da0102633446b4e57a51daa6f2ea0e1e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da0102633446b4e57a51daa6f2ea0e1e_JaffaCakes118
Size

273KB
MD5

da0102633446b4e57a51daa6f2ea0e1e
SHA1

ca3b2232026e5e932b66aa60cca11cf17d79c890
SHA256

562fa202abecd250b952ddab741c72beb4fe018305dd80e441fe05019bd95ca3
SHA512

409ea7f4f2006d6d02dd23802656a4b5a9c3f65a3e8b83bf5353a77cf9a926c495df43a46f48bc460510b7f10630d05a1c9e434baf4098a6838641e3d967ebe2
SSDEEP

6144:qQlO8c9iKrkJb2ezJ6B2dwMwLlDA34h0ca34GipyGv9X8n:U8cAAfMwhDwf34nphven

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da0102633446b4e57a51daa6f2ea0e1e_JaffaCakes118

Files

da0102633446b4e57a51daa6f2ea0e1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de0e721e478b32141c21d3e40da44457

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
LocalFree
GetProcessHeap
HeapAlloc
lstrcmpiA
GetTempFileNameA
OpenFile
GetProcAddress
Sleep
OpenFileMappingA
HeapFree
GlobalFree
GlobalAlloc
GetUserDefaultLangID
GetPrivateProfileIntA
GetPrivateProfileStringA
GetVersionExA
MultiByteToWideChar
GetLastError
lstrlenA
lstrcpynA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
CreateProcessA
LoadLibraryA
FreeLibrary
CloseHandle
GetTickCount
lstrcatA
LocalAlloc
GetTempPathA
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEndOfFile
SetFilePointer
GetTimeZoneInformation
ReadFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
CreateFileA
FlushFileBuffers
SetStdHandle
VirtualAlloc
WriteFile
SetEnvironmentVariableA
lstrcpyA
CompareStringW
CompareStringA
GetLocaleInfoW
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
WideCharToMultiByte
SetUnhandledExceptionFilter
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
LCMapStringW
LCMapStringA
GetCurrentThreadId
GetCurrentProcess
TerminateProcess
EnterCriticalSection
LeaveCriticalSection
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue

user32

DestroyMenu
LoadMenuA
GetSysColor
DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
FindWindowA
DefWindowProcA
PostQuitMessage
CreateWindowExA
RegisterClassA
PostMessageA
MessageBoxA
SetTimer
SetMenuItemInfoA
GetMenuItemInfoA
ModifyMenuA
GetSubMenu
KillTimer
LoadImageA
wsprintfA
SendMessageA
TrackPopupMenu
DrawMenuBar
GetParent
GetWindowLongA
GetCursorPos
GetAsyncKeyState
SetFocus
IsWindow
AppendMenuA
LoadStringA
LoadBitmapA
GetSystemMetrics
SetForegroundWindow
FillRect

gdi32

TextOutA
SetBkColor
SetTextColor
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
CreateSolidBrush
CreateICA
GetTextExtentPoint32A
DeleteObject

winspool.drv

GetPrinterA
OpenPrinterA
OpenPrinterW
ClosePrinter
GetPrinterDataA

advapi32

SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA
RegSetValueExA
FreeSid
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegEnumKeyExA
RegCreateKeyExA
RegDeleteKeyA

shell32

Shell_NotifyIconA

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de0e721e478b32141c21d3e40da44457

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 192KB - Virtual size: 198KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 192KB - Virtual size: 198KB

.rsrc
Size: 6KB - Virtual size: 5KB