ba3b382858be6180c94dca5b4af0f361_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba3b382858be6180c94dca5b4af0f361_JaffaCakes118
Size

216KB
MD5

ba3b382858be6180c94dca5b4af0f361
SHA1

78dfccd74f8fb72ce1ed153351cb29d19c9605ce
SHA256

bca637174fceab28cca8325c08ec7382edebe0aff4cf25216c0d08526f996fb2
SHA512

3f99e8221589adf1b7b67dc4ad5c172f645460d8d91b7ae1abd9b8cc8eda83ca209d0203ac1b4dd60832b34ecdd2fd7431611630f792c7159eef67e76118c81e
SSDEEP

3072:59Up9RES8ysLTYKTh0F9P73otSjarB8xR9KzqQwq3ZPLKR1L5KAv/KrtBEKo:q9OS5Fh73arKYlwkZPOR1L5KA3+tBEKo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba3b382858be6180c94dca5b4af0f361_JaffaCakes118

Files

ba3b382858be6180c94dca5b4af0f361_JaffaCakes118
.exe windows:4 windows x86 arch:x86

27b7cd6c5e334c93d3a718174766f392

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetHandleCount
GetStdHandle
ExitProcess
TerminateProcess
DeleteFileA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
SetStdHandle
IsBadReadPtr
IsBadCodePtr
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
SetEndOfFile
SetFilePointer
FlushFileBuffers
CreateFileA
WriteFile
ReadFile
SetErrorMode
GetCurrentProcess
GetProcessVersion
LoadLibraryA
FreeLibrary
GetVersion
GlobalFindAtomA
GlobalGetAtomNameA
GlobalAddAtomA
GetProcAddress
GetLastError
GetModuleHandleA
lstrcpyA
SetLastError
lstrcatA
WritePrivateProfileStringA
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
GlobalUnlock
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
LocalFree
lstrcpynA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetFileType
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
GetEnvironmentVariableA
GetVersionExA
GetEnvironmentStrings
GetEnvironmentStringsW

user32

AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
GetClientRect
DestroyMenu
LoadStringA
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
ReleaseDC
CopyRect
wsprintfA
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
ClientToScreen
LoadCursorA
GetCapture
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
GetTopWindow
GetMenuItemCount
GetDC
PostQuitMessage
PostMessageA
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
TabbedTextOutA
UnregisterClassA

gdi32

DeleteDC
RestoreDC
SelectObject
SaveDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
DeleteObject
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
GetStockObject
CreateBitmap

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

comctl32

ord17

ole32

CoInitialize
CoCreateInstance

oleaut32

SysAllocStringLen

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27b7cd6c5e334c93d3a718174766f392

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 16KB - Virtual size: 27KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 16KB - Virtual size: 27KB

.text
Size: 116KB - Virtual size: 116KB