0383373e2343d882ff9a27914978ee15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0383373e2343d882ff9a27914978ee15_JaffaCakes118
Size

138KB
MD5

0383373e2343d882ff9a27914978ee15
SHA1

b981c5a62374b8e1786decbc91e853a1836b8e94
SHA256

1ddbb47d3566d66dcb7b0ad13b3d3e4f619e36cb20acb02033d22f206db5ca43
SHA512

18b54bcf6670237df31876e3e73f76a0b01eb1f8e1b033cb1b9f16ed61a901126e9edb32c3ddf3a3c44bb1c3ec2cea46e22c94357e8c0ea008bb152655621e5f
SSDEEP

3072:s/Z9QGeLxEjbl7sAr04kF+XG4yhquCXr4CaLjI8cWZcTP8renI7Ux3Rp:s/8vxEjBEbwG4GFKr4CaLjI8czFf3Rp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0383373e2343d882ff9a27914978ee15_JaffaCakes118

Files

0383373e2343d882ff9a27914978ee15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f7079fcfd414da333cb4461d5c26ccfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
CreateBitmap
SetTextColor
SetMapMode
PtVisible
ScaleWindowExtEx
SetWindowExtEx
SaveDC
RectVisible
ScaleViewportExtEx
DeleteDC
GetStockObject
OffsetViewportOrgEx
SelectObject
RestoreDC
Escape
GetClipBox
GetDeviceCaps
TextOutW
DeleteObject
SetViewportOrgEx
ExtTextOutW
SetViewportExtEx

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

kernel32

QueryPerformanceCounter
MultiByteToWideChar
GetUserDefaultLangID
HeapReAlloc
HeapSize
GetCurrentProcessId
GetSystemDefaultLangID
GetEnvironmentStringsW
CreateDirectoryA
GetCommandLineW
GetOEMCP
TlsGetValue
InterlockedIncrement
SetFileAttributesA
GetStringTypeW
LockResource
TlsGetValue
GetFullPathNameA
ReadFile
GetShortPathNameW
FindFirstFileExW
IsBadWritePtr
GetStringTypeA
GetACP
GetFileType
HeapAlloc
GetTempPathW
GlobalReAlloc
FindFirstFileExA
GetVersionExA
DeleteCriticalSection
DeleteFileW
DebugActiveProcess
GetStartupInfoA
IsBadCodePtr
GetLocaleInfoW
RaiseException
FreeEnvironmentStringsA
FormatMessageW
GlobalLock
InterlockedDecrement
DeleteFileA
GetFullPathNameW
lstrcpyW
InterlockedExchange
FindNextFileA
lstrlenW
lstrcpynW
HeapDestroy
GetStdHandle
LocalFree
IsBadReadPtr
GetEnvironmentStrings
LCMapStringW
MoveFileW
GetCurrentProcess
GetCPInfo
VirtualAlloc
VirtualQuery
GetModuleHandleA
CreateDirectoryW
GetCommandLineA
UnhandledExceptionFilter
WriteFile
EnumResourceLanguagesA
GlobalDeleteAtom
GetProcAddress
RtlUnwind
SetUnhandledExceptionFilter
GetLastError
EnumSystemLocalesW
LocalAlloc
FindResourceW
OutputDebugStringW
GlobalHandle
GetUserDefaultUILanguage
RemoveDirectoryW
CreateFileMappingW
GetModuleHandleW
VirtualFree
TlsAlloc
ExitProcess
LoadResource
SetFileAttributesW
GetThreadLocale
GetStartupInfoW
TlsSetValue
GetModuleFileNameA
InitializeCriticalSection
OutputDebugStringA
MoveFileA
FindClose
SetFilePointer
SetHandleCount
SetLastError
EnumUILanguagesW
TerminateProcess
SetStdHandle
ExitProcess
GetCurrentThreadId
EnterCriticalSection
CopyFileA
TlsFree
LocalReAlloc
GetSystemInfo
GlobalFindAtomW
Sleep
GetVersionExW
SizeofResource
VirtualProtect
WideCharToMultiByte
FlushFileBuffers
CloseHandle
GlobalFree
GetShortPathNameA
GetSystemTimeAsFileTime
GetModuleFileNameW
HeapFree
FreeEnvironmentStringsW
FreeLibrary
GetTickCount
GlobalAlloc
lstrcatW
lstrlenA
LeaveCriticalSection
HeapCreate
GlobalFlags
GetLocaleInfoA
GlobalAddAtomW
CopyFileW
GlobalUnlock
FindNextFileW
GetVersion
LCMapStringA
lstrcmpW
LoadLibraryA
RemoveDirectoryA

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathCanonicalizeA
PathRemoveBackslashW
PathRemoveFileSpecA
PathAppendA
PathFindFileNameW
PathFileExistsA
StrStrW
PathAppendW
PathFileExistsW
PathIsDirectoryEmptyA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionW
PathIsDirectoryW
PathCanonicalizeW
PathFindExtensionA
PathAddExtensionW
StrStrA
PathIsDirectoryEmptyW

oleacc

CreateStdAccessibleObject
LresultFromObject

ole32

CoCreateInstance
CoInitialize
CoUninitialize

user32

ModifyMenuW
GetMenu
GetParent
PtInRect
GetMessagePos
ClientToScreen
GetForegroundWindow
CheckMenuItem
WinHelpW
GetMenuCheckMarkDimensions
DefWindowProcW
GetTopWindow
SendMessageW
SetPropW
TabbedTextOutW
GetMenuItemID
CreateWindowExW
SetWindowsHookExW
PostMessageW
GetMenuState
CallWindowProcW
GetWindow
CallNextHookEx
GetClassLongW
SetWindowTextW
RegisterClassW
EnableWindow
RemovePropW
MessageBoxW
GetClassInfoW
SystemParametersInfoA
GetWindowTextW
IsIconic
UnhookWindowsHookEx
SetMenuItemBitmaps
SetForegroundWindow
GetClassNameW
GetKeyState
GetWindowPlacement
GetPropW
GetDC
GetMenuItemCount
GetClassInfoExW
GrayStringW
MapWindowPoints
DestroyWindow
LoadCursorW
GetFocus
PeekMessageW
GetDlgCtrlID
GetSystemMetrics
CopyRect
DispatchMessageW
GetLastActivePopup
EnableMenuItem
GetMessageTime
GetWindowRect
IsWindowEnabled
DrawTextExW
ValidateRect
GetDlgItem
DestroyMenu
GetWindowLongW
UnregisterClassW
DrawTextW
GetClientRect
GetCapture
LoadBitmapW
SetWindowPos
AdjustWindowRectEx
SetWindowLongW
PostQuitMessage
GetSysColor
ReleaseDC
GetSubMenu
GetSysColorBrush
LoadIconW
RegisterWindowMessageW

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7079fcfd414da333cb4461d5c26ccfb

Headers

File Characteristics

Imports

gdi32

winspool.drv

kernel32

shlwapi

oleacc

ole32

user32

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 212KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 212KB