a9dc9aa4fe787c97736090786b6f9fa5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9dc9aa4fe787c97736090786b6f9fa5_JaffaCakes118
Size

388KB
MD5

a9dc9aa4fe787c97736090786b6f9fa5
SHA1

998f8d091c3d0531c6282cfb85a0668c8c03cdb0
SHA256

46d2f2c64799fcca63f3541e8f5cb6fe6ba6ad1eaa8801af6067bd3edaeebef1
SHA512

614b3b1e1bcd408bdc375b587c093828b75ab6da38417ac6f7cee99b0d0338ba512088009d0074dea66882283cdf74ce8630e62f5755b3216992fe0145d76958
SSDEEP

6144:K0t0it994IJgBbQ25+EFk3j7oPVbM1izf7cpGA5VZMoi0R:lBt8IJg9Q25+6koZRfwDLZdi0R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9dc9aa4fe787c97736090786b6f9fa5_JaffaCakes118

Files

a9dc9aa4fe787c97736090786b6f9fa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7f4714a38a6d785c109fe2237d5250e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
CompareStringA
lstrlenA
GetVersion
MultiByteToWideChar
Sleep
SetFilePointer
SetFileAttributesA
CopyFileA
FormatMessageA
GetCurrentProcess
WriteFile
DeleteFileA
GetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
GetTempFileNameA
GetTempPathA
CreateDirectoryA
GetModuleFileNameA
lstrcmpiA
CreateFileA
GetFileSize
ReadFile
CreateProcessA
CloseHandle
WaitForSingleObject
GetExitCodeProcess
WideCharToMultiByte
GetFileAttributesA
FindResourceA
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
SetEnvironmentVariableA
GetLocaleInfoW
SetStdHandle
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
FreeResource
GlobalFree
GlobalUnlock
GlobalLock
LocalFree
lstrcpynA
GlobalAlloc
MulDiv
SetLastError
GetProcAddress
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcmpA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
lstrcpyA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
CreateEventA
InterlockedDecrement
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GlobalFlags
InterlockedIncrement
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetCPInfo
GetOEMCP
SetErrorMode
WritePrivateProfileStringA
GetCurrentDirectoryA
ExitProcess
HeapFree
RtlUnwind
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
ExitThread
CreateThread
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr

advapi32

RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

ScreenToClient
AdjustWindowRectEx
GetMenu
IsWindowVisible
SetForegroundWindow
GetKeyState
MessageBoxA
MapWindowPoints
PeekMessageA
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
GetTopWindow
DispatchMessageA
GetLastActivePopup
GetForegroundWindow
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetFocus
SendDlgItemMessageA
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetCapture
WinHelpA
RegisterWindowMessageA
SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
ShowWindow
SetWindowLongA
LoadBitmapA
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
ModifyMenuA
SetMenuItemBitmaps
wsprintfA
FillRect
DrawFocusRect
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetClassInfoA
GetDC
ReleaseDC
PostMessageA
EndPaint
GetSysColorBrush
DestroyMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
CopyRect
PtInRect
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
UpdateWindow
SetCursor
GetParent
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PostQuitMessage
EnableWindow
SendMessageA
UnregisterClassA
LoadImageA
DrawIcon
IsIconic
GetClientRect
SetTimer
KillTimer
ExitWindowsEx
LoadIconA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
ClientToScreen
CallWindowProcA
LoadCursorA
GetSysColor
GetWindowRect
IsRectEmpty
BeginPaint
CharUpperA
InvalidateRect
InflateRect
GetSystemMetrics

gdi32

PtVisible
RectVisible
TextOutA
GetTextMetricsA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetStockObject
DeleteDC
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
CreatePen
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
Rectangle
BitBlt
ScaleWindowExtEx
SetWindowExtEx
SetMapMode
SetBkMode
RestoreDC
SaveDC
SelectObject
DeleteObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA

shell32

ShellExecuteA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathIsUNCA

oleaut32

VariantInit
VariantClear
VariantChangeType
SysAllocStringLen

urlmon

URLDownloadToFileA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7f4714a38a6d785c109fe2237d5250e

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

version

comctl32

shlwapi

oleaut32

urlmon

comdlg32

winspool.drv

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 128KB - Virtual size: 124KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 128KB - Virtual size: 124KB