033c101177295c3d98a3cead17a94df6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

033c101177295c3d98a3cead17a94df6_JaffaCakes118
Size

128KB
MD5

033c101177295c3d98a3cead17a94df6
SHA1

94f1a0e76284573c64f4e04ac2f723c48595ddca
SHA256

bc447fd7c9b80a5faabca5414da66acb50af52d2a7b954aa5a90cc44ee4fa3ab
SHA512

2abed60474eb90d3456250801568b578d975d9b29105773bc0f539961c7909ff318e110c1d26e52cd6dbc71061fdafb920511f791c814ea3dcf41e0ca3ac471b
SSDEEP

3072:jzAv1t9dMnanwV817jJYKqhsPbMr87GgIHq4kvkZ3U:vAfzuAwr6bMRH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
033c101177295c3d98a3cead17a94df6_JaffaCakes118

Files

033c101177295c3d98a3cead17a94df6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc9368aefee596fbfe898a0d40534e80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
HeapFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
TlsGetValue
TerminateProcess
TlsSetValue
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
GetLocaleInfoW
SetStdHandle
ExitProcess
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
SetErrorMode
GlobalAddAtomA
GetVersionExA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
GetProcessVersion
GetLastError
SetLastError
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
LocalReAlloc
CloseHandle
LCMapStringW
LCMapStringA
EnterCriticalSection
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
GetVersion
GlobalGetAtomNameA
GlobalUnlock
GlobalFree
SetUnhandledExceptionFilter
GetStringTypeA
VirtualAlloc
lstrlenA
GlobalDeleteAtom
lstrcatA
lstrcpyA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
RemoveDirectoryA
GlobalAlloc
GlobalLock
InterlockedIncrement
InterlockedDecrement

user32

SetWindowTextA
ShowWindow
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
LoadStringA
GetSysColorBrush
CharUpperA
InvalidateRect
FindWindowA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
DestroyMenu
GetMenuItemID
ScreenToClient
CreateWindowExA
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
EndDialog
SetActiveWindow
IsWindow
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
EnableWindow
UpdateWindow
IsIconic
GetSystemMetrics
GetClientRect
SystemParametersInfoA
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
GetDlgCtrlID
DefWindowProcA
GetMenuItemCount
GetSubMenu
GetMenu
DrawIcon
SendMessageA
LoadIconA
GetClassLongA
GetWindowTextA
UnregisterClassA

gdi32

CreateBitmap
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
SetTextColor
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc9368aefee596fbfe898a0d40534e80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 15KB - Virtual size: 28KB

.rsrc Size: 17KB - Virtual size: 20KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 15KB - Virtual size: 28KB

.rsrc
Size: 17KB - Virtual size: 20KB