dd11fb3c9d76df104dd54cab9eabc403_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dd11fb3c9d76df104dd54cab9eabc403_JaffaCakes118
Size

228KB
MD5

dd11fb3c9d76df104dd54cab9eabc403
SHA1

63f7f1b2281f82bec711ab3dc490abde5a24f288
SHA256

86747b573f7f2f20d75754e073411b56e93515eba22cf5c4307a24059e662b16
SHA512

1532121e4d03955f5a4c33bd622a5da09357b37448ea923dacf12ca98e77af822de1dc3af3cd773f23d175c9b1cf5c42e914b01dbd150528d62e46b738f01949
SSDEEP

3072:DvbniW198DEYusGG2dIcnnhIm3fbk/1WJC6qidEIiCu8o3Bo84/X3wrbiW14:DJX8DAsGGDchISj95+CuOX/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
dd11fb3c9d76df104dd54cab9eabc403_JaffaCakes118

Files

dd11fb3c9d76df104dd54cab9eabc403_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26afbc243e788732744e0de2ec473884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
Sleep
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetProfileStringA
InterlockedExchange
HeapFree
HeapAlloc
RaiseException
ExitProcess
GetCommandLineA
GetStartupInfoA
RtlUnwind
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
SetErrorMode
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
GlobalFree
GetModuleFileNameA
GlobalAlloc
lstrcmpA
GetCurrentThread
CloseHandle
lstrlenW
GlobalLock
GlobalUnlock
SetLastError
WritePrivateProfileStringA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
MulDiv
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
VirtualAlloc
lstrcpynA
IsBadWritePtr

user32

EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
GetSysColorBrush
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetParent
SendMessageA
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
GetDC
UpdateWindow
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
InflateRect
GetWindowPlacement
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
GetWindowRect
GetClientRect
InvalidateRect
LoadCursorA
PtInRect
GetClassNameA
LoadStringA
EndDialog
CreateDialogIndirectParamA
ShowOwnedPopups
PostQuitMessage
GetMessageA
TranslateMessage
ValidateRect
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
SetMenu
LoadMenuA
DestroyMenu
GetActiveWindow
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
GetCursorPos
WindowFromPoint
GrayStringA
DrawTextA
MessageBoxA
TabbedTextOutA
GetNextDlgTabItem

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
SetViewportExtEx
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetTextExtentPoint32A

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

DragQueryFileA
DragFinish

comctl32

ord17

oleaut32

VariantClear
VarDateFromStr
VarBstrFromDate

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26afbc243e788732744e0de2ec473884

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

oleaut32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 36KB - Virtual size: 33KB