05ddaa5b6b56123e792fd67bb03376bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05ddaa5b6b56123e792fd67bb03376bc_JaffaCakes118
Size

308KB
MD5

05ddaa5b6b56123e792fd67bb03376bc
SHA1

370e75aad09cbabab82bcd60aa11222785d5cc66
SHA256

c0b2f0bbabff68920b35754c50e1dbf4abc3739cb410aee766cb5cee085d7197
SHA512

36d2f93dba284b86a5fd99816d24fdb05bad4feb39350eafa280a5dc91a078ee3539f8565072d40509de029b001a7bc200cd8e690d89d912732b2e29cb62372f
SSDEEP

6144:EEiBSqGAPDEIA5huTSx1JtVZVKnuSwbMG6K82QxCNNRHQsTWRt0hLgf+:rs1GOEImSSfJLHKnuyeQsqRqho+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ddaa5b6b56123e792fd67bb03376bc_JaffaCakes118

Files

05ddaa5b6b56123e792fd67bb03376bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeda256d3d3b0340dbd0fcbd8fdf1718

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
StrStrIA
SHGetPathFromIDListA
StrNCmpA
SHLoadInProc
WOWShellExecute
SHGetDiskFreeSpaceA

gdi32

UnrealizeObject
EndFormPage
SetWinMetaFileBits
Arc
GetTextExtentExPointI
GetBitmapBits
SetArcDirection
StretchBlt
UpdateICMRegKeyA
CreateCompatibleDC
StrokeAndFillPath
ScaleViewportExtEx
SetMetaRgn
PlayMetaFileRecord
Rectangle
SetPixel
SetMapperFlags
SetPixelFormat
DeleteColorSpace
GetTextAlign
FillRgn
SetICMMode
CreateDCA
DrawEscape
ExtCreatePen
GetClipRgn
GetObjectType
GetColorAdjustment
FrameRgn
GdiPlayPageEMF
GetDeviceGammaRamp
DPtoLP
GetStockObject
SetTextCharacterExtra
Ellipse
ResetDCA
GetPixelFormat
GetObjectA
PolylineTo
SwapBuffers
GdiStartDocEMF
DeleteDC
gdiPlaySpoolStream
GetWindowExtEx
CombineRgn
CreateCompatibleBitmap
SetTextColor
PolyBezierTo
PlayEnhMetaFile
SelectObject
GetTextColor
GdiComment
CreateEllipticRgn
GetCharWidthI
PlayMetaFile

winspool.drv

SetFormA
ord205
DeletePrinterDriverExA
GetPrinterDataExA
ord100
CloseSpoolFileHandle
DeletePrinterDriverA
AddPrintProcessorA
ADVANCEDSETUPDIALOG
DeleteMonitorA
DocumentPropertiesA
PrinterProperties
EnumPrinterDataA
ConnectToPrinterDlg
PrinterMessageBoxA
DevicePropertySheets
GetJobA
PlayGdiScriptOnPrinterIC
GetPrinterDriverDirectoryA
CreatePrinterIC
ord214
DeletePortA
SpoolerPrinterEvent
AddPortExA
ConfigurePortA
ConvertUnicodeDevModeToAnsiDevmode
StartDocDlgA
EnumFormsA
ord210
EnumPrinterDataExA
EnumPrinterKeyA
SetPrinterDataA
OpenPrinterA
AddPrinterDriverA
AddPrinterConnectionA
ord202
SetJobA
AddMonitorA
ord212
GetSpoolFileHandle
DeletePrinterConnectionA

kernel32

SetConsoleScreenBufferSize
FlushViewOfFile
PeekNamedPipe
SetEnvironmentVariableA
CommConfigDialogA
GlobalCompact
GetOverlappedResult
lstrcpynA
BackupWrite
FreeEnvironmentStringsA
HeapCreate
IsBadHugeReadPtr
GetCurrentProcess
GetSystemDefaultLangID
WritePrivateProfileSectionA
SetConsoleActiveScreenBuffer
GlobalLock
EndUpdateResourceA
SizeofResource
TlsAlloc
CreatePipe
GetCurrentThread
GetVDMCurrentDirectories
GetModuleFileNameA
InterlockedExchange
Heap32ListNext
SetConsoleMode
RtlZeroMemory
SetVolumeMountPointA
GetConsoleFontInfo
GetVolumeNameForVolumeMountPointA
RtlMoveMemory
FindResourceA
FillConsoleOutputAttribute
_lclose
FlushFileBuffers
GlobalFree
GetSystemTimeAdjustment
Heap32ListFirst
SetFileApisToOEM
FileTimeToLocalFileTime
GetTickCount
CreateSemaphoreA
WriteFile
GetHandleInformation
WaitForDebugEvent
WaitForMultipleObjects
HeapSummary
SetConsoleTitleA
ReadConsoleInputA
GetACP
VirtualAlloc
GetCurrentThreadId
GetProcAddress
GetCommandLineA
GetModuleHandleA
GetAtomNameA
DuplicateHandle
GetSystemDefaultLCID
GetProcessTimes
ShowConsoleCursor
ResumeThread
GetStartupInfoA
GetConsoleCP
CreateFileA
FreeLibrary
SetInformationJobObject
CreateConsoleScreenBuffer
GetThreadLocale
GetNextVDMCommand
GetConsoleOutputCP
GetNumberOfConsoleMouseButtons
TransmitCommChar
GetLocalTime
SetStdHandle
ConvertDefaultLocale
GetCommandLineW
FlushConsoleInputBuffer
LocalCompact
IsBadWritePtr
FindNextChangeNotification
GetVersion
GlobalFindAtomA
_lwrite
WriteConsoleOutputA
SetConsoleCursor
WritePrivateProfileStringA
RegisterWowBaseHandlers
OpenEventA
EnumResourceLanguagesA
ReleaseSemaphore
SetSystemTime
FindFirstFileA
OutputDebugStringA
GetPrivateProfileSectionNamesA
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
GetPrivateProfileIntA
SystemTimeToTzSpecificLocalTime
WriteFileGather
ReadConsoleOutputCharacterA
SetFilePointerEx
GetProfileStringA
SetTapePosition
InitializeCriticalSection
LoadLibraryA
DisconnectNamedPipe
SetCommState
SetComputerNameA
LocalUnlock
GetThreadSelectorEntry
TlsGetValue
SetConsoleCP
SetupComm
SetConsoleCursorPosition
InterlockedCompareExchange
SetDefaultCommConfigA
WriteConsoleOutputAttribute
lstrcmpA
GetOEMCP
InterlockedExchangeAdd
DuplicateConsoleHandle
LoadModule
VirtualFree
ConsoleMenuControl
SetHandleInformation
SetProcessWorkingSetSize
GetConsoleTitleA
AssignProcessToJobObject
GetFileSize
HeapUnlock
RegisterConsoleVDM
SetCriticalSectionSpinCount
IsProcessorFeaturePresent
GetTimeFormatA
GetProcessHeap
GetSystemTime
DeleteFiber
lstrcmpiA
GetFileAttributesA

