272ed180ae4a6243d5b4908fda15dad2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

272ed180ae4a6243d5b4908fda15dad2_JaffaCakes118
Size

128KB
MD5

272ed180ae4a6243d5b4908fda15dad2
SHA1

5afffecd267330c06966f59f193ab88508d19419
SHA256

f426677f1d23a34f6f7dd0d2d418d3b5177a07da0b4e024914b021e98ac2e98e
SHA512

52664e68f3cf90b96409b9c4e871c0853fca5103f0bdabcad0e70bdeec3b77e292481bf6e41348ca38b9d730552d079b8fac77580460c2f2c01bbc3a8615ed8c
SSDEEP

3072:SaB1eNwdM8TNtw0GnzbvQvNhpMBjaegZjQKfs4LJpPy/NSXKxQpHwh:TeydzTLwlnKNhpAjaljQKfZLylSaCpHw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
272ed180ae4a6243d5b4908fda15dad2_JaffaCakes118

Files

272ed180ae4a6243d5b4908fda15dad2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

111eeb490cada1b387744ada8c2ae9de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileW
HeapCreate
GetLocaleInfoA
MoveFileW
VirtualAlloc
GetCurrentProcess
WriteFile
HeapAlloc
GlobalFindAtomW
GetSystemTimeAsFileTime
TlsGetValue
FormatMessageW
ReadFile
LockResource
VirtualProtect
LocalReAlloc
GetCurrentProcessId
TerminateProcess
lstrcmpW
InterlockedExchange
CreateDirectoryA
HeapFree
lstrcatW
MoveFileA
InterlockedIncrement
GetCurrentThreadId
TlsFree
SetFileAttributesA
LoadResource
GlobalFree
TlsSetValue
GlobalFlags
DebugActiveProcessStop
GetModuleHandleA
lstrcpynW
MultiByteToWideChar
FindResourceW
GlobalHandle
EnumResourceLanguagesA
LeaveCriticalSection
GetVersionExW
GetVersion
InitializeCriticalSection
GetModuleHandleW
VirtualQuery
SetLastError
HeapDestroy
TlsGetValue
GlobalReAlloc
GlobalAddAtomW
GlobalUnlock
GetProcAddress
WideCharToMultiByte
GlobalAlloc
InterlockedDecrement
GetACP
DeleteFileA
FreeLibrary
GlobalDeleteAtom
SizeofResource
RemoveDirectoryW
QueryPerformanceCounter
CreateDirectoryW
CopyFileA
ExitProcess
DeleteFileW
GlobalLock
HeapReAlloc
GetTickCount
HeapSize
DeleteCriticalSection
TlsAlloc
GetLastError
FlushFileBuffers
SetFilePointer
LocalFree
ExitProcess
LoadLibraryA
SetFileAttributesW
EnterCriticalSection
RtlUnwind
GetSystemInfo
RaiseException
lstrcpyW
GetThreadLocale
GetStartupInfoW
LocalAlloc
RemoveDirectoryA

shlwapi

PathCanonicalizeW
StrStrA
PathIsDirectoryA
PathFindExtensionA
PathRemoveBackslashW
PathAddExtensionW
PathRemoveFileSpecW
PathFindFileNameA
StrStrW
PathAddBackslashW
PathFindExtensionW
PathIsDirectoryEmptyA
PathRemoveFileSpecA
PathIsDirectoryW
PathAppendW
PathFileExistsW
PathAppendA
PathCanonicalizeA
PathFindFileNameW
PathFileExistsA
PathIsDirectoryEmptyW

oleacc

CreateStdAccessibleObject
LresultFromObject

user32

GetWindow
DestroyWindow
PeekMessageW
SetMenuItemBitmaps
WinHelpW
RegisterClassW
GetKeyState
GetMenuItemID
GetMenuItemCount
GetDC
GetDlgCtrlID
MessageBoxW
TabbedTextOutW
IsWindowEnabled
EnableWindow
MapWindowPoints
GetFocus
GrayStringW
CreateWindowExW
GetMessageTime
GetMenuState
CallWindowProcW
DrawTextW
PostMessageW
GetSysColor
PtInRect
CheckMenuItem
LoadBitmapW
SetWindowTextW
CallNextHookEx
RemovePropW
GetClientRect
GetClassNameW
GetCapture
DrawTextExW
SetWindowLongW
GetSysColorBrush
SetWindowPos
UnhookWindowsHookEx
GetLastActivePopup
ModifyMenuW
GetMessagePos
GetParent
GetSubMenu
GetDlgItem
GetWindowPlacement
GetWindowTextW
IsIconic
PostQuitMessage
GetWindowRect
GetMenuCheckMarkDimensions
GetClassLongW
GetTopWindow
DefWindowProcW
CopyRect
GetWindowLongW
GetMenu
AdjustWindowRectEx
GetClassInfoW
ClientToScreen
GetClassInfoExW
EnableMenuItem
LoadIconW
GetPropW
SystemParametersInfoA
SendMessageW
SetWindowsHookExW
DestroyMenu
SetPropW
ValidateRect
SetForegroundWindow
UnregisterClassW
GetSystemMetrics
GetForegroundWindow
ReleaseDC
LoadCursorW
DispatchMessageW
RegisterWindowMessageW

gdi32

PtVisible
SetWindowExtEx
Escape
DeleteDC
SetViewportOrgEx
CreateBitmap
DeleteObject
TextOutW
SaveDC
RectVisible
SetTextColor
ScaleWindowExtEx
GetStockObject
OffsetViewportOrgEx
GetDeviceCaps
RestoreDC
ScaleViewportExtEx
SelectObject
SetBkColor
GetClipBox
SetMapMode
ExtTextOutW
SetViewportExtEx

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

111eeb490cada1b387744ada8c2ae9de

Headers

File Characteristics

Imports

kernel32

shlwapi

oleacc

user32

gdi32

winspool.drv

ole32

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 22KB - Virtual size: 22KB

.rsrc Size: 1024B - Virtual size: 204KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 22KB - Virtual size: 22KB

.rsrc
Size: 1024B - Virtual size: 204KB