07c2d5214ad779fd6fcba769278f48a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07c2d5214ad779fd6fcba769278f48a7_JaffaCakes118
Size

336KB
MD5

07c2d5214ad779fd6fcba769278f48a7
SHA1

fefe5e462c5799514a166592b248a623cd0c182a
SHA256

e2fd5d3e7ecd802578da979ea30183e3e3da6adacda4fc05686882dabcc2cbbc
SHA512

3064e45bdf3f917b5026d49fffb4d3dc4fbeb55d1a7a13a815ec00ebf97bc2516d266ab7c2a7462aa8c5627e2d50979f09f81f8aa9a5544f7a3ad0d00012ef34
SSDEEP

3072:WULCQg/MF5+tvTT/XMpRpnZvoI3/RxGJn4huJHzHIElRDDIGNXimZM46O2hxnE5/:hQnGRZdoI3/RGpHDDIGBo0lOIB67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07c2d5214ad779fd6fcba769278f48a7_JaffaCakes118

Files

07c2d5214ad779fd6fcba769278f48a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

273230e6d8dfb6bd12b762a539fde0ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadBitmapA
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
LoadCursorA
CopyIcon
GetDC
ReleaseDC
InflateRect
GetSysColor
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
PtInRect
ReleaseCapture
SetCapture
PostMessageA
MessageBeep
GetParent
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
ExitWindowsEx
LoadImageA
RedrawWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
EnableWindow
SendMessageA
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
GetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
GetTopWindow
IsWindowVisible
CopyRect
ScreenToClient
AdjustWindowRectEx
SetActiveWindow
GetFocus
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
CheckDlgButton
CheckRadioButton
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
PostQuitMessage
GetCursorPos
ValidateRect
GetActiveWindow
GetMessageA
CreateDialogIndirectParamA
EndDialog
wvsprintfA
LoadStringA
DestroyMenu
GetAsyncKeyState
MapDialogRect
WindowFromPoint
GetClassNameA
GetSysColorBrush
UnregisterClassA

ws2_32

inet_addr
closesocket
recv
WSAGetLastError
WSACleanup
ioctlsocket
htons
socket
WSAStartup
gethostbyaddr
gethostbyname
connect
send

kernel32

ReadFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
IsBadWritePtr
IsBadReadPtr
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
TlsAlloc
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
SizeofResource
SetErrorMode
RtlUnwind
HeapReAlloc
HeapAlloc
HeapSize
HeapFree
RaiseException
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpynA
LocalFree
GlobalFree
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetVersionExA
GetExitCodeThread
GetProfileStringA
DeleteFileA
GetSystemDirectoryA
SetEvent
CopyFileA
WaitForSingleObject
GetTempPathA
CreateThread
CreateProcessA
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
GetFileAttributesA
CreateFileA
Sleep
GetFileSize
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateEventA
OpenEventA
GetLastError
FormatMessageA
GetCurrentProcess
CloseHandle
GetTimeZoneInformation

gdi32

CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
PatBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
IntersectClipRect
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetBitmapDimensionEx
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
CreateSolidBrush
DeleteObject
SetWindowExtEx

comdlg32

GetSaveFileNameA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegEnumValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
AdjustTokenPrivileges
RegQueryValueExA

shell32

ShellExecuteExA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

ord17
PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ImageList_Destroy

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

273230e6d8dfb6bd12b762a539fde0ef

Headers

File Characteristics

Imports

user32

ws2_32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 172KB - Virtual size: 170KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 104KB - Virtual size: 102KB

.text
Size: 172KB - Virtual size: 170KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 104KB - Virtual size: 102KB