0c49b1be8aa25e1d405b4731c6a48144_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0c49b1be8aa25e1d405b4731c6a48144_JaffaCakes118
Size

204KB
MD5

0c49b1be8aa25e1d405b4731c6a48144
SHA1

57cf724f5e7a9013a71abdac33505b6d2bcb36d5
SHA256

70ade32ff3086a0802bba286a3f76789f9d7e1a6ee09bc6aa1510ca2fad6f163
SHA512

3536a514dc61e793ef358bd62010322b699feba5d4e6a2648c3a137dcd24922ad51588603f588137681e08b7be06fc294e09f21517b5cb7ffdefa7f291aca308
SSDEEP

6144:dG4L+cx9QZ7NIpAhGGqXqeC26WrCuA+Fq:MM+TZBqUGGqXqeC26WrCuv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c49b1be8aa25e1d405b4731c6a48144_JaffaCakes118

Files

0c49b1be8aa25e1d405b4731c6a48144_JaffaCakes118
.exe windows:4 windows x86 arch:x86

38fd7c7719b9b68260cc0808c149f529

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
HeapAlloc
ExitProcess
HeapSize
HeapReAlloc
GetCPInfo
GetACP
RaiseException
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
GetCommandLineA
GetStartupInfoA
WritePrivateProfileStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetVersionExA
SizeofResource
GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
GetProcessVersion
lstrcpyA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
WaitForSingleObject
LocalFree
MulDiv
LCMapStringW
GetPrivateProfileStringA
GlobalLock
CloseHandle
GetVersion
lstrcatA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetLastError
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
LCMapStringA
GlobalAlloc
GetLastError
MultiByteToWideChar
Beep
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
GetProfileStringA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom

user32

SetScrollInfo
ShowScrollBar
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
EqualRect
IsDialogMessageA
SetWindowTextA
ShowWindow
DestroyMenu
wvsprintfA
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
LoadCursorA
DrawTextA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
GetSysColorBrush
CharUpperA
FindWindowA
InvalidateRect
OffsetRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IntersectRect
InflateRect
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetPropA
GetLastActivePopup
SetForegroundWindow
GetPropA
RemovePropA
GetScrollPos
GetWindow
SetWindowPos
RegisterWindowMessageA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
UnhookWindowsHookEx
LoadStringA
EnableWindow
LoadMenuA
KillTimer
GetCursorPos
IsWindowVisible
GetSubMenu
ModifyMenuA
UpdateWindow
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
GetClipboardFormatNameA
DdeQueryStringA
DdePostAdvise
DdeCreateDataHandle
DdeQueryConvInfo
DdeCmpStringHandles
DdeInitializeA
DdeNameService
DdeUninitialize
DdeGetLastError
DdeClientTransaction
GetTopWindow
DdeAccessData
DdeUnaccessData
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetMenu
TrackPopupMenu
SetScrollRange
GetMessageTime
SetScrollPos
GetMessagePos
GetForegroundWindow
CallWindowProcA
DdeConnect
DdeDisconnect
DdeFreeStringHandle
DdeCreateStringHandleA
SetWindowLongA
GetWindowRect
IsWindow
GetWindowTextLengthA
ExcludeUpdateRgn
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetTextColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
CreateBitmap
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
SetBkColor

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA
Shell_NotifyIconA

comctl32

ord17
ImageList_Destroy

wsock32

WSAStartup
WSACleanup
ioctlsocket
closesocket
WSAGetLastError
WSAAsyncGetHostByAddr
inet_ntoa
recvfrom
inet_addr
ntohs
ntohl
socket
bind
WSAAsyncSelect

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38fd7c7719b9b68260cc0808c149f529

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 32KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 25KB - Virtual size: 24KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 32KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 25KB - Virtual size: 24KB