02f0bdcbb8bce7c5d46016a8c0559c49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02f0bdcbb8bce7c5d46016a8c0559c49_JaffaCakes118
Size

233KB
MD5

02f0bdcbb8bce7c5d46016a8c0559c49
SHA1

0b10cba346977cc50b073756a026d197d428b9a9
SHA256

ea44df69f51eb98ce01683bcdf878771bd5285b1db1037c7f270db08a52d1b4f
SHA512

84bf33311b3b1c38fc3840311885b3abaa64f90dc1915aac08972fd7cb0626c0d63fce86573f6205df513a672a89187b0286adb0e1c3228ef13e1f68e76e8a11
SSDEEP

3072:2jproDfzZWPPwdhjTB4JT9UCQ1UmqnfE9AsymcBqhByvcKvCNMT5ecBXG:2VEvZWP4dhjTB4d1Q1wf0KBXvvvoMte

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f0bdcbb8bce7c5d46016a8c0559c49_JaffaCakes118

Files

02f0bdcbb8bce7c5d46016a8c0559c49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6f43bbdafc12670a1c5d61883347ca5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateProcessA
CreateProcessW
CreateThread
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileA
FindResourceA
FindResourceW
FormatMessageA
FreeResource
GetACP
GetCPInfo
GetCommandLineW
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleHandleA
GetModuleHandleW
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStartupInfoW
GetStringTypeA
GetSystemDefaultLCID
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalFree
GlobalUnlock
HeapSize
InitializeCriticalSection
IsBadReadPtr
IsDBCSLeadByte
LCMapStringW
LoadLibraryExA
LoadLibraryExW
LockResource
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryA
ResetEvent
SetEnvironmentVariableA
SetErrorMode
SetFileAttributesA
SetFileTime
SetHandleCount
SetThreadLocale
SystemTimeToFileTime
TlsAlloc
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualProtect
WriteConsoleA
WriteFile
lstrcmpA
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrlenA

user32

AdjustWindowRectEx
CheckMenuItem
ClientToScreen
DestroyMenu
DrawIcon
DrawMenuBar
EnumThreadWindows
EqualRect
FillRect
GetActiveWindow
GetDC
GetMenuState
GetMenuStringA
GetMessageA
GetPropA
GetSystemMetrics
GetWindowPlacement
InflateRect
InsertMenuItemA
IsWindowEnabled
IsZoomed
OffsetRect
PostMessageA
RedrawWindow
RegisterClassA
ReleaseDC
SetActiveWindow
SetClassLongA
SetForegroundWindow
SetScrollInfo
SetWindowPlacement
SetWindowTextA
TranslateMessage

gdi32

AbortDoc
ArcTo
CombineRgn
CreateBitmap
CreateCompatibleDC
CreateDIBPatternBrushPt
CreateDIBSection
CreateEnhMetaFileA
CreateFontIndirectA
CreateHalftonePalette
CreateICA
CreatePatternBrush
CreatePen
CreateRoundRectRgn
EnumFontFamiliesA
EnumFontFamiliesW
EnumMetaFile
ExtEscape
FillPath
GetCharWidthA
GetCurrentObject
GetEnhMetaFileHeader
GetOutlineTextMetricsA
GetSystemPaletteEntries
GetTextExtentPoint32A
GetTextMetricsW
IntersectClipRect
LPtoDP
LineDDA
PatBlt
Pie
PolyDraw
RealizePalette
RectVisible
RestoreDC
ScaleWindowExtEx
SelectClipPath
SetDIBits
SetRectRgn
SetTextCharacterExtra
SetWindowOrgEx
StartDocA
TextOutA

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
ExtractIconExW
SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
SHCreateDirectoryExW
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfo
SHGetFileInfoW
SHGetFolderPathW
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
ShellExecuteExA
ShellExecuteExW
ShellExecuteW

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_Draw
ImageList_DrawEx
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControls
InitCommonControlsEx
PropertySheetA
PropertySheetW

advapi32

AdjustTokenPrivileges
CheckTokenMembership
ControlService
ConvertStringSecurityDescriptorToSecurityDescriptorW
CopySid
CryptDestroyHash
CryptGenRandom
DeregisterEventSource
GetUserNameA
IsValidSid
LookupPrivilegeValueA
LookupPrivilegeValueW
OpenSCManagerA
OpenServiceA
RegCreateKeyExA
RegDeleteKeyW
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueA
RegFlushKey
RegOpenKeyA
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ole32

CoCreateInstance
CoFreeUnusedLibraries
CoGetInterfaceAndReleaseStream
CoInitialize
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemRealloc
CoUninitialize
GetRunningObjectTable
IsAccelerator
OleRun
OleSetClipboard
RevokeDragDrop
StgCreateDocfileOnILockBytes
StgOpenStorage
StringFromIID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6f43bbdafc12670a1c5d61883347ca5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

advapi32

ole32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 77KB - Virtual size: 77KB

.rsrc Size: 80KB - Virtual size: 103KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 77KB - Virtual size: 77KB

.rsrc
Size: 80KB - Virtual size: 103KB