0c98160e8a3c3b90d41ce1175035ef8a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c98160e8a3c3b90d41ce1175035ef8a_JaffaCakes118
Size

1.2MB
MD5

0c98160e8a3c3b90d41ce1175035ef8a
SHA1

c869d2723dee74eef528cd45d16519baf4f8e738
SHA256

9f0b4e88e769e793f22e818524947096d8509c095fbf1b97dfc98259e208a594
SHA512

3ce890c724bffa3a7e338f4a6a2b4e506c9ead6bac4d80424407195487fd18654987702917a83a45ade86ec2bb5a6ff41b9269986e6cd01b7aabf0c9fecdbf46
SSDEEP

24576:ZHwQsgQV5FmE5wQHXGs5hxG/rwEHJkQtV+t:x4mEKqb8/rwKJxVO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c98160e8a3c3b90d41ce1175035ef8a_JaffaCakes118

Files

0c98160e8a3c3b90d41ce1175035ef8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bb8c6782af5f947e01c8636d441adcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetEnvironmentVariableA
HeapDestroy
HeapCreate
GetTimeZoneInformation
ExitThread
HeapSize
IsBadWritePtr
LCMapStringA
LCMapStringW
HeapReAlloc
GetStringTypeW
UnhandledExceptionFilter
VirtualFree
VirtualAlloc
GetStringTypeA
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCommandLineA
CreateThread
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetACP
GetModuleFileNameA
lstrcpynA
FindNextFileA
OpenFileMappingA
CreateFileMappingA
Sleep
CloseHandle
FreeLibrary
GlobalAlloc
GlobalLock
lstrlenW
lstrcpyW
GlobalUnlock
GlobalFree
GetSystemTime
SetCurrentDirectoryA
lstrcatA
FindFirstFileA
FindClose
lstrcmpA
lstrcpyA
lstrlenA
FindResourceA
GetStartupInfoA
TerminateProcess
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GlobalSize
LocalFileTimeToFileTime
GetOEMCP
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
FileTimeToLocalFileTime
GlobalFlags
GetDiskFreeSpaceA
GetFileTime
SetFileTime
GetThreadLocale
GetStringTypeExA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
SetErrorMode
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SetThreadPriority
SetEvent
GetCurrentThread
SetLastError
InterlockedDecrement
InterlockedIncrement
GetVersion
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
RaiseException
InterlockedExchange
FileTimeToSystemTime
LocalAlloc
LoadResource
LockResource
GetDriveTypeA
GetVolumeInformationA
ResumeThread
SuspendThread
GetStdHandle
WaitForSingleObject
MapViewOfFile
CreatePipe
UnmapViewOfFile
CopyFileA
GetProfileIntA
SearchPathA
GetFullPathNameA
GetFileAttributesA
GlobalGetAtomNameA
GlobalAddAtomA
CreateProcessA
GetProcAddress
IsDBCSLeadByte
FormatMessageA
LocalFree
GetDateFormatA
GetTimeFormatA
GetShortPathNameA
MultiByteToWideChar
SetFilePointer
WriteFile
ReadFile
GetVersionExA
SystemTimeToFileTime
CreateFileA
GetFileSize
GetLastError
GetTickCount
TerminateThread
GetTempPathA
GetTempFileNameA
DeleteFileA
WideCharToMultiByte
MulDiv
GlobalMemoryStatus
GetCPInfo
GetCurrentDirectoryA
lstrcmpiA
LoadLibraryA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
SetScrollRange
ScrollWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
EqualRect
DispatchMessageA
PeekMessageA
MapWindowPoints
SendDlgItemMessageA
LoadIconA
IsWindowEnabled
CreateDialogIndirectParamA
GetActiveWindow
EndDialog
SetDlgItemTextA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
wvsprintfA
GetWindowDC
BeginPaint
EndPaint
GrayStringA
BringWindowToTop
DefFrameProcA
DefMDIChildProcA
RedrawWindow
SetMenu
DestroyCursor
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
WaitMessage
GetWindowThreadProcessId
WindowFromPoint
SetParent
IsRectEmpty
GetSystemMenu
GetClassNameA
CharNextA
SetWindowContextHelpId
MapDialogRect
DestroyIcon
GetDCEx
LockWindowUpdate
InvertRect
PostThreadMessageA
GetNextDlgGroupItem
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetLastActivePopup
GetWindowLongA
SetWindowLongA
IntersectRect
GetForegroundWindow
SetFocus
GetMenuItemInfoA
MapVirtualKeyA
GetKeyNameTextA
DrawFocusRect
SetRectEmpty
PostQuitMessage
GetTabbedTextExtentA
GetScrollPos
GetCaretPos
MessageBoxA
SetScrollPos
ShowCaret
RegisterClipboardFormatA
SetCursorPos
GetMessageTime
GetDoubleClickTime
GetClipboardData
GetDlgItem
GetClassInfoA
GetKeyboardLayout
IsClipboardFormatAvailable
LoadCursorA
SetCursor
UnpackDDElParam
ReuseDDElParam
EnableMenuItem
GetMessagePos
SetActiveWindow
TranslateAcceleratorA
TranslateMDISysAccel
ModifyMenuA
DestroyAcceleratorTable
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
SetWindowPos
GetDesktopWindow
WinHelpA
LoadStringA
RemoveMenu
CreatePopupMenu
CreateAcceleratorTableA
CopyAcceleratorTableA
FindWindowA
OpenClipboard
GetSysColor
GetSysColorBrush
CharUpperA
CharLowerA
IsCharUpperA
IsCharLowerA
IsCharAlphaNumericA
EmptyClipboard
SetClipboardData
CloseClipboard
ClientToScreen
DrawTextA
MessageBeep
RegisterWindowMessageA
AppendMenuA
GetMenuStringA
InsertMenuA
GetMenuItemCount
DestroyMenu
DrawMenuBar
IsIconic
SetForegroundWindow
LoadMenuA
GetSubMenu
DeleteMenu
GetMenuItemID
TrackPopupMenuEx
IsChild
GetFocus
GetTopWindow
GetNextDlgTabItem
SystemParametersInfoA
GetWindow
LoadAcceleratorsA
DdeClientTransaction
DdeDisconnect
DdeCreateStringHandleA
DdeConnect
DdeFreeStringHandle
DdeInitializeA
DdeUninitialize
GetDC
ReleaseDC
InvalidateRect
LoadBitmapA
InflateRect
GetSystemMetrics
SetRect
OffsetRect
UpdateWindow
ChangeClipboardChain
SetClipboardViewer
IsZoomed
GetKeyState
IsWindowVisible
IsWindow
GetClassLongA
SetClassLongA
TabbedTextOutA
RegisterClassA
CreateCaret
SetCaretPos
TrackPopupMenu
FillRect
EnableWindow
GetCapture
KillTimer
GetCursorPos
ScreenToClient
PtInRect
SetCapture
SetTimer
ReleaseCapture
GetParent
PostMessageA
GetWindowRect
GetClientRect
SendMessageA
wsprintfA
SetWindowPlacement
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
HideCaret
CreateWindowExA
DefWindowProcA
GetMenu
GetWindowPlacement
UnregisterClassA

