bf3278465406b491b1e311f2dfe6a44e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bf3278465406b491b1e311f2dfe6a44e_JaffaCakes118
Size

138KB
MD5

bf3278465406b491b1e311f2dfe6a44e
SHA1

5b0a11e0e6b0df23e64ffb6bc80c8d71b14021e5
SHA256

5a757a91732dbe9c76b92d7b86501897b14d6aa92074d05ae7d0fd822d3349e9
SHA512

44a8e97ea6fb799a5a19b5bc89c3bbf6bdb7dbb684a126f96cb5f6734b0fa7d803be39eeeb2038b72fdbe0a6ac027dfc148b9226775bf12c86240cde867f5652
SSDEEP

3072:GSaP0Z050tfQQMvmkBN3WvRrMogdE/7/pPwyP:GSaPC050tfQwkv3wwouE9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf3278465406b491b1e311f2dfe6a44e_JaffaCakes118

Files

bf3278465406b491b1e311f2dfe6a44e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

75d4d7e9d1591304450d50cb23670dd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
SetLastError
CreateFileMappingW
DeleteFileW
GetFileInformationByHandle
lstrcmpiW
LocalSize
GlobalLock
GlobalUnlock
GetCPInfo
IsDBCSLeadByte
GetACP
LocalReAlloc
FormatMessageW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange
RtlUnwind
ExpandEnvironmentStringsA
WideCharToMultiByte
GetUserDefaultLangID
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
GetLocalTime
GetTimeFormatW
GetUserDefaultLCID
GetDateFormatW
lstrcpyW
LocalFree
lstrcatW
FoldStringW
LocalAlloc
FindClose
GlobalFree
LocalLock
lstrlenW
lstrcmpW
CompareStringW
CreateFileW
MulDiv
lstrcpynW
GetLocaleInfoW
FindFirstFileW
LocalUnlock
GetCommandLineW
lstrcpyA
GetTempPathA
CloseHandle
GetModuleHandleA
FindAtomA
LoadLibraryA
GetProcAddress
GetLastError
lstrcatA
WriteFile
lstrlenA
lstrcmpA
ExitProcess

user32

RegisterWindowMessageW
GetSystemMenu
SetWindowPlacement
CharLowerW
EnableWindow
CreateDialogParamW
PeekMessageW
LoadImageW
DrawTextExW
GetClientRect
LoadAcceleratorsW
RegisterClassExW
GetWindowPlacement
CharUpperW
GetWindowTextW
LoadCursorW
SetWindowLongW
LoadStringW
ShowWindow
CreateWindowExW
SetScrollPos
UpdateWindow
GetWindowLongW
DestroyWindow
SetCursor
CloseClipboard
TranslateAcceleratorW
ScreenToClient
SetActiveWindow
GetMessageW
PostQuitMessage
CharNextW
IsIconic
PostMessageW
GetSubMenu
DialogBoxParamW
IsClipboardFormatAvailable
MessageBeep
SetFocus
wsprintfW
GetDC
TranslateMessage
ChildWindowFromPoint
GetForegroundWindow
GetMenu
IsDialogMessageW
LoadIconW
GetKeyboardLayout
InvalidateRect
ReleaseDC
EnableMenuItem
GetMenuState
EndDialog
SendDlgItemMessageW
GetDesktopWindow
OpenClipboard
MessageBoxW
GetSystemMetrics
GetCursorPos
InflateRect
wsprintfA
GetFocus
GetWindowRect
ClientToScreen
DispatchMessageW
MoveWindow
CheckMenuItem
DefWindowProcW
WinHelpW
SetWindowTextW
GetDlgCtrlID
SendMessageW
SetDlgItemTextW
GetDlgItemTextW
EqualRect

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
ShellAboutW

shlwapi

SHGetValueA

gdi32

StartPage
SetWindowExtEx
LPtoDP
DeleteDC
GetTextExtentPoint32W
EndPage
EnumFontsW
SetAbortProc
CreateDCW
SetBkMode
SetMapMode
StartDocW
SetViewportExtEx
TextOutW
EndDoc
SelectObject
GetObjectW
GetTextFaceW
GetStockObject
CreateFontIndirectW
GetDeviceCaps
DeleteObject
GetTextMetricsW
GetBkColor
GetBkMode

comdlg32

ChooseFontW
PrintDlgExW
CommDlgExtendedError
GetFileTitleW
FindTextW
GetSaveFileNameW
ReplaceTextW
GetOpenFileNameW
PageSetupDlgW

advapi32

RegOpenKeyExA
IsTextUnicode
RegSetValueExW
RegCloseKey
RegQueryValueExW
RegCreateKeyW
RegQueryValueExA

winspool.drv

GetPrinterDriverW
OpenPrinterW
ClosePrinter

msvcrt

??3@YAXPAX@Z
??1type_info@@UAE@XZ
_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
__CxxFrameHandler
_time64
_localtime64
iswctype
wcsncpy
memset
memcpy
_wtol
wcsncmp
_CxxThrowException
_except_handler3

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75d4d7e9d1591304450d50cb23670dd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

gdi32

comdlg32

advapi32

winspool.drv

msvcrt

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 82KB

.rsrc Size: 18KB - Virtual size: 17KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 82KB

.rsrc
Size: 18KB - Virtual size: 17KB