0d271a8a4b88b79b05893ca35b760f36_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d271a8a4b88b79b05893ca35b760f36_JaffaCakes118
Size

868KB
MD5

0d271a8a4b88b79b05893ca35b760f36
SHA1

42be4f1c98c48f4b2808fa9f912f7d3bebe1ebaf
SHA256

8a1747c617561a661e7fd447e8d26d82f3e989da611c0c60fbda5b7b2299f973
SHA512

13ca382dbf72c52963794c7bec216c8b23874c472251a733b74f64695c30a38931e0c22df25346a179e3d4e499de1a3613dedba06abca701d2a51cd3d3255e6c
SSDEEP

12288:OqWn34FJX1DFsZZg7lPIVn3yYdbQoO+MBw6v32v/pHPurBttxlNS1g0B64b:Ojn34Fl1BeqIVdbQd+MB4tWrBttxKjb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d271a8a4b88b79b05893ca35b760f36_JaffaCakes118

Files

0d271a8a4b88b79b05893ca35b760f36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f6b6d5e29275d6b5df4f9663997e249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveFileSpecA
SHDeleteKeyA
PathFileExistsA

idriveinst

_DriverUninstall@4
_DriverInstall@8
_IsDriverInstalled@0

kernel32

LocalReAlloc
TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
SetErrorMode
DuplicateHandle
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
MoveFileA
FindClose
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
FindResourceExA
GetFileTime
SetFileTime
RtlUnwind
HeapFree
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
GetTimeZoneInformation
GetLocalTime
HeapAlloc
GetACP
FindNextFileA
GetDriveTypeA
TerminateProcess
CreateThread
ExitThread
TlsSetValue
HeapSize
GetEnvironmentVariableA
TlsAlloc
HeapCreate
VirtualFree
VirtualAlloc
FatalAppExitA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFlags
VirtualProtect
WritePrivateProfileStringA
GetProfileStringA
InterlockedExchange
GlobalReAlloc
TlsFree
HeapReAlloc
GetPrivateProfileStringA
GetPrivateProfileIntA
SuspendThread
SetThreadPriority
SetEvent
GlobalAlloc
lstrcmpA
MulDiv
SetLastError
lstrcpynA
WaitForMultipleObjects
CreateEventA
ReleaseMutex
ReleaseSemaphore
GlobalHandle
FreeLibrary
GetProcAddress
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
GetSystemTime
EnterCriticalSection
LeaveCriticalSection
CreateSemaphoreA
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalDeleteAtom
GlobalLock
GlobalUnlock
GlobalFree
GetUserDefaultLangID
LockResource
GetLocaleInfoA
GetSystemDefaultLangID
Sleep
GlobalMemoryStatus
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileSize
lstrcmpiA
IsBadWritePtr
GetVersion
GetTickCount
FileTimeToLocalFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
lstrcatA
lstrlenA
WinExec
lstrcpyA
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
FindResourceA
FileTimeToSystemTime
SizeofResource
LoadResource
GetWindowsDirectoryA
GetModuleHandleA
GetExitCodeThread
GetCurrentThread
GetCurrentProcess
LocalAlloc
GetFileAttributesA
SetFileAttributesA
FormatMessageA
LocalFree
GlobalAddAtomA
GlobalFindAtomA
DeleteFileA
CopyFileA
ResumeThread
GetVersionExA
GetSystemDirectoryA
CreateMutexA
WaitForSingleObject
GetModuleFileNameA
CreateProcessA
ReadFile
SetFilePointer
GetLastError
CloseHandle
CreateFileA
FindFirstFileA
HeapDestroy

user32

EqualRect
AdjustWindowRectEx
SetFocus
DispatchMessageA
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
CharToOemA
OemToCharA
wvsprintfA
MsgWaitForMultipleObjects
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ShowOwnedPopups
ValidateRect
TranslateMessage
GetMessageA
InsertMenuA
DeleteMenu
GetAsyncKeyState
DestroyMenu
WindowFromPoint
GetDialogBaseUnits
WaitMessage
GetWindowThreadProcessId
CharUpperA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
GetCapture
wsprintfA
GetClassInfoA
RegisterClassA
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetWindowPos
RegisterWindowMessageA
IntersectRect
IsIconic
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
IsWindowEnabled
LoadStringA
IsWindowVisible
GetWindowTextA
EnumChildWindows
MapDialogRect
GetWindowPlacement
CopyRect
ShowWindow
GetCursorPos
WinHelpA
GetKeyState
ScreenToClient
GetFocus
IsChild
CopyIcon
InflateRect
IsWindow
SetWindowLongA
PtInRect
RedrawWindow
MessageBeep
DestroyCursor
ReleaseCapture
GetSysColor
GetClientRect
SystemParametersInfoA
SetRect
AdjustWindowRect
GetSystemMetrics
InvalidateRect
SetCapture
GetSysColorBrush
LoadMenuA
GetMenuItemCount
SetTimer
SendMessageA
LoadIconA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
GetMenuStringA
GetMenuItemID
ModifyMenuA
GetSubMenu
GetMenu
IsMenu
PostQuitMessage
OffsetRect
GetWindowLongA
LoadBitmapA
GetDC
ReleaseDC
LoadCursorA
SetCursor
MessageBoxA
PeekMessageA
GetDesktopWindow
FindWindowA
SetForegroundWindow
GetParent
SetParent
GetWindow
GetClassNameA
DefDlgProcA
CharNextA
IsWindowUnicode
KillTimer
EnableWindow
DestroyWindow
GetWindowRect
PostMessageA
SetWindowTextA

gdi32

CreateBitmap
DeleteDC
StartDocA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
SetBkColor
SetColorAdjustment
PolyBezierTo
DeleteObject
GetClipRgn
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
EnumFontFamiliesExA
SetTextColor
GetClipBox
GetDCOrgEx
SelectObject
SetTextJustification
TextOutA
GetObjectA
GetStockObject
GetTextFaceA
CreateFontA
GetTextExtentPoint32A
CreateFontIndirectA
PolylineTo
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
GetDeviceCaps

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shell32

ShellExecuteA
DragAcceptFiles
SHGetMalloc
DragFinish
DragQueryFileA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetFileInfoA

comctl32

ImageList_Read
ImageList_Merge
ImageList_LoadImageA
ImageList_Create
ImageList_Destroy
ord14
ord13
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_AddMasked
ord17
ImageList_Write

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocStringLen
SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5f6b6d5e29275d6b5df4f9663997e249

Headers

File Characteristics

Imports

shlwapi

idriveinst

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

ole32

oleaut32

version

Sections

.text Size: 480KB - Virtual size: 479KB

.rdata Size: 104KB - Virtual size: 100KB

.data Size: 64KB - Virtual size: 80KB

.rsrc Size: 216KB - Virtual size: 216KB

.text
Size: 480KB - Virtual size: 479KB

.rdata
Size: 104KB - Virtual size: 100KB

.data
Size: 64KB - Virtual size: 80KB

.rsrc
Size: 216KB - Virtual size: 216KB