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

shlwapi

SHGetValueA
PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFileExistsA

kernel32

TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
SetStdHandle
SetHandleCount
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
HeapSize
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
SetEndOfFile
SetEnvironmentVariableA
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
FindClose
FindFirstFileA
GlobalGetAtomNameA
LockFile
UnlockFile
GetFileSize
GetThreadLocale
DuplicateHandle
GetFullPathNameA
LocalAlloc
GlobalReAlloc
GlobalHandle
LocalReAlloc
lstrcmpA
GetFileTime
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalFlags
WriteFile
HeapCreate
HeapDestroy
VirtualFree
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetProcessHeap
GetCommandLineA
ExitProcess
RaiseException
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
RtlUnwind
GetModuleHandleA
VirtualAlloc
HeapReAlloc
HeapFree
HeapAlloc
Sleep
GetSystemTimeAsFileTime
SystemTimeToFileTime
SetLastError
GetVolumeInformationA
GetFileAttributesA
GetVersionExA
GetCurrentProcess
GetModuleFileNameA
CreateFileA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
TerminateProcess
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetLocaleInfoA

user32

DestroyMenu
PostQuitMessage
SetWindowTextA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetParent
GetWindowLongA
GetLastActivePopup
GrayStringA
DrawTextExA
DrawTextA
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
SendMessageA
GetKeyState
PeekMessageA
TabbedTextOutA
ClientToScreen
UnregisterClassA
PostMessageA
GetWindowThreadProcessId
CharUpperA
RegisterWindowMessageA
GetWindowTextA
ValidateRect
GetSystemMetrics
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
MessageBoxA
GetWindow
SetWindowPos

gdi32

RestoreDC
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
ExtTextOutA
SaveDC
GetStockObject
DeleteObject
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SetViewportOrgEx
SelectObject
GetDeviceCaps
TextOutA
RectVisible
PtVisible
SetMapMode
Escape

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79866c2f3b6fb21ad1561c2ddf13705b

Headers

File Characteristics

Imports

shell32

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

oleaut32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 12KB - Virtual size: 47KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 12KB - Virtual size: 47KB

.rsrc
Size: 4KB - Virtual size: 176B