abac650ab39c0dd074310710081d715d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abac650ab39c0dd074310710081d715d_JaffaCakes118
Size

117KB
MD5

abac650ab39c0dd074310710081d715d
SHA1

aeb860cac6f12bae4b972ad3eb9bd5bc16e554c7
SHA256

09d19fe9b351bca5dbccad43a5861b4119942c2971c875958e2e49b31a6a5b25
SHA512

e5abf52d7e3cf24c892bc2a8b85b90f8f01385aa12a9d9b94ca637bb9b532de6d2e0bb3d905c968ef35461e3e7f5cb04fac013d50a8deb459d9fb961c1de2d1a
SSDEEP

1536:RsKTv4Gurl4XLCK+vCbaeNxTndLQCfUXSejKDTO2XcRoRA3Wjk1KRrPxqByocDiL:aGw4bj+aG4GSemDPMxGjAKxPxBocD8r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abac650ab39c0dd074310710081d715d_JaffaCakes118

Files

abac650ab39c0dd074310710081d715d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5623bbf72aaa5d6e1e6022de0b3e173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
LocalFree
SetLastError
lstrcpynA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DuplicateHandle
LockFile
UnlockFile
SetEndOfFile
MoveFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
lstrcmpiA
GetFileTime
LocalAlloc
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalReAlloc
SetFilePointer
TlsSetValue
LocalReAlloc
TlsGetValue
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVersion
GetCurrentThreadId
lstrcmpA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
HeapFree
HeapAlloc
RtlUnwind
GetDriveTypeA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
SetStdHandle
GetFileType
RaiseException
GetACP
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileA
WriteFile
FlushFileBuffers
GetStartupInfoA
GetSystemDirectoryA
CreateProcessA
WaitForSingleObject
TerminateProcess
DeleteFileA
GetFileSize
ReadFile
LoadLibraryA
GetProcAddress
FreeLibrary
SetErrorMode
GetWindowsDirectoryA
CreateMutexA
GetComputerNameA
GetVersionExA
GetSystemInfo
GlobalMemoryStatus
CreateThread
ReleaseMutex
CloseHandle
GetShortPathNameA
GetEnvironmentVariableA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
SetProcessPriorityBoost
InterlockedExchange
ExitProcess
GetTickCount
Sleep
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleFileNameA
lstrlenA
lstrcpyA
GetFileAttributesA
CreateDirectoryA
GlobalAlloc
GetLastError

user32

CreateWindowExA
DestroyWindow
GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
GetSystemMetrics
CharUpperA
LoadStringA
CharNextA
EndDialog
DispatchMessageA
TranslateMessage
GetMessageA
MessageBoxA

advapi32

RegSetValueExA
GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

ShellExecuteExA
SHChangeNotify

comctl32

ord17

ws2_32

send
WSAStartup
gethostbyname
inet_ntoa
recv
select
closesocket
connect
htons
socket
setsockopt
WSAGetLastError

iphlpapi

GetAdaptersInfo

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
GetDeviceCaps
Escape
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetClipBox
SetTextColor
SetBkColor
CreateBitmap
ExtTextOutA
TextOutA
RectVisible
PtVisible

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d5623bbf72aaa5d6e1e6022de0b3e173

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

ws2_32

iphlpapi

gdi32

winspool.drv

comdlg32

Sections

.text Size: 84KB - Virtual size: 84KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 14KB - Virtual size: 29KB

.text
Size: 84KB - Virtual size: 84KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 14KB - Virtual size: 29KB