0a4a6b39c9eda721d7bb25bce156bb75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a4a6b39c9eda721d7bb25bce156bb75_JaffaCakes118
Size

196KB
MD5

0a4a6b39c9eda721d7bb25bce156bb75
SHA1

d2be1b7779bdbd532fd3fcc5c16c93403202ea7d
SHA256

dbd8ae06b98ce004f9a7bd7c943fd28a5cb8ba4f32c4b53af5e9bca5bcde2034
SHA512

7cd31292618fbc8a552aa4089e00adf6e967126425393e773aaf6b30bb3109a31bffff0b1e83bd041065f364ec9a730a0e110f13c4ba06850c17ceacc5fbc97c
SSDEEP

3072:qJuvnh0s/3xQjDxYyxV3JIdg27+OK9ukvJL5pgctp9JxLD:GEh0+3cDVV5Idg2COK1UyJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a4a6b39c9eda721d7bb25bce156bb75_JaffaCakes118

Files

0a4a6b39c9eda721d7bb25bce156bb75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a21fd3840f4d46fea47bcad0bd487cc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\sample\update\Release\update.pdb

Imports

kernel32

GlobalFlags
SetErrorMode
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitThread
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapDestroy
HeapCreate
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
GetTimeZoneInformation
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
WritePrivateProfileStringA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
InterlockedIncrement
RaiseException
FindNextFileA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcatA
lstrcmpW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
FreeResource
InterlockedDecrement
GlobalAddAtomA
GetCurrentThread
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
LoadLibraryA
SuspendThread
SetEvent
GetCurrentThreadId
ResumeThread
SetThreadPriority
CreateEventA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
GetWindowsDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
CreateThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
CopyFileA
DeleteFileA
GetTempPathA
WaitForSingleObject
CreateNamedPipeA
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CloseHandle
GetSystemWindowsDirectoryA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
GetExitCodeThread
TerminateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualFree
InterlockedExchange

user32

DestroyMenu
LoadCursorA
GetSysColorBrush
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
SetFocus
GetWindowTextA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSysColor
RegisterClassA
UnregisterClassA
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
wsprintfA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
UnhookWindowsHookEx
SetMenuItemBitmaps
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
PostQuitMessage
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
EnableWindow
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
GetClientRect
IsIconic
SendMessageA
DrawIcon
FindWindowA
GetClassInfoA
CharUpperA
PostMessageA
CharLowerA
AdjustWindowRectEx

gdi32

TextOutA
RectVisible
PtVisible
DeleteObject
GetStockObject
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegQueryValueA
RegCloseKey

shell32

ShellExecuteExA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantClear
VariantChangeType
VariantInit

wininet

InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetSetOptionA

ws2_32

gethostname
WSACleanup
WSAStartup
gethostbyname
inet_ntoa
inet_addr

Sections

.text
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a21fd3840f4d46fea47bcad0bd487cc8

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wininet

ws2_32

Sections

.text Size: 136KB - Virtual size: 132KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 136KB - Virtual size: 132KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 16KB - Virtual size: 15KB