01b754b42f889f45017941a9e4573dcf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01b754b42f889f45017941a9e4573dcf_JaffaCakes118
Size

207KB
MD5

01b754b42f889f45017941a9e4573dcf
SHA1

57f97e810e6b4de09a7ca427de60ecd71bf942a9
SHA256

9315e2c60a27f5b19dad82b620252b845ec7cd582582509079cbe95f5694eba8
SHA512

44e9fa0f7ceaecb4623d0294d36e9e49ec631747d7dacb187506adc158b40742f43314e70c9b47e06c5fe3d23ad0b8cd4a764e21f9321d575e03f0d7e9cd8e17
SSDEEP

3072:yMeQyi8geEyUhVsvgL1Z5Cm6DexPS/tXidTbaqAWmutDEfK6fWwPJQmXN:yMeQy+ebnYDCDKP0ydfX11YfKPwPJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01b754b42f889f45017941a9e4573dcf_JaffaCakes118

Files

01b754b42f889f45017941a9e4573dcf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7283ae93aeb5be93cc19caf75d4b0e38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

comdlg32

GetFileTitleW

advapi32

RegEnumKeyExW
RegQueryValueW
RegSetValueExW
RegOpenKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

shlwapi

PathIsUNCW
PathStripToRootW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW
PathFindExtensionW
PathAppendW

kernel32

RaiseException
DeleteCriticalSection
GetLocaleInfoW
FindNextFileW
GetCalendarInfoW
GetACP
GetProcAddress
lstrcmpiA
MultiByteToWideChar
SetFileTime
GetModuleFileNameW
InitializeCriticalSection
LocalFileTimeToFileTime
InterlockedDecrement
GetFileAttributesW
SystemTimeToFileTime
WideCharToMultiByte
ReleaseMutex
LockResource
GetCurrentDirectoryW
GetThreadContext
CreateMutexW
FreeLibrary
LoadLibraryW
RemoveDirectoryW
FindFirstFileW
EnumResourceNamesA
GetVersion
DeleteFileW
VirtualFree
FindResourceW
CloseHandle
ExitProcess
WaitForSingleObject
InterlockedExchange
WriteFile
CreateFileW
GetVersionExW
ConvertDefaultLocale
GetCurrentProcessId
EnumResourceLanguagesW
SizeofResource
GetSystemDefaultLangID
LoadResource
FindClose
ReadFile
GetModuleHandleW
GetLocaleInfoA
GetThreadLocale
SetFilePointer
CreateDirectoryW
lstrcpyW
MoveFileW
lstrcmpA

gdi32

RestoreDC
SetViewportExtEx
SetTextColor
OffsetViewportOrgEx
SetBkColor
RectVisible
GetStockObject
ExtSelectClipRgn
GetViewportExtEx
SetMapMode
ExtTextOutW
GetRgnBox
GetObjectW
GetDeviceCaps
GetTextColor
GetClipBox
GetMapMode
SaveDC
ScaleViewportExtEx
SetWindowExtEx
CreateBitmap
PtVisible
SetViewportOrgEx
DeleteObject
TextOutW
ScaleWindowExtEx
SelectObject
GetBkColor
GetWindowExtEx
Escape
DeleteDC
CreateRectRgnIndirect

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoUninitialize
OleUninitialize
CoCreateInstance
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoTaskMemFree
OleFlushClipboard
OleInitialize
StgCreateDocfileOnILockBytes
CoInitialize
CoGetClassObject
CoTaskMemAlloc
CoRevokeClassObject
CreateILockBytesOnHGlobal
CLSIDFromString

user32

IsChild
UpdateWindow
GetNextDlgTabItem
EqualRect
GetNextDlgGroupItem
GetMessageTime
CharNextW
RemovePropW
GetClassLongW
InvalidateRgn
DefWindowProcW
GetClassInfoExW
GetMessagePos
IsWindow
GetClassInfoW
MapWindowPoints
CallWindowProcW
SetRect
SetActiveWindow
RegisterClassW
SendDlgItemMessageA
CopyAcceleratorTableW
IsRectEmpty
AdjustWindowRectEx
GetPropW
InvalidateRect
CreateWindowExW
WinHelpW
GetForegroundWindow
GetClientRect
SetPropW
GetMenu
GetTopWindow
IsIconic
SetForegroundWindow
CharUpperW
GetWindowPlacement
IntersectRect
LoadIconW
MessageBeep
RegisterWindowMessageW
OffsetRect
DestroyMenu

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7283ae93aeb5be93cc19caf75d4b0e38

Headers

File Characteristics

Imports

winspool.drv

comdlg32

advapi32

shell32

shlwapi

kernel32

gdi32

oledlg

ole32

user32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 87KB - Virtual size: 87KB

.edata Size: 1024B - Virtual size: 4KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 87KB - Virtual size: 87KB

.edata
Size: 1024B - Virtual size: 4KB