f643ca994e8dd1b84f25fab4d5e68aaa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f643ca994e8dd1b84f25fab4d5e68aaa_JaffaCakes118
Size

494KB
MD5

f643ca994e8dd1b84f25fab4d5e68aaa
SHA1

7024b72c8351311560d4693375b35a3252ff80b0
SHA256

04432d91cc066effc4bb79afe43e077a292b226c31251a7271b604e06c372570
SHA512

391deda1d95f7e0f88e557d5bc4bcff42b171b39bef760be736356710ad2fce9deaa8795c736b66d1acf50e9f02875d5d220366734786466aa05694f8cb02c0d
SSDEEP

6144:L5dhR7YH4QgFurpkr33XjOIjMAnp01Z4Lgg3gi/be+F1hrueNj9nzSnR:L5dD7YH4QgFurG/OIIAnp01sKC7+R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f643ca994e8dd1b84f25fab4d5e68aaa_JaffaCakes118

Files

f643ca994e8dd1b84f25fab4d5e68aaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dead38db00de61a6e2c59b65ce9ece52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetCommandLineA
HeapAlloc
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
HeapSize
SetHandleCount
GetLocalTime
GetDriveTypeA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapReAlloc
HeapDestroy
SetUnhandledExceptionFilter
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStdHandle
TerminateProcess
MultiByteToWideChar
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
lstrcmpiA
InterlockedIncrement
InterlockedDecrement
DeviceIoControl
GetTickCount
GetVersion
GetPrivateProfileIntA
ClearCommError
ReadFile
CreateEventA
WriteFile
PurgeComm
WaitForSingleObject
GetOverlappedResult
SetCommState
SetCommTimeouts
GetLastError
CreateFileA
CloseHandle
WritePrivateProfileStringA
Sleep
GetVersionExA
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
FormatMessageA
GetProfileStringA
GetSystemTime
GetTimeZoneInformation
RtlUnwind
ExitProcess
RaiseException
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetCurrentDirectoryA
GetFileAttributesA
GetFileTime
GetFileSize
GetShortPathNameA
GetThreadLocale
FindFirstFileA
GetFullPathNameA
GetVolumeInformationA
FindClose
DeleteFileA
LockFile
SetEndOfFile
UnlockFile
GetCurrentProcess
FlushFileBuffers
SetFilePointer
SizeofResource
DuplicateHandle
lstrcpyA
LocalReAlloc
GetModuleFileNameA
TlsGetValue
TlsSetValue
GlobalReAlloc
LocalAlloc
GlobalHandle
TlsAlloc
GetProcessVersion
SetLastError
GlobalFlags
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MulDiv
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
FileTimeToSystemTime
GetCurrentThread
FileTimeToLocalFileTime
GlobalLock
lstrcatA
GetCurrentThreadId
LockResource
GlobalUnlock
GlobalFree
WideCharToMultiByte
FindResourceA
LoadResource
lstrlenA
lstrcpynA
lstrlenW
LocalFree
GetLocaleInfoA
GetEnvironmentStringsW
HeapCreate

user32

GetNextDlgGroupItem
IntersectRect
InflateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
SetRect
MessageBeep
GetCursorPos
MessageBoxA
SetCursor
ShowOwnedPopups
ShowWindow
SetWindowTextA
IsDialogMessageA
BringWindowToTop
PostMessageA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
CharNextA
PostThreadMessageA
CopyAcceleratorTableA
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
LoadStringA
WindowFromPoint
ReleaseCapture
UnhookWindowsHookEx
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetParent
GetNextDlgTabItem
PeekMessageA
TranslateMessage
DispatchMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
RegisterClassA
GetMenuItemCount
wsprintfA
GetClassInfoA
OffsetRect
GetFocus
GetSystemMenu
AppendMenuA
LoadIconA
PostQuitMessage
SetTimer
KillTimer
EnableWindow
SendMessageA
RegisterWindowMessageA
CharUpperA
InvalidateRect
DestroyIcon
FindWindowA
PtInRect
GetDesktopWindow
ClientToScreen
LoadCursorA
GetClassNameA
GetSysColorBrush
TabbedTextOutA
GrayStringA
DrawTextA
GetWindowDC
EndPaint
BeginPaint
ReleaseDC
DestroyMenu
GetDC
GetMessageA
MapDialogRect
RegisterClipboardFormatA
GetMenu
ValidateRect
ScrollWindow
ScreenToClient
MoveWindow
DefDlgProcA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
UnregisterClassA
IsWindowUnicode

gdi32

GetObjectA
DeleteDC
RestoreDC
SelectObject
SaveDC
SetBkMode
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
SetTextColor
IntersectClipRect
DeleteObject
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
PtVisible
TextOutA
ExtTextOutA
RectVisible
GetTextExtentPointA
Escape
LPtoDP
DPtoLP
GetBkColor
GetMapMode
GetTextColor
CreateDIBitmap
CreateCompatibleDC
BitBlt
CreateBitmap
PatBlt

comdlg32

GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegSetValueA
RegQueryValueA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

DragQueryFileA
ExtractIconA
DragFinish

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleFlushClipboard
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CoGetClassObject
CoRegisterMessageFilter
StringFromCLSID
StgOpenStorageOnILockBytes
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
OleUninitialize
CoTaskMemAlloc
CoDisconnectObject

oleaut32

VariantChangeType
VariantCopy
VariantClear
SysFreeString
SysAllocStringLen
SysStringByteLen
SysStringLen
SysAllocString
SysAllocStringByteLen
LoadTypeLi
OleCreateFontIndirect

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dead38db00de61a6e2c59b65ce9ece52

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

oleaut32

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 22KB - Virtual size: 44KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 22KB - Virtual size: 44KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 36KB - Virtual size: 36KB