27a914bd02c658d1e7f386a12ccfac90_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27a914bd02c658d1e7f386a12ccfac90_JaffaCakes118
Size

404KB
MD5

27a914bd02c658d1e7f386a12ccfac90
SHA1

4f3b4d1894a83f50bc72e824e4fef85ac5d05903
SHA256

71018103cceb822aaceb65d3009b7300fdc4917a6916ac9408ca41960ac63b59
SHA512

820524d434a60bf232fa97919fdd6b73c902ddba8d38e8e8fd234265429963919585aaa9465c6cf817b434d55e2d89d564c073c7b6cb626c618694083cc2e60a
SSDEEP

6144:H1QvYwvOIOgshmo42u03fgU38NQ9126BC564ubYe5t:iYwvroe0Pgj6k8jk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27a914bd02c658d1e7f386a12ccfac90_JaffaCakes118

Files

27a914bd02c658d1e7f386a12ccfac90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b1a6f23713cf02d44093b24431c80cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
RaiseException
GetACP
TerminateProcess
HeapSize
HeapReAlloc
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
UnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
ExitThread
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateThread
GetLocalTime
GetSystemTime
DebugBreak
CreateDirectoryA
GetProfileStringA
InterlockedExchange
FlushInstructionCache
VirtualProtect
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
DuplicateHandle
FindFirstFileA
FindClose
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GetTickCount
lstrcmpA
GetCurrentThread
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
EnterCriticalSection
WritePrivateProfileStringA
GetPrivateProfileIntA
lstrcpynA
MulDiv
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
Sleep
OutputDebugStringA
lstrlenA
GetExitCodeThread
WaitForSingleObject
GetModuleFileNameA
CreateToolhelp32Snapshot
Module32First
Module32Next
GetModuleHandleA
GetCurrentProcess
LoadLibraryExW
CreateFileA
WriteFile
CloseHandle
GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
GetEnvironmentStringsW
GlobalFree

user32

GetWindowDC
ReleaseDC
GetDC
ClientToScreen
LoadStringA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
LoadIconA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
PostThreadMessageA
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
GetWindowRect
SendMessageA
PostMessageA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetWindowPos
UpdateWindow
SetCursor
DestroyCursor
LoadCursorA
DefDlgProcA
IsWindowUnicode
IsWindowVisible
SetForegroundWindow
SetActiveWindow
InvalidateRect
InflateRect
GetClientRect
EnableWindow
IsWindow
GetNextDlgGroupItem
BeginPaint
SetRect
CopyAcceleratorTableA
CharNextA
CharUpperA
DestroyMenu
GetSysColorBrush
PtInRect
GetClassNameA
RegisterClipboardFormatA
MapDialogRect
GetDlgCtrlID
MessageBeep
SetWindowContextHelpId
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
PostQuitMessage
GetDesktopWindow
GrayStringA
DrawTextA
TabbedTextOutA
wsprintfA
EndPaint

gdi32

SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
ScaleViewportExtEx
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
PatBlt
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetObjectA
CreateFontIndirectA
CreateDIBitmap
GetTextExtentPointA
BitBlt
CreateCompatibleDC
CreateSolidBrush

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

comctl32

ord17
ImageList_Destroy

oledlg

ord8

ole32

OleFlushClipboard
CoRevokeClassObject
CoRegisterMessageFilter
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CoTaskMemFree
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemAlloc
OleRun

olepro32

ord253

oleaut32

SysAllocStringByteLen
SysStringLen
SysAllocStringLen
VariantCopy
VariantClear
VariantChangeType
SysAllocString
SysFreeString
VariantTimeToSystemTime

wsock32

WSAStartup
WSACleanup

wininet

InternetGetLastResponseInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetSetOptionExA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA

gdiplus

GdipCreateBitmapFromStreamICM
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteGraphics
GdipDisposeImage
GdiplusStartup
GdiplusShutdown
GdipFree

hcrypt

pemEncodeCertRequest
pkcs10Create
pkcCtrl
pkcCreate
osMBSToWCS
rtCheckPrintableString
hcryptInit
pkcDestroy
pkcs12ExportKey
pemDecodeCert
hcryptEnd

psapi

GetModuleInformation

Sections

.text
Size: 212KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�LJ
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3b1a6f23713cf02d44093b24431c80cc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

wininet

gdiplus

hcrypt

psapi

Sections

.text Size: 212KB - Virtual size: 210KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 16KB - Virtual size: 14KB

�LJ Size: 92KB - Virtual size: 92KB

.text
Size: 212KB - Virtual size: 210KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 16KB - Virtual size: 14KB

�LJ
Size: 92KB - Virtual size: 92KB