27392d125a2d3f93f4cf74b9a28e04ed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27392d125a2d3f93f4cf74b9a28e04ed_JaffaCakes118
Size

636KB
MD5

27392d125a2d3f93f4cf74b9a28e04ed
SHA1

c37eed6a91f08c6c53b17e3a34c013cab090d9de
SHA256

e0a7beafc16ac575b287dbeb79807f7d37d556d56efd39ebb3ff355179267d12
SHA512

d8a849fd5b4b14b9fa2b73b47a8ff6e0ae9354185618aacc3ec6447fd69aebd450df3a1f4204c3c38f0f353e6c07f66a7cb7bc3f81d05d949011732d30206e05
SSDEEP

6144:ZQoXKHMap5MvDiBc/xld/6EYZdxgh4NJaiZrA8p7dl+ZgIcKUJ/83ZWEbCUb3:ZDXKsA5MvDzAmipdX+Zg4UJUs0Ck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27392d125a2d3f93f4cf74b9a28e04ed_JaffaCakes118

Files

27392d125a2d3f93f4cf74b9a28e04ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d68b93d09fd41d77bff59a2b536d11ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
HeapFree
RtlUnwind
RaiseException
TerminateProcess
CreateThread
ExitThread
HeapAlloc
GetTimeZoneInformation
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetStdHandle
FormatMessageA
HeapReAlloc
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
GetCPInfo
SetHandleCount
GetProcessVersion
LCMapStringW
GetDriveTypeA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetTickCount
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
UnlockFile
SetEndOfFile
SetFilePointer
LockFile
FlushFileBuffers
GetCurrentProcess
WriteFile
ReadFile
FileTimeToLocalFileTime
DuplicateHandle
SetErrorMode
GetCurrentDirectoryA
FileTimeToSystemTime
GetThreadLocale
WritePrivateProfileStringA
GetFileType
GetEnvironmentVariableA
SizeofResource
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetModuleFileNameA
CreateFileA
Sleep
GetProcAddress
lstrcpyA
lstrcatA
lstrlenA
WinExec
GetWindowsDirectoryA
LoadLibraryA
GetOEMCP
VirtualAlloc
GlobalFlags
GetProfileStringA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
lstrcpynA
FindNextFileA
FindFirstFileA
GetLastError
FindClose
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
IsBadWritePtr
LCMapStringA
GetVersionExA
HeapDestroy
FreeLibrary

user32

CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
DestroyMenu
LoadStringA
MapDialogRect
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
GetCursorPos
WindowFromPoint
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
LoadIconA
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetClassNameA
CopyRect
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
UnhookWindowsHookEx
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetDesktopWindow
GetSysColorBrush
TabbedTextOutA
EndPaint
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
IsIconic
GetSystemMetrics
DrawIcon
SetPropA
GetSystemMenu
AppendMenuA
GetPropA
EnumWindows
EnableWindow
LoadCursorA
CopyIcon
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
SendMessageA
GetSysColor
ScreenToClient
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetMapMode
SetViewportOrgEx
SetBkMode
SelectObject
RestoreDC
DeleteDC
SaveDC
SetTextColor
GetClipBox
SetBkColor
GetObjectA
CreateFontIndirectA
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 440KB - Virtual size: 440KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d68b93d09fd41d77bff59a2b536d11ba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 440KB - Virtual size: 440KB

.rdata Size: 116KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.data Size: 72KB - Virtual size: 72KB

.text
Size: 440KB - Virtual size: 440KB

.rdata
Size: 116KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.data
Size: 72KB - Virtual size: 72KB