d6f09fb192fd8fa48e551914b425958f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d6f09fb192fd8fa48e551914b425958f_JaffaCakes118
Size

252KB
MD5

d6f09fb192fd8fa48e551914b425958f
SHA1

66a6af17de5d0225e9b87baf99eba43e196a6a10
SHA256

1671503f76ad2a3bf1557558558d199db5db0b8f098b3fdccc6952172ad1d3e7
SHA512

122f50c44720ddcea3efba09ed33f6cbfc945c1d4c620e2b3f78c5a0855d3400567b72b4e21a3440a63cf5626ab0a2e71fbcabf516bfa5de62ec18477032af3f
SSDEEP

3072:bi/wRqr7K83F+gX9wwtH/VNZLUCn0K2P1gsAs8668mm7q5Kudn+djPlc:bMwMK83F+2ewRtNZ69bZmmhud+ZPlc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6f09fb192fd8fa48e551914b425958f_JaffaCakes118

Files

d6f09fb192fd8fa48e551914b425958f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93d0dec877611a1845ccba455a4d6b7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationW
GetFullPathNameW
GetFileAttributesW
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetStartupInfoW
ExitProcess
RtlUnwind
TerminateProcess
HeapFree
GetTimeZoneInformation
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetDriveTypeA
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
DuplicateHandle
GetThreadLocale
GetProcessVersion
GetCurrentDirectoryW
GlobalFlags
lstrcmpiW
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
FindNextFileW
FindFirstFileW
FindClose
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
lstrcpynW
EnterCriticalSection
MulDiv
SetLastError
FormatMessageW
LocalFree
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
LoadLibraryA
FreeLibrary
lstrlenA
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
lstrcpyW
GlobalUnlock
GlobalFree
LockResource
FindResourceW
LoadResource
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
lstrlenW
GetCurrentThread
GetCurrentThreadId
WaitForSingleObject
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
GetTickCount
WritePrivateProfileStringW
CreateToolhelp32Snapshot
GetLastError
Process32FirstW
Process32NextW
CloseHandle
DeleteFileW
CopyFileW
GetProcAddress
Thread32First
OpenThread
QueueUserAPC
Thread32Next
GetModuleHandleW
GetCommandLineW
Sleep

user32

CharUpperW
RegisterClipboardFormatW
PostThreadMessageW
LoadStringW
GetSysColorBrush
PtInRect
GetClassNameW
LoadCursorW
GetDesktopWindow
GrayStringW
DrawTextW
TabbedTextOutW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
UpdateWindow
SendDlgItemMessageW
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
DestroyMenu
CopyRect
GetTopWindow
IsChild
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextW
GetDlgCtrlID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SetWindowLongW
RegisterWindowMessageW
OffsetRect
SystemParametersInfoW
GetWindowPlacement
GetWindowRect
MapDialogRect
SetWindowPos
GetWindow
SetWindowContextHelpId
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableW
CharNextW
GetFocus
GetNextDlgTabItem
GetMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
SetCursor
PostQuitMessage
PostMessageW
wsprintfW
EnableWindow
PeekMessageW
TranslateMessage
DispatchMessageW
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageW
LoadIconW
DefWindowProcW
UnregisterClassW

gdi32

PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
GetTextColor
GetBkColor
LPtoDP
GetMapMode
GetWindowExtEx
GetViewportExtEx
GetDeviceCaps
DeleteObject
DPtoLP
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

AdjustTokenPrivileges
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW

comctl32

ord17

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CoRegisterMessageFilter
CoRevokeClassObject

olepro32

ord253

oleaut32

SysStringLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93d0dec877611a1845ccba455a4d6b7f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 12KB - Virtual size: 10KB

.vmp0 Size: 40KB - Virtual size: 37KB

.reloc Size: 4KB - Virtual size: 60B

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 12KB - Virtual size: 10KB

.vmp0
Size: 40KB - Virtual size: 37KB

.reloc
Size: 4KB - Virtual size: 60B