gdi32

CreateICA
BitBlt
SelectObject
DeleteDC
ExtTextOutA
SetBkColor
CreateCompatibleDC
SetTextColor
CreateDCA
PatBlt
CreateCompatibleBitmap
LineTo
MoveToEx
CreatePen
GetTextColor
SetBkMode
GetBkMode
CreateSolidBrush
GetStockObject
Rectangle
GetTextMetricsA
EnumFontFamiliesExA
GetDeviceCaps
GetOutlineTextMetricsA
GetCharABCWidthsA
GetBkColor
Polygon
GetRgnBox
CombineRgn
CreateRectRgn
CreatePolygonRgn
SelectClipRgn
CreateRectRgnIndirect
SetTextAlign
CreatePatternBrush
DeleteObject
CreateBitmap
CreateDIBitmap
StretchDIBits
GetClipBox
StartDocA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
GetCurrentPositionEx
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
AbortDoc
EndDoc
EndPage
StartPage
DPtoLP
SetAbortProc
GetMapMode
SetRectRgn
GetViewportOrgEx
LPtoDP
CopyMetaFileA
GetNearestColor
GetStretchBltMode
GetPolyFillMode
GetTextAlign
GetROP2
GetTextFaceA
GetCharWidthA
GetWindowOrgEx
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA

comdlg32

GetOpenFileNameA
GetSaveFileNameA
PrintDlgA
GetFileTitleA
ChooseColorA
CommDlgExtendedError

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
GetFileSecurityA
SetFileSecurityA
RegCreateKeyA
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyA
RegSetValueA
RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegEnumValueA
RegDeleteValueA

shell32

SHGetFileInfoA
SHGetSpecialFolderLocation
SHFileOperationA
SHBrowseForFolderA
DragQueryFileA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc
DragAcceptFiles
DragFinish
ExtractIconA
ShellExecuteA

comctl32

ord17
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_Create

oledlg

ord8

ole32

OleInitialize
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
DoDragDrop
ReleaseStgMedium
CoTaskMemFree
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
CLSIDFromProgID
CLSIDFromString
OleDuplicateData
CoTaskMemAlloc
CreateStreamOnHGlobal
CoRegisterMessageFilter
CoGetClassObject
CoRevokeClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

Sections

.text
Size: 843KB - Virtual size: 843KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7bb8c6782af5f947e01c8636d441adcb

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

Sections

.text Size: 843KB - Virtual size: 843KB

.rdata Size: 146KB - Virtual size: 146KB

.data Size: 42KB - Virtual size: 81KB

.rsrc Size: 150KB - Virtual size: 152KB

.text
Size: 843KB - Virtual size: 843KB

.rdata
Size: 146KB - Virtual size: 146KB

.data
Size: 42KB - Virtual size: 81KB

.rsrc
Size: 150KB - Virtual size: 152KB