2715a495e4e34674387d2a9bb3331ed6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2715a495e4e34674387d2a9bb3331ed6_JaffaCakes118
Size

130KB
MD5

2715a495e4e34674387d2a9bb3331ed6
SHA1

43327414f340abd79c3d1a661dcb6e6d2da89cde
SHA256

f29da3f8743c825112c52bd0e5f31508ae6f1b03b7cd102283723a4a0023e7ca
SHA512

888c066fad49424a75efec60c6e93318643c73bbeabc7961d67a3912d7c4ec16740aae2c06dfa0562239feb26faedabd6e9b1bdaefeb934c927d52f84f4b38d6
SSDEEP

3072:0YdRiPEnvXVR7BioRwXxVb0sSOG+0uaewq:0zPSlR7Oz0snv1wq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2715a495e4e34674387d2a9bb3331ed6_JaffaCakes118

Files

2715a495e4e34674387d2a9bb3331ed6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d77870f5501ab11a3f751291b9d59bc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

oleacc

CreateStdAccessibleObject
LresultFromObject

kernel32

InitializeCriticalSection
TlsGetValue
GetModuleHandleW
LeaveCriticalSection
GlobalFree
GetSystemInfo
LoadResource
HeapAlloc
TlsSetValue
InterlockedDecrement
WideCharToMultiByte
CreateDirectoryW
GetLocaleInfoA
HeapDestroy
RtlUnwind
MoveFileW
GlobalFlags
lstrcpyW
RemoveDirectoryW
CreateDirectoryA
GetModuleHandleA
ReadFile
GetThreadLocale
MultiByteToWideChar
GlobalFindAtomW
HeapReAlloc
DebugActiveProcess
GetACP
WriteFile
TlsFree
ExitProcess
VirtualQuery
RaiseException
LockResource
SetFileAttributesA
DeleteCriticalSection
GetLastError
SetFilePointer
HeapFree
GetCurrentThreadId
GetSystemTimeAsFileTime
lstrcmpW
CopyFileA
lstrcatW
TlsGetValue
LoadLibraryA
GlobalAlloc
GlobalLock
GetVersionExW
TerminateProcess
EnumResourceLanguagesA
GetStartupInfoW
DeleteFileA
FormatMessageW
HeapSize
GetTickCount
HeapCreate
QueryPerformanceCounter
InterlockedExchange
LocalFree
FindResourceW
ExitProcess
GetCurrentProcess
SetLastError
SizeofResource
GetCurrentProcessId
CopyFileW
FreeLibrary
FlushFileBuffers
DeleteFileW
VirtualAlloc
InterlockedIncrement
GetProcAddress
LocalAlloc
GlobalUnlock
MoveFileA
SetFileAttributesW
EnterCriticalSection
lstrcpynW
VirtualProtect
GlobalAddAtomW
GlobalReAlloc
GlobalHandle
GlobalDeleteAtom
TlsAlloc
GetVersion
LocalReAlloc
RemoveDirectoryA

user32

GetClassNameW
GetSysColorBrush
GetTopWindow
CheckMenuItem
GetFocus
GetKeyState
AdjustWindowRectEx
PostQuitMessage
GetWindowTextW
UnregisterClassW
GetMenuCheckMarkDimensions
GetSysColor
ModifyMenuW
GetWindowRect
ValidateRect
GetDlgCtrlID
MessageBoxW
CallNextHookEx
WinHelpW
PostMessageW
SendMessageW
GetDlgItem
GetClassInfoW
GetWindowPlacement
GetClientRect
GetClassInfoExW
SetWindowPos
GetCapture
GetMenu
CopyRect
LoadBitmapW
GetSubMenu
GetLastActivePopup
PeekMessageW
SetWindowsHookExW
MapWindowPoints
GetMenuState
SetMenuItemBitmaps
DestroyWindow
RegisterClassW
DrawTextExW
PtInRect
GetMenuItemCount
GetWindowLongW
SystemParametersInfoA
DefWindowProcW
TabbedTextOutW
LoadCursorW
SetPropW
GetMessageTime
LoadIconW
CallWindowProcW
DrawTextW
UnhookWindowsHookEx
GetDC
ReleaseDC
IsIconic
SetWindowLongW
GetParent
RemovePropW
SetForegroundWindow
GetForegroundWindow
GetMenuItemID
EnableMenuItem
GetMessagePos
DestroyMenu
SetWindowTextW
GrayStringW
GetSystemMetrics
EnableWindow
GetClassLongW
DispatchMessageW
GetWindow
GetPropW
IsWindowEnabled
CreateWindowExW
ClientToScreen
RegisterWindowMessageW

gdi32

SetViewportOrgEx
SaveDC
SelectObject
TextOutW
RectVisible
SetTextColor
Escape
SetMapMode
ScaleViewportExtEx
OffsetViewportOrgEx
CreateBitmap
SetBkColor
ScaleWindowExtEx
GetDeviceCaps
ExtTextOutW
SetWindowExtEx
DeleteObject
DeleteDC
GetStockObject
RestoreDC
PtVisible
GetClipBox
SetViewportExtEx

shlwapi

PathAddExtensionW
PathAppendA
PathFindExtensionW
PathIsDirectoryEmptyA
PathRemoveFileSpecW
PathFindExtensionA
StrStrA
PathAppendW
PathIsDirectoryW
PathFindFileNameW
PathRemoveBackslashW
PathCanonicalizeA
PathCanonicalizeW
PathFileExistsW
PathAddBackslashW
PathFindFileNameA
PathIsDirectoryA
PathFileExistsA
PathRemoveFileSpecA
StrStrW
PathIsDirectoryEmptyW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d77870f5501ab11a3f751291b9d59bc9

Headers

File Characteristics

Imports

winspool.drv

oleacc

kernel32

user32

gdi32

shlwapi

ole32

Sections

.text Size: 102KB - Virtual size: 101KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 204KB

.text
Size: 102KB - Virtual size: 101KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 204KB