c8d78076a0dc1a438c974d7a4ca6bb59_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c8d78076a0dc1a438c974d7a4ca6bb59_JaffaCakes118
Size

508KB
MD5

c8d78076a0dc1a438c974d7a4ca6bb59
SHA1

5a356fd639a9416bbef7b494ff092891e91e00b9
SHA256

d9508939788ef11986dad9fecc9ebc2e28dad9b3966bf861a68e9f351d26d382
SHA512

001a1a1b68ea5bbb99e8e43d88e613da5d6eeb75257dca5b03313e8d9a8592bf7f9ec351cbbd3f0b35f04b18ff0f571c085feda6e4ab0d0b2a63e56350b2679e
SSDEEP

12288:RBpo35lG4mEox2Y1joE9bPwifPvPU9pBD8HFOAkyhpVG:RBpo35lG4axJ5NPwifPvPU9pHmhpVG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8d78076a0dc1a438c974d7a4ca6bb59_JaffaCakes118

Files

c8d78076a0dc1a438c974d7a4ca6bb59_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14f47b5b0949b08e972f941bcab8d0a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
WideCharToMultiByte
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
GetModuleFileNameA
GlobalFree
GlobalUnlock
LocalFree
GetModuleHandleA
lstrcpyA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
SetLastError
MulDiv
lstrcpynA
InitializeCriticalSection
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
WritePrivateProfileStringA
GetLastError
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
GetCurrentProcess
FlushFileBuffers
GetFileAttributesA
ExitProcess
RtlUnwind
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
InterlockedIncrement
WriteFile
SetFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
CreateFileA
SetFilePointer
LoadLibraryA
GetProcAddress
FreeLibrary
WinExec
FindResourceA
LoadResource
LockResource
MultiByteToWideChar
GetVersion
OpenProcess
GetExitCodeProcess
TerminateProcess
CloseHandle
GetSystemDirectoryA
CreateDirectoryA
WaitForSingleObject
Sleep
DeleteCriticalSection
GetVersionExA

user32

GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
GetDlgCtrlID
GetWindowTextA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
GetTopWindow
CopyRect
AdjustWindowRectEx
SetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
BeginPaint
CallWindowProcA
TabbedTextOutA
DrawTextA
GrayStringA
LoadStringA
GetClassNameA
GetSysColorBrush
DestroyMenu
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
PostQuitMessage
PostMessageA
RemovePropA
DefWindowProcA
GetMessageTime
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
EndPaint
LoadCursorA
GetWindowRect
GetParent
GetDC
ReleaseDC
IsWindow
GetSysColor
SetCursor
GetMessagePos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
MessageBeep
SetWindowLongA
KillTimer
RegisterWindowMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
GetDlgItem
UnregisterClassA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetBkMode
SelectObject
RestoreDC
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SaveDC
GetDeviceCaps
GetObjectA
GetStockObject
DeleteDC
SetBkColor
SetTextColor
GetClipBox
DeleteObject
CreateBitmap

advapi32

RegCreateKeyExA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

dbghelp

MakeSureDirectoryPathExists

psapi

EnumProcessModules
GetModuleFileNameExA
EnumProcesses

comctl32

ord17

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 355KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14f47b5b0949b08e972f941bcab8d0a2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

dbghelp

psapi

comctl32

winspool.drv

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 16KB - Virtual size: 27KB

.rsrc Size: 356KB - Virtual size: 355KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 16KB - Virtual size: 27KB

.rsrc
Size: 356KB - Virtual size: 355KB