fa6a39eac1838e7fe7d8642e8f6ad2c9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa6a39eac1838e7fe7d8642e8f6ad2c9_JaffaCakes118
Size

548KB
MD5

fa6a39eac1838e7fe7d8642e8f6ad2c9
SHA1

241bc005f6538bd79c656ae765062c2e1d21c02c
SHA256

8d899e5a991b3c6a639c5b8049e37703ca9b417481f356a8bc1706c5f01f19aa
SHA512

10b473be64b3400534202c7aebaa4777e21af0856c57b60ae816e32ab90a40f3f34f658b1adecec13565ae89c574217ec7feb9c768e6f5012d42ce75e94b1a7b
SSDEEP

6144:ufqzLslKa8wQVrz/IV0ReSMgYhmraWGfrIGLLwXcyvOcyWKONBu/ovc7akh7kjAs:unUb/IVJgYhlRDIGLEXt7KB7fKxqi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa6a39eac1838e7fe7d8642e8f6ad2c9_JaffaCakes118

Files

fa6a39eac1838e7fe7d8642e8f6ad2c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4549ed25cb49dd2632c4a002b6acad0d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetACP
IsValidCodePage
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
SetStdHandle
GetFileType
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
LCMapStringW
RtlUnwind
GetTimeZoneInformation
GetStdHandle
VirtualFree
HeapDestroy
HeapCreate
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
GlobalFlags
SetErrorMode
LocalFileTimeToFileTime
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
InterlockedIncrement
WaitForSingleObject
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GetDiskFreeSpaceA
GetTempFileNameA
GetFileTime
SetFileTime
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalGetAtomNameA
GlobalAddAtomA
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
DeleteFileA
MoveFileA
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
GetTickCount
GetStringTypeExA
lstrcmpiA
CompareStringW
CompareStringA
GetVersion
MultiByteToWideChar
InterlockedExchange
GetModuleFileNameA
WinExec
lstrcpyA
GetFileAttributesA
GetPrivateProfileStringA
lstrlenA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
FreeLibrary
LoadLibraryA
GetLastError
Sleep
GetProcAddress

user32

SetParent
WindowFromPoint
CopyAcceleratorTableA
InvalidateRgn
CharNextA
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
RegisterClipboardFormatA
PostThreadMessageA
SetCapture
DrawIcon
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
MoveWindow
SetWindowTextA
IsDialogMessageA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
MessageBoxA
CreateWindowExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
PtInRect
DefWindowProcA
CallWindowProcA
GetWindowPlacement
IsZoomed
GetClassNameA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
IsWindowEnabled
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
UpdateWindow
IsIconic
InsertMenuItemA
CreatePopupMenu
IntersectRect
GetLastActivePopup
BringWindowToTop
GetWindow
ShowWindow
GetWindowLongA
IsWindow
TranslateAcceleratorA
UnhookWindowsHookEx
GetDesktopWindow
GetMenuState
GetMenuItemInfoA
UnregisterClassA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
GetMessagePos
LoadCursorA
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharUpperA
FindWindowA
PostMessageA
GetSysColor
SystemParametersInfoA
GetSystemMetrics
DestroyIcon
LoadIconA
EnableWindow
GetClientRect
GetWindowRgn
SetWindowRgn
SendMessageA
FrameRect
OffsetRect
InflateRect
IsRectEmpty
GetClassInfoA
RegisterWindowMessageA
KillTimer
SetTimer
GetWindowRect
SetMenu
CopyRect
LoadImageA
SetRectEmpty
SetRect
GetClassInfoExA

gdi32

SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExtSelectClipRgn
CreatePatternBrush
CreatePen
CreateSolidBrush
CreateFontIndirectA
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
GetRgnBox
GetTextColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
GetViewportExtEx
CreateRectRgnIndirect
GetObjectA
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
FrameRgn
CreateRoundRectRgn
CreateRectRgn
DeleteObject
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
GetFileSecurityA
SetFileSecurityA
RegOpenKeyA
RegSetValueA
GetUserNameA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyA

shell32

SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA
Shell_NotifyIconA

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
UrlUnescapeA
PathFindFileNameA

oledlg

ord8

ole32

CLSIDFromProgID
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard

oleaut32

OleCreateFontIndirect
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear
SysAllocStringByteLen
SysFreeString
SysStringLen

wininet

InternetOpenUrlA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
InternetQueryDataAvailable
InternetQueryOptionA
InternetCrackUrlA
InternetCanonicalizeUrlA

Sections

.text
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4549ed25cb49dd2632c4a002b6acad0d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

wininet

Sections

.text Size: 324KB - Virtual size: 322KB

.rdata Size: 88KB - Virtual size: 84KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 120KB - Virtual size: 118KB

.text
Size: 324KB - Virtual size: 322KB

.rdata
Size: 88KB - Virtual size: 84KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 120KB - Virtual size: 118KB