d2d8dbdc12359d6f8786547443f3ed6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2d8dbdc12359d6f8786547443f3ed6b_JaffaCakes118
Size

284KB
MD5

d2d8dbdc12359d6f8786547443f3ed6b
SHA1

690b5f1e14c784e6a5e3d35d8288957102c463e7
SHA256

71ab7bbf591b5c12ed9224f2228e9085cdfaa7f08aa62290c3d0d46b32bd4b6c
SHA512

403f2af7d5f565b629fddcaca7154187f73450a81af03ee54eb314b952e962b5fd45b9ee10bcd850363fe6e75f9422dd1a088860ae4dadd919ee9c7ecf13c4d5
SSDEEP

6144:aSZwFzN/86dV+H+2E0VGwrwZN+mr3GN3kbLok:aSGH/8Coe2vLrV+Ws

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2d8dbdc12359d6f8786547443f3ed6b_JaffaCakes118

Files

d2d8dbdc12359d6f8786547443f3ed6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eecab90e401bb180361044c488efef18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
RtlUnwind
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFileTime
FileTimeToLocalFileTime
GetOEMCP
GetCPInfo
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalFlags
lstrcatA
WritePrivateProfileStringA
FileTimeToSystemTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
FreeResource
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
RemoveDirectoryA
OutputDebugStringA
LoadResource
LockResource
SizeofResource
FindResourceA
GetFileAttributesA
CreateFileA
GetTickCount
GetFileSize
SetFilePointer
WriteFile
SetFileTime
CreateProcessA
WaitForSingleObject
CloseHandle
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
CopyFileA
GetLocalTime
MoveFileA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
CreateDirectoryA
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
GetLastError
WideCharToMultiByte
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
InterlockedExchange
GetStdHandle
SetFileAttributesA

user32

DestroyMenu
MessageBeep
GetNextDlgTabItem
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
CopyAcceleratorTableA
SetRect
IsRectEmpty
CharNextA
RegisterWindowMessageA
WinHelpA
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsWindow
IsChild
GetForegroundWindow
SetActiveWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetClientRect
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
ShowWindow
MoveWindow
SetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
EndPaint
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
PostThreadMessageA
GetClassNameA
wsprintfA
GetDesktopWindow
ReleaseCapture
GetCapture
SetCapture
ClientToScreen
GetWindowTextA
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDlgItem
SetMenuItemBitmaps
RegisterClipboardFormatA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
CreateDialogIndirectParamA
EndDialog
OffsetRect
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
PostQuitMessage
PostMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
SetFocus

gdi32

GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetObjectA
GetStockObject
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetDeviceCaps
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateBitmap
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey
RegCreateKeyExA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
OleFlushClipboard
CoTaskMemFree
OleIsCurrentClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
CoRevokeClassObject

oleaut32

OleCreateFontIndirect
VariantInit
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
VariantChangeType
VariantClear
SysAllocStringLen
SysAllocStringByteLen
SysStringLen
SysFreeString

setupapi

SetupIterateCabinetA

wininet

DeleteUrlCacheEntry
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eecab90e401bb180361044c488efef18

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

shlwapi

oledlg

ole32

oleaut32

setupapi

wininet

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 60KB - Virtual size: 57KB