bda898e774d1bad03df4205dc435e2d1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bda898e774d1bad03df4205dc435e2d1_JaffaCakes118
Size

167KB
MD5

bda898e774d1bad03df4205dc435e2d1
SHA1

7758a94bec05e98a49f3f5424f82c12170d7df8a
SHA256

6936bd57618c39f17a1eb9debd7e0793cf4ee145efa25c3f5360803e8f612a25
SHA512

14fb07beeb1f5c333d0a88fcc869cb58837af7bf8706043eda48815640670058ddd832021cdf6f6f3c167625847fa49dcf610f754554a0faf9735da2cde58b92
SSDEEP

3072:1N6KBVpqIVJltZrpRZN3Et1nhbUTZOlE3teKK3hjDQ9cGL0oMAYD:1Nhpx1thpqHburteKK3hdGL0JAYD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bda898e774d1bad03df4205dc435e2d1_JaffaCakes118

Files

bda898e774d1bad03df4205dc435e2d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a8f56f7a066d3f098f94e88e51e35ef4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

notepad.pdb

Imports

kernel32

UnmapViewOfFile
MultiByteToWideChar
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
GlobalLock
GetTimeFormatW
GetDateFormatW
GetUserDefaultLCID
GetACP
LocalLock
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
LoadLibraryA
DeleteFileW
SetEndOfFile
GetUserDefaultUILanguage
FormatMessageW
LocalReAlloc
WideCharToMultiByte
SetLastError
WriteFile
GetLastError
LocalSize
lstrcpynW
MulDiv
lstrcmpW
GetFileAttributesW
FindFirstFileW
FindClose
lstrcatW
GetCommandLineW
GetProcAddress
GetCurrentProcessId
lstrcmpiW
CreateFileW
ReadFile
lstrcpyW
CloseHandle
GetLocalTime
FoldStringW
CompareStringW
LocalUnlock
GlobalFree
lstrlenW
LocalAlloc
LocalFree
GetLocaleInfoW
QueryPerformanceCounter
GetStartupInfoA

comdlg32

ReplaceTextW
PrintDlgExW
FindTextW
ChooseFontW
GetOpenFileNameW
PageSetupDlgW
GetFileTitleW
GetSaveFileNameW
CommDlgExtendedError

shell32

DragFinish
DragQueryFileW
DragAcceptFiles
ShellAboutW

winspool.drv

GetPrinterDriverW
ClosePrinter
OpenPrinterW

comctl32

CreateStatusWindowW

msvcrt

_wtol
_except_handler3
iswctype
wcsncpy
localtime
wcsncmp
_c_exit
_exit
_XcptFilter
_cexit
exit
_acmdln
__getmainargs
_initterm
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_snwprintf
time
__setusermatherr

advapi32

RegQueryValueExA
RegQueryValueExW
RegCloseKey
RegCreateKeyW
IsTextUnicode
RegOpenKeyExA
RegSetValueExW

gdi32

GetStockObject
EnumFontsW
GetTextFaceW
SelectObject
GetObjectW
GetDeviceCaps
DeleteObject
CreateDCW
GetTextExtentPoint32W
TextOutW
DeleteDC
EndDoc
AbortDoc
EndPage
StartPage
StartDocW
SetAbortProc
GetTextMetricsW
SetBkMode
LPtoDP
SetWindowExtEx
SetViewportExtEx
SetMapMode
CreateFontIndirectW

user32

PeekMessageW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
GetSystemMenu
EnableWindow
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
PostQuitMessage
MessageBeep
DestroyWindow
DefWindowProcW
GetKeyboardLayout
SetActiveWindow
DrawTextExW
CreateDialogParamW
GetWindowTextW
LoadAcceleratorsW
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
ShowWindow
GetDesktopWindow
GetFocus
MoveWindow
InvalidateRect
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
CheckMenuItem
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
MessageBoxW
SetWindowLongW
GetWindowLongW
GetDlgItem
SetFocus
SetDlgItemTextW
wsprintfW
GetDlgItemTextW
EndDialog
GetParent
UnhookWinEvent
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
IsDialogMessageW
PostMessageW
GetMessageW
SetWinEventHook
GetSystemMetrics
SetWindowTextW
LoadIconW

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8f56f7a066d3f098f94e88e51e35ef4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

shell32

winspool.drv

comctl32

msvcrt

advapi32

gdi32

user32

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 2KB - Virtual size: 6KB

.rsrc Size: 34KB - Virtual size: 34KB

.idata Size: 68KB - Virtual size: 68KB

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 6KB

.rsrc
Size: 34KB - Virtual size: 34KB

.idata
Size: 68KB - Virtual size: 68KB