bf8b890342d0ca8dc3585a30a938f746_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf8b890342d0ca8dc3585a30a938f746_JaffaCakes118
Size

396KB
MD5

bf8b890342d0ca8dc3585a30a938f746
SHA1

cad0da074e94b6787ef661d112aaafa69921db51
SHA256

90f2069db378f5fa2f9c2dd727dfcd44ae704da9fbab66cae324d8712924d1cc
SHA512

f290b1732eaa6ea708c00a857b6876cdb169d992cf4e08a505296cb198f7b41a789e86df7b5a0cc8ca30fab0d88784fce1ab6c94460fb8d6c282133c2a361242
SSDEEP

6144:TQ6ZRoKnHjPxOozVxWwiWEO+PuGxP+n4SbjhFyhi:TLoKDJOgrWw/EO+PuhBTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8b890342d0ca8dc3585a30a938f746_JaffaCakes118

Files

bf8b890342d0ca8dc3585a30a938f746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c99fea5621975a6f9cda01a7f6222bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathFindExtensionA
PathSetDlgItemPathA
PathFileExistsA

comctl32

ord17

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

psapi

EnumProcessModules
EnumProcesses
GetModuleFileNameExA

kernel32

GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcpyA
ResumeThread
GetCurrentThreadId
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalReAlloc
RtlUnwind
ExitThread
HeapReAlloc
ExitProcess
TerminateProcess
HeapFree
GetFileType
HeapSize
GetStartupInfoA
GetCommandLineA
GetTimeZoneInformation
GetACP
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
LCMapStringA
LCMapStringW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
lstrcpynA
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcmpA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
DeleteFileA
CopyFileA
CreateDirectoryA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetComputerNameA
GetVersionExA
MoveFileExA
GetCurrentProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
WinExec
MoveFileA
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
TerminateThread
GetPrivateProfileStringA
CreateThread
GetModuleFileNameA
CreateMutexA
WritePrivateProfileStringA
FindFirstFileA
FindNextFileA
FindClose
SetFileAttributesA
CreateFileMappingA
MapViewOfFile
FlushViewOfFile
IsBadReadPtr
UnmapViewOfFile
GetSystemTime
GetLocalTime
FreeLibrary
GetTickCount
CreateFileA
GetFileSize
CloseHandle
LoadLibraryA
GetProcAddress
GetSystemDirectoryA
GetWindowsDirectoryA
CreateToolhelp32Snapshot
Process32First
Module32First
Process32Next
OpenProcess
GetVersion
GetLongPathNameA
CreateProcessA
WaitForSingleObject
GetLastError
HeapAlloc

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
UnhookWindowsHookEx
LoadStringA
wsprintfA
GetParent
InvalidateRect
GetWindowDC
SetClassLongA
SetWindowLongA
GetCursorPos
TrackPopupMenu
LoadCursorA
ShowCursor
ShowWindow
LoadMenuA
GetSubMenu
GetDlgItemTextA
GetWindowRect
PtInRect
SetCursor
GetWindowTextA
DialogBoxParamA
LoadBitmapA
EndDialog
GetDlgItem
EnableWindow
SetWindowTextA
SendMessageA
MessageBoxA
SetDlgItemTextA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
DeleteDC
GetDeviceCaps
GetObjectA
GetClipBox
CreateBitmap
CreateFontA
SelectObject
DeleteObject
SetBkColor
CreatePen
SetBkMode
SetTextColor

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

OpenProcessToken
AllocateAndInitializeSid
FreeSid
RegEnumKeyExA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
SetNamedSecurityInfoA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
ShellExecuteExA

wininet

HttpOpenRequestA
InternetOpenA
InternetAttemptConnect
InternetCloseHandle
InternetConnectA
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c99fea5621975a6f9cda01a7f6222bc

Headers

File Characteristics

Imports

shlwapi

comctl32

version

psapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

wininet

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 204KB - Virtual size: 223KB

.rsrc Size: 28KB - Virtual size: 24KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 204KB - Virtual size: 223KB

.rsrc
Size: 28KB - Virtual size: 24KB