ff49e1ec63042392c2cf92e8c91e7328_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff49e1ec63042392c2cf92e8c91e7328_JaffaCakes118
Size

250KB
MD5

ff49e1ec63042392c2cf92e8c91e7328
SHA1

20c8fb9473dd86f523d86e4fad351fa42194914b
SHA256

5adcf2c271aa9380cc049bd1ab449974db0900acbc0916b57b465bbcd54d558b
SHA512

61e3d8c9b24f128adeecdf887bcc9c31432d63f8d35df61ee2617c2e85ad5280cec7e263affafe344d36fc29d80c2e8acc9704a702c5709ade2ce753a43dd26f
SSDEEP

3072:hrRf4X66PUCRkfcRdvX5fURuHy7bVwtlG5mWnZ0cMVT16dd4KE8nITr/mtrWMKg:FRfgUAichty7rtnrdCwIPOgrgsjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff49e1ec63042392c2cf92e8c91e7328_JaffaCakes118

Files

ff49e1ec63042392c2cf92e8c91e7328_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a17201dc1399bd3c3cf580d698b28240

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
GetCurrentProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
TerminateProcess
GetOEMCP
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
VirtualFree
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetProcAddress
lstrcpyA
GetCurrentThreadId
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GetModuleFileNameA
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
RaiseException
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
FormatMessageA
LocalFree
CreateEventA
lstrcpynA
CreateFileA
SetNamedPipeHandleState
CreateThread
ResetEvent
WaitForMultipleObjects
GetOverlappedResult
ReadFile
GetTickCount
CloseHandle
SetEvent
WaitForSingleObject
TerminateThread
WriteFile
Sleep
CreateMutexA
FindResourceA
LoadResource
LockResource
SizeofResource
FreeLibrary
LoadLibraryA
GetModuleHandleA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapDestroy
InterlockedExchange

user32

CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowLongA
SetWindowsHookExA
CallNextHookEx
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetWindow
GetDlgCtrlID
PtInRect
GetFocus
GetClassNameA
GetParent
GetLastActivePopup
IsWindowEnabled
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetMenuItemID
GetMenuItemCount
GetSubMenu
EnableWindow
MessageBoxA
GetMessageA
DispatchMessageA
CreateWindowExA
UnregisterClassA
RegisterClassExA
DefWindowProcA
EndDialog
GetCursorPos
CreatePopupMenu
DestroyMenu
GetAsyncKeyState
SetForegroundWindow
TrackPopupMenuEx
InsertMenuItemA
SetTimer
KillTimer
DestroyIcon
DialogBoxParamA
LoadStringA
SetWindowPos
AdjustWindowRect
GetWindowLongA
GetClientRect
wsprintfA
CreateDialogParamA
PostMessageA
DestroyWindow
LoadImageA
SetWindowTextA
MessageBeep
GetDlgItem
GetWindowTextA
GetDC
SendMessageA
DrawTextA
ReleaseDC
ScreenToClient
RegisterClassA
GetWindowRect
PostQuitMessage
GetMenuState
GetDesktopWindow
MoveWindow
GrayStringA
DrawTextExA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
GetMenu
AdjustWindowRectEx
GetClassInfoA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
DeleteObject
DeleteDC
GetStockObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ScaleWindowExtEx
SelectObject
GetDeviceCaps
CreateBitmap

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

comdlg32

GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA

shell32

ShellExecuteA
SHGetFolderPathA
Shell_NotifyIconA

ole32

CoInitializeEx
CoCreateInstance

oleaut32

VariantChangeType
VariantClear
SysAllocString
SysFreeString
VariantInit

comctl32

ord17

isdi

??1Sdi@@QAE@XZ
?getHandles@Sdi@@QAE?AW4_Error@1@PAPAXPAKKPAXKK@Z
?getCount@Sdi@@QAEKKPAXKK@Z
??0Sdi@@QAE@_N@Z
?getTable@Sdi@@QAE?AW4_Error@1@W4_TableType@1@PAX1@Z

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.frdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a17201dc1399bd3c3cf580d698b28240

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

isdi

oleacc

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 44KB - Virtual size: 43KB

.frdata Size: 76KB - Virtual size: 76KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 44KB - Virtual size: 43KB

.frdata
Size: 76KB - Virtual size: 76KB