f60d0ebde22c03d5c45fea0b87400f3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f60d0ebde22c03d5c45fea0b87400f3e_JaffaCakes118
Size

368KB
MD5

f60d0ebde22c03d5c45fea0b87400f3e
SHA1

e4866dbf35b9604bde9596d68de4f3c3dadbc01f
SHA256

d52391c6c9da486d8f069913355b79ec3d2dfa7ded54129f3917b1b6cbed9a34
SHA512

1e336a5b087402047d1da97ad119dfe66a85f762f6c9ee5d745b0e03ad2d471aab53525246b965e0cae38f8b2aacd5704f22c64926eccc163d1891e9afcfa26b
SSDEEP

6144:Tg335b7Lmej2iS+J88BFI1XlpaCtwoJ9uZV521GzM794uFU/9V43GV5YbrD4zWQ:Tg335b7Lmej2iSx8BFItf1TCK4GUVC39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f60d0ebde22c03d5c45fea0b87400f3e_JaffaCakes118

Files

f60d0ebde22c03d5c45fea0b87400f3e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5502e92c8d537e58fb7bd00457ce2ed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegCloseKey

comctl32

ord14
ord15
ord17
ord13

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
ChooseColorA

gdi32

CreateBitmap
SetTextAlign
CreateCompatibleBitmap
GetPixel
GetDeviceCaps
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
TextOutA
SetBkColor
SetTextColor
Rectangle
CreateSolidBrush
GetStockObject
SelectObject
SetPaletteEntries
RealizePalette
SelectPalette
CreatePalette
UnrealizeObject
ExtTextOutA
SetBkMode
LineTo
CreatePen
TranslateCharsetInfo
GetTextMetricsA
CreateFontA
UpdateColors
ExcludeClipRect
IntersectClipRect
GetCharWidthA
GetCharWidth32A
MoveToEx
ExtTextOutW
SetPixel
Polyline
GetCharWidthW
GetCharWidth32W

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW

shell32

ShellExecuteA

user32

ReleaseCapture
GetDoubleClickTime
SetScrollInfo
CreateCaret
LoadCursorA
SetCursor
PostQuitMessage
IsZoomed
GetKeyboardState
PostMessageA
EnableMenuItem
MessageBoxA
GetCursorPos
GetMessageTime
ShowCursor
SetCaretPos
ToAsciiEx
SetKeyboardState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
FlashWindow
CheckMenuItem
AppendMenuA
GetKeyboardLayout
SetForegroundWindow
UpdateWindow
GetMessageA
SetTimer
KillTimer
IsWindow
IsDialogMessageA
DispatchMessageA
PeekMessageA
HideCaret
ShowCaret
WaitMessage
IsIconic
GetSystemMetrics
GetParent
CheckRadioButton
RegisterWindowMessageA
GetWindowLongA
GetSystemMenu
WinHelpA
GetDlgItemTextA
SetCapture
IsDlgButtonChecked
SetDlgItemInt
GetDlgItem
GetDlgItemInt
LoadIconA
GetDesktopWindow
MoveWindow
SetFocus
SetDlgItemTextA
EndDialog
EnableWindow
DialogBoxParamA
CreateDialogParamA
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
SendDlgItemMessageA
SetWindowLongA
MessageBeep
MapDialogRect
GetCaretBlinkTime
DestroyWindow
BeginPaint
GetClientRect
GetWindowTextLengthA
GetWindowTextA
EndPaint
SetWindowPos
InvalidateRect
DefWindowProcA
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowTextA
GetDC
ReleaseDC
SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
TranslateMessage
DestroyCaret
CheckDlgButton
CreateMenu

winmm

PlaySoundA

winspool.drv

EnumPrintersA
ClosePrinter
EndDocPrinter
StartPagePrinter
StartDocPrinterA
OpenPrinterA
WritePrinter
EndPagePrinter

wsock32

inet_addr
ioctlsocket
gethostbyname
ntohl
htonl
bind
connect
WSAGetLastError
WSACleanup
getservbyname
ntohs
htons
setsockopt
socket
listen
send
inet_ntoa
accept
recv
WSAAsyncSelect
closesocket
WSAStartup

kernel32

SetEndOfFile
SetEnvironmentVariableA
CompareStringA
CompareStringW
GetTimeZoneInformation
GetEnvironmentVariableA
CreateFileA
GetModuleHandleA
ReadFile
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateProcessA
GetLocaleInfoA
GetVersionExA
GetModuleFileNameA
lstrcpyA
GetCPInfo
GetOEMCP
WideCharToMultiByte
GetACP
IsDBCSLeadByteEx
MultiByteToWideChar
MulDiv
GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetTickCount
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
SetStdHandle
GetProcAddress
GetLocalTime
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
TerminateProcess
GetLastError
DeleteFileA
GetStartupInfoA
GetCommandLineA
GetVersion
LoadLibraryA
GetStringTypeA
WriteFile
GetStringTypeW
FlushFileBuffers
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetFilePointer

Sections

.text
Size: 252KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5502e92c8d537e58fb7bd00457ce2ed3

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

imm32

shell32

user32

winmm

winspool.drv

wsock32

kernel32

Sections

.text Size: 252KB - Virtual size: 250KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 48KB - Virtual size: 118KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 252KB - Virtual size: 250KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 48KB - Virtual size: 118KB

.rsrc
Size: 12KB - Virtual size: 12KB