a84479600ca7270c3a77c87108237803_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a84479600ca7270c3a77c87108237803_JaffaCakes118
Size

128KB
MD5

a84479600ca7270c3a77c87108237803
SHA1

df0b2aceecc6e948a0a70463eb46e44cf14673e2
SHA256

5cd10b2f56507e9451b9bb329d461aa0cf655a358a0dcfe4f7652c4a7c39e594
SHA512

4cde1536459ff446ef335e694f72af31e7d9b165eae53b0bf54f9d4813aa9580f08a8759cc993c1eec9b18cea7391edacaa1940ea158577b7aefe302c6750d6d
SSDEEP

3072:+XJh2L7ROrgP61udL3SBBwjmyp3bKxhiXhndx7UKyCfpAzUP:+M7RygP6gdL3SBBBxil1fp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a84479600ca7270c3a77c87108237803_JaffaCakes118

Files

a84479600ca7270c3a77c87108237803_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e642dcfaa89d5583247124d68a6b5459

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapFree
ExitProcess
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
TerminateProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FindClose
RemoveDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetVersionExA
GetPrivateProfileStringA
WinExec
Sleep
GetWindowsDirectoryA
GetFileAttributesA
SetFileAttributesA
GetProfileStringA
SetFilePointer
FlushFileBuffers
WriteFile
ReadFile
SetErrorMode
GetCurrentProcess
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
GlobalFlags
WritePrivateProfileStringA
LocalReAlloc
lstrcpynA
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
MulDiv
LocalFree
LocalAlloc
WideCharToMultiByte
SetLastError
MultiByteToWideChar
GetVersion
InterlockedDecrement
InterlockedIncrement
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
SetHandleCount
GlobalUnlock
GlobalFree
DeleteFileA
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
lstrcpyA
GetUserDefaultLangID
lstrlenA
CreateEventA
WaitForSingleObject
CloseHandle
lstrcatA
FindFirstFileA
FindNextFileA
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsW

user32

MapWindowPoints
GetSysColor
UpdateWindow
SetFocus
SendDlgItemMessageA
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
DestroyMenu
InvalidateRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
LoadStringA
LoadIconA
FindWindowA
SendMessageA
AdjustWindowRectEx
ScreenToClient
GetClassInfoA
RegisterClassA
GetMenu
MessageBoxA
wsprintfA
OffsetRect
RegisterWindowMessageA
GetPropA
DrawFocusRect
ExcludeUpdateRgn
DefDlgProcA
InflateRect
IsWindowUnicode
CharNextA
HideCaret
UnregisterClassA
ShowCaret

gdi32

SetTextColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetClipBox
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
Escape
CreateDIBitmap
BitBlt
GetTextExtentPointA
CreateCompatibleDC
CreateBitmap
SetBkColor
PatBlt

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegOpenKeyA
RegQueryInfoKeyA
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e642dcfaa89d5583247124d68a6b5459

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 16KB - Virtual size: 116KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 16KB - Virtual size: 116KB