bb14779709fb37b0256dc3de87391040_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bb14779709fb37b0256dc3de87391040_JaffaCakes118
Size

152KB
MD5

bb14779709fb37b0256dc3de87391040
SHA1

c356d332919bc0134e636ad6ed899296aa8f7a81
SHA256

e3fff31013b70474797e1d4e9f521acb62424056480f927546168dd396793422
SHA512

96c3278775dc745551cf0fa1baabd954e5ebcda1d695d0d66e8a8e9a51496dab320f23daf9f720b627b337809dd38e3a0cd4b17197fbe371a11119e644a0c52b
SSDEEP

3072:zdt6Fd/Xdc31yI51F5/rj+dotPjLUqTOa3ZPa92cK:xwPo1yOZ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb14779709fb37b0256dc3de87391040_JaffaCakes118

Files

bb14779709fb37b0256dc3de87391040_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60ae292b7499b8caf8634c1214e4ed78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFullPathNameW
RtlUnwind
GetStartupInfoA
TerminateProcess
HeapFree
HeapAlloc
GetTimeZoneInformation
RaiseException
HeapReAlloc
HeapSize
Sleep
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FlushFileBuffers
ExitProcess
SetHandleCount
GetCommandLineA
ReadFile
GetModuleHandleA
WritePrivateProfileStringW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
GetDriveTypeA
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
FindNextFileW
lstrcpyW
FindFirstFileW
GetLastError
SetLastError
FindClose
GetCommandLineW
SetFilePointer
WriteFile
GetCurrentProcess
FreeLibrary
GetProcessVersion
LoadLibraryA
GetVersion
GlobalAddAtomW
GlobalFindAtomW
GetStdHandle
GetCurrentDirectoryW
GetProcAddress
ExpandEnvironmentStringsW
GetModuleHandleW
GetFileType
GetWindowsDirectoryW
GlobalFlags
lstrcmpiW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynW
lstrcatW
SetErrorMode
GetModuleFileNameW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentVariableA
GetVersionExA
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExW
InterlockedExchange

user32

GetCapture
GetTopWindow
WinHelpW
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconW
ShowWindow
LoadCursorW
GetSysColorBrush
DestroyMenu
GetMenuItemID
GetDlgItem
DefWindowProcW
DestroyWindow
CreateWindowExW
SetPropW
GetPropW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
GetSubMenu
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetSystemMetrics
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextW
SetWindowTextW
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
LoadBitmapW
GetMenuState
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
SetCursor
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetMenu
wsprintfW
LoadStringW
RemovePropW
GetMessageTime
SetWindowPos
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
MessageBoxW
EnableWindow
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
ModifyMenuW
GetMenuCheckMarkDimensions

gdi32

DeleteObject
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetDeviceCaps
RectVisible
TextOutW
PtVisible
Escape
ExtTextOutW
GetObjectW
DeleteDC
CreateBitmap

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegisterEventSourceW
DeregisterEventSource
ReportEventW
RegCreateKeyExW

comctl32

ord17

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60ae292b7499b8caf8634c1214e4ed78

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 8KB - Virtual size: 84KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 8KB - Virtual size: 84KB