a9ee88068ad0b2b0d37a463e059a244e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a9ee88068ad0b2b0d37a463e059a244e_JaffaCakes118
Size

283KB
MD5

a9ee88068ad0b2b0d37a463e059a244e
SHA1

d280ef1a92b19d733bff45f83b54d7d42486504f
SHA256

0e59eab23e2c904a9fa561c6b421d7a3c3e0d08d60c0de0efe1bdf7a976121ec
SHA512

8ee5bc33d0b63844facb91f5903e6d00ac31db3bee48d7167bfd3f0a412ae3ae27bf07f0ae451147fcaa6b7ee205a3e1a44d09c25ad147fe17541c83fa21e217
SSDEEP

6144:XqNuy2Y5tGbOPpJrHY7NiTzdOrImdUMBUa97lLUCOJ:9PatnJTyit2ImdUu95U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9ee88068ad0b2b0d37a463e059a244e_JaffaCakes118

Files

a9ee88068ad0b2b0d37a463e059a244e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6488cbf8fa571da2f04ca652cc1a6ea8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyAcceleratorTableW
CopyRect
ClientToScreen
CheckMenuItem
CharUpperW
CreateDialogIndirectParamW
CreateWindowExW
DefMDIChildProcA
DestroyMenu
DestroyWindow
DispatchMessageW
DrawTextExW
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
IsWindowEnabled
DrawTextW
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EqualRect
WinHelpW
ValidateRect
UpdateWindow
UnregisterClassW
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TabbedTextOutW
SystemParametersInfoA
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowLongW
SetWindowContextHelpId
SetRect
SetPropW
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursor
SetCapture
SetActiveWindow
SendMessageW
SendDlgItemMessageW
SendDlgItemMessageA
ScreenToClient
RemovePropW
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
PtInRect
PostThreadMessageW
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
MoveWindow
ModifyMenuW
MessageBoxW
MessageBeep
MapWindowPoints
MapDialogRect
LoadImageW
LoadIconW
LoadCursorW
LoadBitmapW
IsWindowVisible
AdjustWindowRectEx
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsChild
InvalidateRgn
InvalidateRect
IntersectRect
GrayStringW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropW
GetParent
GetNextDlgTabItem
GetNextDlgGroupItem
GetMessageW
GetMessageTime
GetMessagePos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassInfoW
GetClassInfoExW
GetCapture
GetActiveWindow

gdi32

SetWindowExtEx
SetViewportOrgEx
SetTextColor
SetMapMode
SetBkMode
SetBkColor
ScaleWindowExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetRgnBox
GetObjectW
GetMapMode
GetDeviceCaps
ExtTextOutW
ExtSelectClipRgn
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
StretchBlt

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oledlg

OleUIBusyW

shlwapi

PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFindFileNameW

oleaut32

SysAllocStringLen
SysFreeString
SysStringLen
SystemTimeToVariantTime
VariantChangeType
VariantClear
VariantCopy
VariantInit
VariantTimeToSystemTime
SafeArrayDestroy
OleCreateFontIndirect
SysAllocString

comctl32

InitCommonControlsEx

ole32

OleFlushClipboard
OleInitialize
OleIsCurrentClipboard
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CLSIDFromProgID
CoFreeUnusedLibraries
CLSIDFromString
HMENU_UserMarshal
CreateILockBytesOnHGlobal
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterMessageFilter
CoGetClassObject

comdlg32

GetFileTitleW
FindTextA

kernel32

MulDiv
LockResource
LockFile
LocalReAlloc
LocalAlloc
LoadResource
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidLocale
IsValidCodePage
IsDebuggerPresent
IsDBCSLeadByteEx
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVolumeInformationW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetSystemTimeAsFileTime
GetSystemInfo
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileType
GetFileTime
GetFileSize
GetFileAttributesW
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
GetCPInfo
GetACP
FreeResource
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindFirstFileW
FindClose
Process32Next
RaiseException
ReadFile
RtlUnwind
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SizeofResource
TerminateProcess
TlsAlloc
TlsFree
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcmpA
lstrcmpW
GetTickCount
lstrlenA
FileTimeToSystemTime
ExitProcess
EnumSystemLocalesA
EnumResourceLanguagesW
EnterCriticalSection
DuplicateHandle
DeleteCriticalSection
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
GetThreadLocale
CloseHandle

shell32

ShellExecuteW
SHGetFolderPathW

wininet

HttpOpenRequestW
InternetCloseHandle
InternetGetLastResponseInfoW
InternetOpenW
InternetReadFile
HttpSendRequestW

advapi32

RegSetValueExW
RegQueryValueW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW

Exports

Exports

DeleteConfigFiles

Sections

.text
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6488cbf8fa571da2f04ca652cc1a6ea8

Headers

File Characteristics

Imports

user32

gdi32

winspool.drv

oledlg

shlwapi

oleaut32

comctl32

ole32

comdlg32

kernel32

shell32

wininet

advapi32

Exports

Exports

Sections

.text Size: 101KB - Virtual size: 104KB

.rdata Size: 137KB - Virtual size: 140KB

.data Size: 14KB - Virtual size: 112KB

.idata Size: 9KB - Virtual size: 12KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 101KB - Virtual size: 104KB

.rdata
Size: 137KB - Virtual size: 140KB

.data
Size: 14KB - Virtual size: 112KB

.idata
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 21KB - Virtual size: 23KB