user32

IsClipboardFormatAvailable
SetProcessDefaultLayout
SetScrollPos
SetRect
GetUserObjectSecurity
TranslateMDISysAccel
GetUpdateRgn
DragDetect
SetThreadDesktop
DdeDisconnect
CharLowerA
EnableWindow
SetDeskWallpaper
IntersectRect
PeekMessageA
CharNextExA
CreateCursor
LoadIconA
CharToOemA
UnregisterHotKey
SendDlgItemMessageA
CreateIconFromResource
AppendMenuA
GetWindowDC
SystemParametersInfoA
SetParent
IsDialogMessageA
GetSysColor
wvsprintfA
GetClipboardOwner
CreateWindowStationA
GetClipCursor
SetClassWord
SetWindowsHookExA
GetNextDlgTabItem
IsMenu
NotifyWinEvent
SetWindowPos
ArrangeIconicWindows
FillRect
GetKeyboardLayout
GetDesktopWindow
GetIconInfo
GetCapture
DrawStateA
DdeImpersonateClient
CopyIcon
LoadCursorA
CloseClipboard
OpenClipboard
CloseWindowStation
DlgDirListA
SetCursor
CreateCaret
MessageBoxExA
RegisterWindowMessageA
ShowOwnedPopups
DrawEdge
GetActiveWindow
GetMenu
AnimateWindow
FindWindowA
GetMenuItemInfoA
GetWindowInfo
DrawCaption
LookupIconIdFromDirectory
GetCursor
GetInputDesktop
SetTimer
GetClipboardSequenceNumber
DlgDirSelectComboBoxExA
CallNextHookEx
EmptyClipboard
GetComboBoxInfo
EndMenu
DdeNameService
MessageBoxA
CallWindowProcA
GetClientRect
SetMenu
MonitorFromWindow
SetLastErrorEx
LoadAcceleratorsA
TrackPopupMenuEx
EnumClipboardFormats
DdeGetData
SetWindowTextA
DefMDIChildProcA
SetDlgItemTextA
GetClassNameA
GetCursorPos
HideCaret
IMPQueryIMEA
GetScrollInfo
HiliteMenuItem
GetKeyboardState
SetUserObjectSecurity
CreateWindowExA
GetSubMenu
GetWindowLongA
DdeCreateDataHandle
GetClipboardFormatNameA
DdeKeepStringHandle
GetKeyboardLayoutNameA
GetMessageTime
DdeConnectList
ScrollChildren
SendMessageA
EnumPropsExA
GetAltTabInfoA
ChildWindowFromPoint
GetForegroundWindow
GetSystemMetrics
WindowFromPoint
GetMessagePos
CheckMenuRadioItem
EnumWindows
RemovePropA
DispatchMessageA
GetFocus
IsDlgButtonChecked
wsprintfA
IsWindowVisible

msvcrt

_ltoa
_mbsdec
fopen
_mbsnicmp
_CxxThrowException
_wstati64
feof
ferror
fprintf
_wcsnicmp
fsetpos
fwrite
fputc
atol
_longjmpex
ftell
_mbscspn
labs
_wcsicoll
__p__dstbias
sprintf
_chdir
_heapset
_strnicoll
fputs
atexit
_mbschr
getwchar
_control87
_adj_fpatan
time
_mbsninc
_wrename
_mbctombb
malloc
_tzset
printf
_wpopen
_getmbcp
fseek
strspn
mktime
rewind
_pclose
sscanf
_getw
_ui64tow
_mbsnccnt
__argv
__fpecode
raise
_wfindfirsti64
_onexit
_adjust_fdiv
_wfindnexti64
_inpw
fread
_spawnlpe
_wsetlocale
memmove
fwprintf
_nextafter
_mbslwr
memset
_c_exit
__wgetmainargs
_access
ctime
_pwctype
_pgmptr
fclose
fgetws
_memccpy
longjmp
_sopen
isgraph
_mbsrev
wcsncpy
_winmajor

Sections

.text
Size: 264KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aeda256d3d3b0340dbd0fcbd8fdf1718

Headers

File Characteristics

Imports

shell32

gdi32

winspool.drv

kernel32

user32

msvcrt

Sections

.text Size: 264KB - Virtual size: 261KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 264KB - Virtual size: 261KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 13KB