d268ccd2abf0f259dac104192e5a9bf5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d268ccd2abf0f259dac104192e5a9bf5_JaffaCakes118
Size

460KB
MD5

d268ccd2abf0f259dac104192e5a9bf5
SHA1

5ff5ded06ae37bb41213c120941489995ac20c0f
SHA256

5af8a9044687c8350feadd3421f4860f7d837dc13c9cb930ac8d8f35f9c1b0d3
SHA512

c31e35b67c22f24ebcfbd3fcae55f90d85f2435fc6e6dd200a826718195831405a59c5a330c7ad1801810dbbe7046fc79c5202339b97a5cf3113ee8f0e9423cb
SSDEEP

3072:Nzm8FNyLDZX7AnGiGtoXIDQmjeuc2B56PP8g5XNBeyhfKfoutaOQ+mAs7UVfOzAC:Na8FNyqGiqoYDdjxaZ5iCjAM8faw4yK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d268ccd2abf0f259dac104192e5a9bf5_JaffaCakes118

Files

d268ccd2abf0f259dac104192e5a9bf5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7f4874fe4f250712c82984dcf5d0343

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA

kernel32

HeapAlloc
HeapFree
RaiseException
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
GlobalFree
VirtualFree
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetErrorMode
GetSystemTimeAsFileTime
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
GetProcessVersion
GetOEMCP
GetCPInfo
LocalReAlloc
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
GlobalFlags
GlobalHandle
TlsAlloc
VirtualAlloc
GetCurrentThread
GetModuleFileNameA
lstrcpyA
GlobalAlloc
DeleteCriticalSection
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LocalAlloc
GetLastError
lstrcpynA
WaitForSingleObject
CloseHandle
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
MultiByteToWideChar
FormatMessageA
LocalFree
InterlockedIncrement
WideCharToMultiByte
lstrlenA
GetVersion
LoadLibraryA
FreeLibrary
IsBadWritePtr
lstrcatA
SetUnhandledExceptionFilter
HeapCreate
LockResource
MulDiv
SetLastError
GetProcAddress
GetModuleHandleA
FindResourceA
GlobalUnlock
GlobalLock
InterlockedDecrement
LoadResource

user32

SetDlgItemTextA
IsDialogMessageA
ShowWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
GetMenuCheckMarkDimensions
wvsprintfA
ReleaseCapture
GetCursorPos
GetDesktopWindow
WindowFromPoint
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
LoadMenuA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadStringA
SetMenu
PostQuitMessage
ShowOwnedPopups
GetClassNameA
GetSysColorBrush
CharUpperA
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
ValidateRect
IsWindowVisible
GetWindowTextLengthA
PostMessageA
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SendDlgItemMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GetDlgCtrlID
LoadIconA
UpdateWindow
RegisterWindowMessageA
MessageBoxA
InvalidateRect
SetCursor
SetActiveWindow
KillTimer
LoadCursorA
SetTimer
GetSystemMetrics
PtInRect
DispatchMessageA
PeekMessageA
TranslateMessage
SetRect
EnableWindow
SendMessageA
LoadBitmapA
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetClientRect
CopyRect
EndDeferWindowPos
MapWindowPoints
GetSysColor
GetWindowTextA
GetKeyState
GetMenuItemID
GetClassLongA
GetMessageTime
BeginDeferWindowPos
UnregisterClassA

gdi32

PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
BitBlt
GetTextExtentPoint32A
GetStockObject
RoundRect
DeleteDC
SelectObject
SaveDC
RestoreDC
SetBkColor
SetMapMode
SetViewportOrgEx
SetTextColor
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
GetClipBox
ScaleWindowExtEx
DeleteObject
GetDeviceCaps
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetObjectA
Escape
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragFinish
FindExecutableA
ShellExecuteA
DragQueryFileA

comctl32

ord17

wsock32

sendto
recvfrom
socket
inet_ntoa
connect
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
ioctlsocket
accept
getsockname
ntohs
inet_addr
WSASetLastError
WSAStartup
WSACleanup
WSAGetLastError
bind

wininet

InternetCloseHandle
InternetOpenUrlA
InternetGetLastResponseInfoA
InternetReadFile
InternetCanonicalizeUrlA
InternetQueryDataAvailable
InternetCrackUrlA
InternetQueryOptionA
InternetOpenA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ani
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b7f4874fe4f250712c82984dcf5d0343

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

wininet

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 220KB - Virtual size: 219KB

.ani Size: 28KB - Virtual size: 28KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 220KB - Virtual size: 219KB

.ani
Size: 28KB - Virtual size: 28KB