fb9f91092405e31dd1d903e18dd01639_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb9f91092405e31dd1d903e18dd01639_JaffaCakes118
Size

293KB
MD5

fb9f91092405e31dd1d903e18dd01639
SHA1

1e1ca25148feba3599dcb3f7bdd11d814510fff2
SHA256

d45007274610391c47fee5501e67aee76c8d888ca7f6f45f0c37ca168920a3be
SHA512

ed5dc6d8b3cec877979ce7aa0a318adc3aea3ab466496859b909942b1636a453069342cabbf05461ce8dcdbf778f8464489cbdacb5a66e267704588d1e8dc80d
SSDEEP

6144:Lkhk1tGJwfxdCEO9kWCR4HBB3D25BvmGn38ecnUNVWY8KU:hGJREO9kWAiqP9n3bmeVWtn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb9f91092405e31dd1d903e18dd01639_JaffaCakes118

Files

fb9f91092405e31dd1d903e18dd01639_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8c9478b1ed037452e7a6bec52e88e8fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegQueryValueExA
IsTextUnicode
RegCloseKey
RegSetValueExW
RegCreateKeyW
RegOpenKeyExA
RegQueryValueExW

user32

CreateWindowExW
RegisterWindowMessageW
EnumWindows
SetWindowPlacement
DestroyWindow
CharNextW
GetClientRect
UnhookWinEvent
SetScrollPos
CharUpperW
CheckMenuItem
MessageBoxW
LoadCursorW
SetFocus
SetWindowTextW
GetWindowLongW
SetWindowLongA
GetAsyncKeyState
ValidateRect
LoadImageW
GetDlgItemTextW
ScreenToClient
EnableMenuItem
DestroyMenu
KillTimer
GetSystemMenu
GetParent
SendMessageW
LoadAcceleratorsW
SendDlgItemMessageW
SetWinEventHook
SetWindowLongW
SetWindowPos
CallNextHookEx
GetForegroundWindow
DestroyIcon
GetSystemMetrics
DrawTextExW
GetWindowTextW
GetWindowRect
DialogBoxParamW
GetKeyboardLayout
IsDialogMessageW
GetClassNameA
GetWindowPlacement
GetMenuState
LoadIconW
OpenClipboard
SetPropA
CharLowerW
GetSubMenu
EndDialog
WinHelpW
CloseClipboard
UnregisterClassA
GetDlgCtrlID
SetCapture
IsWindowEnabled
PostQuitMessage
TranslateAcceleratorW
wsprintfW
GetDlgItem
GetCursorPos
DispatchMessageW
IsIconic
DefWindowProcW
CharNextA
TranslateMessage
MessageBeep
GetDesktopWindow
BeginPaint
SetDlgItemTextW
PostMessageW
GetDC
ReleaseDC
GetFocus
GetMenu
InvalidateRect
DeleteMenu
RegisterClassExW
GetMessageW
SetCursor
LoadStringW
PeekMessageW
CreateDialogParamW
ChildWindowFromPoint
SetActiveWindow
GetScrollPos
IsClipboardFormatAvailable
PostMessageA
MoveWindow
ShowWindow
UpdateWindow
EnableWindow
GetMessagePos

gdi32

TextOutW
SetMapMode
GetObjectW
StartDocW
EndDoc
CreateDCW
DeleteDC
AbortDoc
GetStockObject
SetAbortProc
GetDeviceCaps
SetBkMode
SelectObject
StartPage
DeleteObject
LPtoDP
GetTextFaceW
EnumFontsW
CreateFontIndirectW
SetViewportExtEx
GetTextMetricsW
GetTextExtentPoint32W
SetWindowExtEx
EndPage

