b47005de33ed2b076fd32bd2adc39d83_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b47005de33ed2b076fd32bd2adc39d83_JaffaCakes118
Size

216KB
MD5

b47005de33ed2b076fd32bd2adc39d83
SHA1

ffb0b4450341e2c04d39cb3845e879af2c5961bf
SHA256

509acabc2196bd8e98d6480d46f9358f199e55740579145b8a4a6ca8e90d76f0
SHA512

01bedf9a27e1c777170cd950826a5f4c6b126904bb4f7fac42380d2c823154d4d69bf4472ceb621947601cc5f5fb514307d0f768427fb17783928b035ec8b442
SSDEEP

6144:Q6WEDffYdnsWF3HGtuvNhUmtPxNp7wWer7Wq6yvDE:Q9E7fYdnNXGtAzsWm6yg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b47005de33ed2b076fd32bd2adc39d83_JaffaCakes118

Files

b47005de33ed2b076fd32bd2adc39d83_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f0eb47e514f2c5fe77959ad2cbee70fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

user32

GetDC
ShowWindow
CreateDialogParamW
LoadCursorW
GetSystemMenu
SetParent
MoveWindow
ChildWindowFromPoint
GetDesktopWindow
SetDlgItemTextW
SetWindowTextW
SetCursor
GetCapture
EnableMenuItem
SetWinEventHook
ScreenToClient
RegisterClipboardFormatW
InvalidateRect
GetMessageW
DrawTextExW
MsgWaitForMultipleObjects
DefWindowProcW
CheckMenuItem
SetActiveWindow
TranslateMessage
GetSubMenu
SendMessageW
DestroyWindow
TranslateAcceleratorW
OpenClipboard
CharUpperW
LoadIconW
GetWindowLongW
GetSysColor
MessageBoxA
GetClassNameA
DialogBoxParamW
GetWindowLongA
GetDlgItem
IsClipboardFormatAvailable
MessageBoxW
OffsetRect
IsIconic
SetWindowLongW
PostMessageW
SetScrollPos
GetDlgItemTextW
GetCursorPos
GetKeyboardLayout
PeekMessageW
GetMenu
LoadAcceleratorsW
RegisterClassExW
LoadStringW
MessageBeep
GetWindowTextW
RegisterWindowMessageA
SendDlgItemMessageW
CharLowerW
DispatchMessageW
GetFocus
GetParent
GetSystemMetrics
EndDialog
GetMessagePos
SetFocus
CharNextW
LoadImageW
EndPaint
wsprintfW
CreateWindowExW
SetWindowPlacement
UpdateWindow
GetClientRect
GetForegroundWindow
EnableWindow
WinHelpW
UnhookWinEvent
ReleaseDC
GetDlgCtrlID
CloseClipboard
GetSysColorBrush
GetMenuState
IsDialogMessageW
PostQuitMessage
GetWindowPlacement
RegisterWindowMessageW

kernel32

LCMapStringW
GetTimeFormatW
FindClose
SizeofResource
TerminateProcess
lstrcmpW
lstrcmpiW
InterlockedExchange
SetLastError
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
CloseHandle
SetEvent
GetVersionExA
GlobalLock
GetModuleHandleA
lstrcpyW
DeleteFileW
QueryPerformanceCounter
GetLocalTime
WideCharToMultiByte
HeapDestroy
DisableThreadLibraryCalls
GetTickCount
GetLocaleInfoA
SetUnhandledExceptionFilter
HeapCreate
IsBadWritePtr
lstrcpynW
FindFirstFileW
GetACP
VirtualProtect
CreateDirectoryA
LocalUnlock
IsProcessorFeaturePresent
FindResourceExW
CompareStringW
GetCurrentProcess
SystemTimeToFileTime
ReadFile
SearchPathW
UnmapViewOfFile
GetThreadLocale
LoadLibraryExW
ResumeThread
LocalFree
GlobalAlloc
GetDateFormatW
GetLastError
InterlockedCompareExchange
IsDebuggerPresent
GetLocaleInfoW
GetUserDefaultLCID
CopyFileW
MapViewOfFile
GetVersion
TlsSetValue
FindResourceA
GetConsoleCP
GetTempPathA
FreeEnvironmentStringsW
GetEnvironmentStringsW
CreateThread
GetUserDefaultUILanguage
CreateFileW
TlsFree
GetCommandLineW
FormatMessageW
GlobalUnlock
SetEnvironmentVariableA
GetEnvironmentStrings
GlobalFree
Sleep
TlsGetValue
lstrcatW
MultiByteToWideChar
OpenEventW
InterlockedDecrement
ExitProcess
LoadLibraryA
GetOEMCP
GetStartupInfoA
InterlockedIncrement
FindNextFileA
CreateMutexA
WaitForMultipleObjects
LoadResource
LockResource
CreateEventW
OpenMutexA
CreateEventA
LocalReAlloc
GetCommandLineA
LocalSize
GetFileSize
LocalLock
LocalAlloc
IsBadCodePtr
CreateFileA
GetStartupInfoW
HeapFree
FoldStringW
VirtualFree
GetCurrentProcessId
GetWindowsDirectoryA
UnhandledExceptionFilter
CreateFileMappingW
EnterCriticalSection
GetFileType
InitializeCriticalSection
LeaveCriticalSection
MulDiv
SetEndOfFile
WriteConsoleW
GetProcAddress
GlobalHandle
GetFileInformationByHandle
DeleteCriticalSection
lstrlenW
WriteFile
GetCurrentThreadId
CreateProcessW
GetFileAttributesW
GetProcessHeap

shell32

DragAcceptFiles
ShellAboutW
DragFinish
DragQueryFileW

gdi32

GetTextExtentPoint32W
SetViewportExtEx
CreateDCW
GetTextMetricsW
StartDocW
GetStockObject
SetMapMode
SelectObject
CreateFontIndirectW
SetBkMode
EndPage
DeleteDC
TextOutW
StartPage
EnumFontsW
GetTextFaceW
AbortDoc
SetWindowExtEx
GetObjectW
GetDeviceCaps
EndDoc
LPtoDP
DeleteObject
SetAbortProc

msvcrt

_controlfp
_c_exit
_snwprintf
_wtol
_initterm
localtime
__p__commode
memset
_vsnprintf
__p__fmode
time
wcsrchr
malloc
??0exception@@QAE@ABV0@@Z
_wcsnicmp
_errno
wcsncmp
_adjust_fdiv
_vsnwprintf
iswctype
__set_app_type
__setusermatherr
_exit
exit
__getmainargs
_XcptFilter
_cexit
_acmdln
wcsncpy

comdlg32

GetFileTitleW
PageSetupDlgW
GetSaveFileNameW
ChooseFontW
GetOpenFileNameW
FindTextW
ReplaceTextW
PrintDlgExW
CommDlgExtendedError

advapi32

IsTextUnicode
RegOpenKeyExA
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegCreateKeyW

comctl32

CreateStatusWindowW

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0eb47e514f2c5fe77959ad2cbee70fb

Headers

File Characteristics

Imports

winspool.drv

user32

kernel32

shell32

gdi32

msvcrt

comdlg32

advapi32

comctl32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 159KB - Virtual size: 159KB

.data Size: 30KB - Virtual size: 102KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 159KB - Virtual size: 159KB

.data
Size: 30KB - Virtual size: 102KB

.rsrc
Size: 20KB - Virtual size: 19KB