0427b76cadc2388fe6d1415a2949a015_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0427b76cadc2388fe6d1415a2949a015_JaffaCakes118
Size

807KB
MD5

0427b76cadc2388fe6d1415a2949a015
SHA1

dbcdf703093c5872a059920adbeb012e42f8b1e4
SHA256

b28a39ab41d113e6b6ef43edd3677c300f64d38ad7938a501d1562b2bd129bbe
SHA512

3032e9a1c6e50e939e643000a768a095d1b3cd6eb3a2dcad59bceddac38f8381e506b591f16aac9241c821090c92c2d5b049cfd3c88e9945eeee9312d40dca53
SSDEEP

12288:hTXkySgAYQGtQboIJrUJd3MurbatwM8yUQJMrawUlNPtJHtWVi7:hbkyHsGqbLCxatAyUQMra5NwVi7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0427b76cadc2388fe6d1415a2949a015_JaffaCakes118

Files

0427b76cadc2388fe6d1415a2949a015_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ddd3d61b2b56a43682e03f68f2147c90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetFileTitleA
GetOpenFileNameA

comctl32

ord17

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

DragAcceptFiles
SHGetFileInfoA

advapi32

RegisterEventSourceA
GetUserNameA
RegCreateKeyExA
ReportEventA
RegEnumValueA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegDeleteValueA
DeregisterEventSource
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
SetROP2
SelectClipRgn
ExcludeClipRect
CreatePatternBrush
CreateHatchBrush
CreateBitmap
GetDCOrgEx
GetClipBox
SetTextColor
SetBkColor
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectObject
GetStockObject
SelectPalette
SetBkMode
SetPolyFillMode
PtVisible
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetColorAdjustment
CreateDIBPatternBrushPt
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
GetObjectType
PolyBezierTo
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush

user32

DefWindowProcA
CharUpperA
GetMenuStringA
DeleteMenu
InsertMenuA
SetCursor
ShowOwnedPopups
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
DestroyMenu
PostQuitMessage
GetDesktopWindow
ClientToScreen
PtInRect
GetClassNameA
GetDC
ReleaseDC
GetSysColorBrush
LoadCursorA
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
LoadIconA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
OemToCharA
CharToOemA
LoadStringA
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
SetWindowTextA
GetFocus
EndDialog
SetDlgItemTextA
GetDlgItemTextA
MessageBeep
GetWindowLongA
SendMessageA
ScreenToClient
MoveWindow
GetDlgItem
GetWindowRect
ShowWindow
GetParent
EnableWindow
GetActiveWindow
MessageBoxA
UpdateWindow
CheckRadioButton

kernel32

GetExitCodeProcess
IsBadCodePtr
GetLocaleInfoW
CompareStringW
LoadLibraryA
SetErrorMode
GlobalFlags
lstrcmpA
FindClose
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetUnhandledExceptionFilter
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadWritePtr
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FatalAppExitA
GetStartupInfoA
SetHandleCount
GetCurrentProcessId
HeapSize
RtlUnwind
CreateDirectoryA
ExitThread
TerminateProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
HeapFree
ExitProcess
GetCommandLineA
SetConsoleCtrlHandler
GetACP
CreateProcessA
InterlockedExchange
GetFileInformationByHandle
GetTempPathA
GetTempFileNameA
CreateMutexA
ReleaseMutex
CreateFileMappingA
MapViewOfFile
VirtualQuery
RaiseException
DebugBreak
FormatMessageA
GetStdHandle
GetFileType
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFileAttributesA
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
DeleteFileA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentDirectoryA
WritePrivateProfileStringA
GetOEMCP
GetCPInfo
VirtualFree
GetPrivateProfileIntA
MulDiv
GetProcessVersion
FindResourceA
LoadResource
LockResource
lstrcatA
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
SuspendThread
GetCurrentThreadId
ResumeThread
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
lstrlenA
InterlockedDecrement
CompareStringA
TlsGetValue
LocalReAlloc
TlsSetValue
IsBadReadPtr
EnterCriticalSection
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetModuleFileNameA
lstrcpynA
GetTickCount
GetPrivateProfileStringA
QueryPerformanceFrequency
QueryPerformanceCounter
SleepEx
DeviceIoControl
WriteFile
ReadFile
SetThreadPriority
ReleaseSemaphore
GetCurrentThread
CreateSemaphoreA
OpenSemaphoreA
CreateFileA
CreateThread
CloseHandle
WaitForSingleObject
CreateEventA
SetEvent
GetLastError
ResetEvent
GetVersion
GetModuleHandleA
FreeLibrary
GetProcAddress
FindNextFileA
FindFirstFileA
DuplicateHandle
GetCurrentProcess
Sleep
GetVolumeInformationA
GetWindowsDirectoryA
GetVersionExA
GetProcessTimes
SetLastError
GetDriveTypeA
GlobalFree
GlobalAlloc
VirtualAlloc

netapi32

Netbios

Sections

REVM0
Size: 801KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

REVM1
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ddd3d61b2b56a43682e03f68f2147c90

Headers

File Characteristics

Imports

comdlg32

comctl32

winspool.drv

shell32

advapi32

gdi32

user32

kernel32

netapi32

Sections

REVM0 Size: 801KB - Virtual size: 968KB

REVM1 Size: 4KB - Virtual size: 44KB

REVM0
Size: 801KB - Virtual size: 968KB

REVM1
Size: 4KB - Virtual size: 44KB