1415ad2bcd697e2658444a50cb2a6b3c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1415ad2bcd697e2658444a50cb2a6b3c_JaffaCakes118
Size

271KB
MD5

1415ad2bcd697e2658444a50cb2a6b3c
SHA1

1b844f6d328658a0788b5ac1add3fab12c514e1c
SHA256

7d1bbda027bb347091c6331e537245d8eb28a4c22dc25c957e7fef4666ae8bc6
SHA512

b7b82fc0f4eaceb02d7b46a70100d01b5a44dd46e9618f5e7fc7bfbd3eed8397b1462ac59b2a6d1dd1986cd2655e6eb88da6be49eeb00ea402c234dfaa9d375a
SSDEEP

3072:xghlC25Ew3qSMcH25geEIXLB7pay2QI5o5hdRviu5rTs6MOtOHdyy/psS1u:xghtEww6eEIXAxYRviuhs65tOHoep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1415ad2bcd697e2658444a50cb2a6b3c_JaffaCakes118

Files

1415ad2bcd697e2658444a50cb2a6b3c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a73026b9fcf1a8037e7908bd8e53bc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupInstallFromInfSectionA
SetupOpenInfFileA
SetupInitDefaultQueueCallbackEx
SetupPromptReboot
SetupTermDefaultQueueCallback
SetupCloseInfFile
SetupInstallServicesFromInfSectionA
SetupDefaultQueueCallbackA

kernel32

FlushFileBuffers
SetErrorMode
GetCurrentProcess
SetFilePointer
GetFullPathNameA
GetStartupInfoA
GetCommandLineA
ExitProcess
RtlUnwind
TerminateProcess
HeapFree
HeapAlloc
RaiseException
HeapReAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
FileTimeToSystemTime
FileTimeToLocalFileTime
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
WriteFile
CreateFileA
GetFileSize
ReadFile
CloseHandle
lstrcpyA
lstrlenA
lstrcmpiA
lstrcmpA
GetLastError
FormatMessageA
GetOEMCP
GetCPInfo
GetCurrentDirectoryA
WritePrivateProfileStringA
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GlobalFlags
LocalFree
FindNextFileA
FindFirstFileA
FindClose
MulDiv
SetLastError
FreeLibrary
LoadLibraryA
lstrcatA
GetProcAddress
GlobalFindAtomA
GetModuleHandleA
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GetModuleFileNameA
GetCurrentThreadId
GlobalDeleteAtom
GetCurrentThread
GlobalAddAtomA
lstrcpynA
GlobalGetAtomNameA
GlobalUnlock
GetVersion
GlobalLock
FindResourceA
GlobalFree
LockResource
GetEnvironmentStringsW
LoadResource
SetHandleCount
HeapSize
GetACP
FreeEnvironmentStringsA

user32

SetWindowTextA
LoadStringA
GetWindowRect
GetWindowPlacement
SystemParametersInfoA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CreateWindowExA
DefWindowProcA
RegisterClassA
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
DeferWindowPos
ScreenToClient
AdjustWindowRectEx
GetSysColor
MapWindowPoints
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
SendDlgItemMessageA
GetWindowTextA
GetWindowTextLengthA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetMessageA
TranslateMessage
DispatchMessageA
CallNextHookEx
ValidateRect
GetCursorPos
SetWindowsHookExA
MessageBoxA
ShowOwnedPopups
PostQuitMessage
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
InvalidateRect
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetMenuItemCount
GetSubMenu
GetMenuItemID
ReuseDDElParam
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
GetDesktopWindow
GetWindow
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
IsDialogMessageA
LoadBitmapA
LoadCursorFromFileA
SetSystemCursor
FindWindowA
PostMessageA
GetParent
SendMessageA
GetClientRect
EnableWindow
UpdateWindow
UnpackDDElParam
GetDlgCtrlID
UnregisterClassA

gdi32

DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
SelectObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
SaveDC
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
GetStockObject
Rectangle

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegCloseKey

shell32

DragFinish
DragQueryFileA

comctl32

ord17

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a73026b9fcf1a8037e7908bd8e53bc5

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 114KB - Virtual size: 113KB

.rdata Size: 21KB - Virtual size: 21KB

.data Size: 84KB - Virtual size: 97KB

.rsrc Size: 51KB - Virtual size: 50KB

.text
Size: 114KB - Virtual size: 113KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 84KB - Virtual size: 97KB

.rsrc
Size: 51KB - Virtual size: 50KB