d0477c6f3beb1bc3ec976f2ce89fd9e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0477c6f3beb1bc3ec976f2ce89fd9e1_JaffaCakes118
Size

476KB
MD5

d0477c6f3beb1bc3ec976f2ce89fd9e1
SHA1

771af83ecf90447160daa92ba0e66c2f3bae9458
SHA256

eb972c6483a2f3950b12f44f8a6d36e66ba3ac70087beef0b99b587d61da3fff
SHA512

7242bd59ef80cf2b10cf41d51da920735580c20e47650afab82850bbb26ff77b630aebe280ad4986055ee477306c64ec6ac6c3d8fdd8e6c5929eea4af0b71961
SSDEEP

6144:8Sn4VqASeBhwB7ykEw6d3/kcT/RMf4JWa61TxeJ0oL+pfIYg6WEJ:8CsBhUEwI8cT/RMf4Jl61EeU0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0477c6f3beb1bc3ec976f2ce89fd9e1_JaffaCakes118

Files

d0477c6f3beb1bc3ec976f2ce89fd9e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f2912997671d33e8a4b5dbc1d01a3fe5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
UnhandledExceptionFilter
HeapReAlloc
FindResourceA
GlobalAddAtomA
GetProfileStringA
HeapSize
TerminateProcess
ExitThread
CreateThread
RaiseException
GetSystemTime
GetTimeZoneInformation
RtlUnwind
HeapAlloc
HeapFree
ExitProcess
GetStartupInfoW
GetCurrentProcess
SetErrorMode
FindResourceExW
WritePrivateProfileStringW
SizeofResource
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
GlobalFlags
GlobalAlloc
lstrcmpiA
GetCurrentThread
GlobalFree
CreateEventW
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
LoadLibraryA
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetModuleHandleW
LocalFree
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
Sleep
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Beep
lstrcpynA
FlushFileBuffers
lstrcpyA
WriteFile
lstrcmpA
GetFileSize
ReadFile
SetEndOfFile
CreateMutexW
GetLastError
ReleaseMutex
GetTickCount
GetWindowsDirectoryW
GetModuleFileNameW
SetFilePointer
LoadLibraryW
GetProcAddress
FreeLibrary
lstrcpynW
CreateDirectoryW
GetFileAttributesW
WinExec
lstrcmpW
CreateFileW
CloseHandle
GetVersionExW
lstrcatW
lstrcpyW
GetLocalTime
lstrlenW
lstrcmpiW
FindResourceW
LoadResource
LockResource
GetCPInfo
lstrlenA
GetVersion
IsBadReadPtr

user32

GetDCEx
SetParent
DeferWindowPos
IsWindowVisible
ScrollWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
TrackPopupMenu
GetDlgItem
GetWindowTextLengthW
GetWindowTextW
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
DefWindowProcW
GetMessageTime
GetLastActivePopup
GetForegroundWindow
RegisterWindowMessageW
GetWindowPlacement
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
IntersectRect
SetRectEmpty
TranslateAcceleratorW
PostQuitMessage
ReleaseCapture
SetCapture
GetAsyncKeyState
ShowWindow
SetForegroundWindow
LockWindowUpdate
GetCursorPos
ClientToScreen
UnregisterHotKey
FindWindowW
DestroyCursor
GetMenu
IsMenu
IsIconic
DrawIcon
IsRectEmpty
OffsetRect
EqualRect
wsprintfA
LoadAcceleratorsW
PostMessageW
RegisterHotKey
wvsprintfW
GetWindowRect
GetParent
SetCursor
GetMessagePos
ScreenToClient
PtInRect
MessageBeep
LoadCursorW
CopyIcon
GetClientRect
PeekMessageW
DispatchMessageW
TranslateMessage
GetWindowLongW
SetWindowLongW
SetWindowPos
GetWindow
KillTimer
IsWindow
SetTimer
GetMenuItemInfoW
SetRect
UnregisterClassW
GetWindowTextLengthA
HideCaret
ShowCaret
ExcludeUpdateRgn
GetWindowTextA
DrawTextA
GetClassInfoA
SendMessageW
wsprintfW
LoadIconW
EnableWindow
InvalidateRect
InflateRect
DrawFocusRect
GrayStringW
DrawTextW
TabbedTextOutW
DeleteMenu
LoadBitmapW
LoadStringW
GetClassNameW
MapDialogRect
SetActiveWindow
WindowFromPoint
GetSysColorBrush
GetMenuStringW
CreateMenu
CreatePopupMenu
GetMenuState
ModifyMenuW
GetMenuItemCount
GetSubMenu
GetMenuItemID
AppendMenuW
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
DrawIconEx
DestroyIcon
SystemParametersInfoW
GetSysColor
DefDlgProcA
DefWindowProcA
CharNextA
CallWindowProcA
RemovePropA
SetWindowsHookExA
GetWindowLongA
SendMessageA
IsWindowUnicode
GetClassNameA
SetWindowLongA
SetPropA
GetPropA
DrawEdge
FillRect
CopyRect
EndDialog
CreateDialogIndirectParamW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
GetMessageW
GetActiveWindow
ValidateRect
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetFocus
SetFocus
MessageBoxW
AdjustWindowRectEx
GetTopWindow

gdi32

SetBkMode
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetBkColor
CreateRectRgn
CreatePatternBrush
CreateBitmap
SetRectRgn
CombineRgn
StretchDIBits
GetCharWidthW
CreateFontW
GetTextMetricsW
EnumFontFamiliesExW
RestoreDC
SaveDC
CreateRectRgnIndirect
GetStockObject
Rectangle
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
GetObjectW
GetPixel
SetPixel
CreateDIBSection
SelectObject
DeleteObject
DeleteDC
Ellipse
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateFontIndirectW
CreateSolidBrush
CreatePen
CreateCompatibleDC
GetBkMode
CreateDIBitmap
ExtTextOutA
GetTextExtentPointA
GetDeviceCaps

comdlg32

ChooseFontW
ChooseColorW
GetOpenFileNameW
GetSaveFileNameW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RegDeleteValueW
RegEnumKeyExW
RegQueryValueExW

shell32

Shell_NotifyIconW
ShellExecuteW

comctl32

ImageList_ReplaceIcon
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Draw
ord17
ImageList_Destroy
ImageList_Create
PropertySheetW
DestroyPropertySheetPage
ImageList_GetIcon
CreatePropertySheetPageW

ole32

CoInitialize

winmm

PlaySoundW

Sections

.text
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2912997671d33e8a4b5dbc1d01a3fe5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

winmm

Sections

.text Size: 316KB - Virtual size: 315KB

.rdata Size: 64KB - Virtual size: 60KB

.data Size: 32KB - Virtual size: 49KB

.rsrc Size: 60KB - Virtual size: 60KB

.text
Size: 316KB - Virtual size: 315KB

.rdata
Size: 64KB - Virtual size: 60KB

.data
Size: 32KB - Virtual size: 49KB

.rsrc
Size: 60KB - Virtual size: 60KB