msvcrt

_c_exit
_vsnprintf
_XcptFilter
_exit
wcsrchr
__p__fmode
_iob
__setusermatherr
_wcsnicmp
wcsncmp
time
realloc
_controlfp
_amsg_exit
wcschr
_acmdln
_lock
__dllonexit
_wtol
_initterm
__p__commode
__set_app_type
malloc
_adjust_fdiv
??_U@YAPAXI@Z
wcstoul
exit
__getmainargs
_cexit
_snwprintf
memset
_unlock
wcsncpy
localtime
iswctype
memcpy
_errno

kernel32

GetDriveTypeA
LocalUnlock
GetEnvironmentVariableA
UnhandledExceptionFilter
GetDiskFreeSpaceA
IsBadWritePtr
RtlUnwind
GetConsoleOutputCP
lstrcmpiW
TerminateProcess
GlobalUnlock
GetSystemDirectoryW
GetVersionExA
RaiseException
CreateDirectoryW
GetModuleFileNameA
LocalSize
lstrcmpW
GetStartupInfoA
CreateFileMappingW
GetCurrentThreadId
FindResourceExW
GetFileInformationByHandle
lstrcpyW
CreateEventA
LocalAlloc
DisableThreadLibraryCalls
GetEnvironmentStringsW
HeapAlloc
GetFileAttributesW
GetCurrentProcess
lstrcatW
GetSystemTime
GetTempFileNameA
GetCommandLineW
VirtualQuery
GetModuleHandleA
FlushFileBuffers
GetCommandLineA
GetLocaleInfoA
GetConsoleCP
GetLocalTime
SetLastError
LeaveCriticalSection
FormatMessageW
TlsGetValue
LoadLibraryA
FindClose
GetUserDefaultLCID
CreateFileW
FindResourceA
lstrcpynW
CreateFileA
GetCurrentProcessId
LoadResource
LCMapStringW
GetThreadLocale
HeapDestroy
SetUnhandledExceptionFilter
GetLocaleInfoW
InterlockedDecrement
GetTickCount
TlsAlloc
GetEnvironmentVariableW
GetTimeFormatW
GetStringTypeW
IsDebuggerPresent
VirtualProtect
InterlockedExchange
WideCharToMultiByte
UnmapViewOfFile
GetUserDefaultUILanguage
FoldStringW
EnterCriticalSection
DeleteFileW
lstrlenW
TlsSetValue
CompareStringW
VirtualAlloc
OutputDebugStringA
GetDriveTypeW
ReadFile
DuplicateHandle
ExitProcess
HeapSize
GetTimeFormatA
LocalFree
InterlockedIncrement
FindFirstFileW
WriteFile
GlobalFree
MulDiv
GetACP
GetFileType
GlobalLock
InterlockedCompareExchange
DeleteCriticalSection
GetDateFormatW
DeleteFileA
LocalLock
MultiByteToWideChar
QueryPerformanceCounter
MapViewOfFile
VirtualFree
LCMapStringA
GetSystemTimeAsFileTime
GetLastError
CloseHandle
ReleaseMutex
LocalReAlloc
GetProcAddress
SetEndOfFile
GetConsoleMode
HeapCreate

comctl32

CreateStatusWindowW

comdlg32

PageSetupDlgW
ReplaceTextW
PrintDlgExW
FindTextW
GetSaveFileNameW
ChooseFontW
CommDlgExtendedError
GetFileTitleW
GetOpenFileNameW

shell32

DragQueryFileW
DragAcceptFiles
ShellAboutW
DragFinish

winspool.drv

ClosePrinter
OpenPrinterW
GetPrinterDriverW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 411KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c9478b1ed037452e7a6bec52e88e8fd

Headers

File Characteristics

Imports

advapi32

user32

gdi32

msvcrt

kernel32

comctl32

comdlg32

shell32

winspool.drv

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 232KB - Virtual size: 411KB

.reloc Size: 512B - Virtual size: 242B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 232KB - Virtual size: 411KB

.reloc
Size: 512B - Virtual size: 242B

.rsrc
Size: 3KB - Virtual size: 2KB