2894814f8be7cfe5eefd5dbe84eb5787_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2894814f8be7cfe5eefd5dbe84eb5787_JaffaCakes118
Size

364KB
MD5

2894814f8be7cfe5eefd5dbe84eb5787
SHA1

dec72281a26f364835c7299d6022665407fd099f
SHA256

3c252ac441780f6f2447dfc8c19e195429c301ebce9fa95693f930db1a1803e5
SHA512

ce830c872bfdcc68cedb22074d8601e3a0aa3e86cd4a2f63b0f182d205e648ed7cf0d57508b74a180caae174d09b921263d809362e75b545307798f664d23ab4
SSDEEP

6144:xuNVCprQ+Z/NXqaZFTlFm+wNCdKxdGVKshWWFjkk9lKVAUUcv4X1SQU:xYVENZ/EqFBT9RhkqG7QU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2894814f8be7cfe5eefd5dbe84eb5787_JaffaCakes118

Files

2894814f8be7cfe5eefd5dbe84eb5787_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c16bc7048951312a81922ce0e5fc1fea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
WaitForSingleObject
GetFileAttributesA
DeleteFileA
SetFileAttributesA
CreateDirectoryA
CreateEventA
CreateThread
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetShortPathNameA
GetCurrentDirectoryA
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
CloseHandle
GetTempPathA
WinExec
lstrlenA
CreateProcessA
Sleep
TerminateProcess
MultiByteToWideChar
GetVersionExA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FindClose
SetLastError
FindFirstFileA
lstrcpyA
FindNextFileA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
DuplicateHandle
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
lstrcatA
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetFileSize
GetFileTime
GetVersion
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
HeapAlloc
HeapFree
GetACP
SetStdHandle
GetFileType
RaiseException
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange

user32

ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
TranslateMessage
SetCursor
GetNextDlgTabItem
GetParent
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
GetWindowLongA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
EnableWindow
MessageBoxA
IsWindowEnabled
GetLastActivePopup
UnhookWindowsHookEx
GetMenuItemCount
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
IsWindowVisible
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetCursorPos
CreateWindowExA
DestroyWindow
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
DefWindowProcA
PeekMessageA
SetWindowsHookExA
LoadStringA
KillTimer
wsprintfA
DispatchMessageA
GetMessageA
SetTimer
FindWindowA
GetSystemMetrics
SendMessageA
CharUpperA
PostMessageA
PostQuitMessage
GetClassLongA

advapi32

RegCloseKey
RegDeleteValueA
AllocateAndInitializeSid
RegDeleteKeyA
InitializeAcl
LookupAccountNameA
AddAccessAllowedAce
SetNamedSecurityInfoA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteA
SHFileOperationA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ord17

urlmon

URLDownloadToFileA

wininet

InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetGetLastResponseInfoA

netapi32

Netbios

gdi32

GetClipBox
GetObjectA
ScaleWindowExtEx
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
CreateBitmap
SaveDC
DeleteDC
GetDeviceCaps
DeleteObject
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c16bc7048951312a81922ce0e5fc1fea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

comctl32

urlmon

wininet

netapi32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 136KB - Virtual size: 134KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 136KB - Virtual size: 134KB