02cd5035f194df7fde2f63cd623ae036_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

02cd5035f194df7fde2f63cd623ae036_JaffaCakes118
Size

332KB
MD5

02cd5035f194df7fde2f63cd623ae036
SHA1

2feee0230a6f34de6db25a237d7be583a9135f4f
SHA256

bb2d3983010745406196380772ee24a0452c1383c25b59d88681816842848629
SHA512

ddfc5eb8a425e9ad6c7e03b8b64c15a9ea9568af89e231b4217ec6a6f19d1676c078c00a2da6de504953956795ab9d9df5e16d6403c62e8414265592b5462657
SSDEEP

6144:LEWQtolbgBGBVo4+xpK3IbeUvxQDk71UAszwuyjzdxxOsgA:YWQtolbgMbXSpYCeUx4u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02cd5035f194df7fde2f63cd623ae036_JaffaCakes118

Files

02cd5035f194df7fde2f63cd623ae036_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37c328c0c201712317b14ed81550143e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
GetACP
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
ExitProcess
GetStdHandle
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
GetProfileStringA
GetTimeZoneInformation
RtlUnwind
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFlags
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
FindFirstFileA
FindClose
lstrcpynA
GetFileTime
GetFileSize
FormatMessageA
LocalFree
WaitForSingleObject
GlobalAlloc
lstrcmpA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
MulDiv
SetLastError
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
GetFileAttributesA
GetProcessHeap
HeapAlloc
HeapFree
FindResourceA
SizeofResource
LoadResource
LockResource
WriteFile
SetFileAttributesA
MoveFileExA
WinExec
GetVersionExA
GetPrivateProfileIntA
WritePrivateProfileStringA
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
DeleteFileA
GetSystemDirectoryA
LocalAlloc
GetCurrentProcess
GetModuleFileNameA
CreateDirectoryA
CreateFileA
GetCurrentProcessId
DeviceIoControl
CreateMutexA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileW
SetHandleCount
CloseHandle

user32

EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
TabbedTextOutA
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
InvalidateRect
GetMessagePos
GetLastActivePopup
wsprintfW
SetWindowPos
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetDlgItem
IsWindowEnabled
GetWindowLongA
CopyRect
InflateRect
OffsetRect
DrawTextA
GetSystemMenu
AppendMenuA
EnableWindow
PtInRect
IsIconic
SendMessageA
GetSystemMetrics
GetClientRect
LoadIconA
DrawIcon
GrayStringA
GetMenuItemID
PostThreadMessageA
LoadBitmapA
FrameRect
IsWindowUnicode
GetWindowRect
RegisterClipboardFormatA
MessageBeep
GetNextDlgGroupItem
SetRect
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
LoadCursorA
GetClassNameA
CharUpperA
GetDesktopWindow
DestroyMenu
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
GetMessageTime
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
LoadStringA

gdi32

GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
GetClipBox
DeleteObject
SetBkMode
SetTextColor
CreateCompatibleDC
GetObjectA
StretchBlt
CreateFontIndirectA
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateSolidBrush

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegSetKeySecurity
RegCreateKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AdjustTokenPrivileges
FreeSid
LookupAccountNameA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
ControlService
DeleteService
CreateServiceA
StartServiceA
QueryServiceConfigA
QueryServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantCopy

psapi

GetModuleFileNameExA
EnumProcessModules

wininet

InternetGetLastResponseInfoA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetOpenUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37c328c0c201712317b14ed81550143e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

psapi

wininet

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 44KB - Virtual size: 41KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 92KB - Virtual size: 89KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 44KB - Virtual size: 41KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 92KB - Virtual size: 89KB