2d8df75be4aff297914e6638e8e7d4c0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d8df75be4aff297914e6638e8e7d4c0_JaffaCakes118
Size

104KB
MD5

2d8df75be4aff297914e6638e8e7d4c0
SHA1

08341de9113c51c06baf3aa57ec095f4b330eb74
SHA256

5dbf4cdcdbca38dfee1a292aa5f02e75f98400b6cfae0b7b60c4f10b5192ae13
SHA512

29bed1d1b15184012ce97d20da3e48561b24b0d9a9764c6a0c7ccba3abc03f6a29d67640398d1e95a256c8cd37770c6843be1a4affb10f9418958b096ee7d1a6
SSDEEP

1536:YuaPeitbHlqw0/iT75JoXN5yJmhEbnOy/joAtESU97KvbPHB6TNBKo+lZeq:YuaPVbHw4JoXuJmSbn/hHB6TOo+lp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8df75be4aff297914e6638e8e7d4c0_JaffaCakes118

Files

2d8df75be4aff297914e6638e8e7d4c0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bc97dd0c75460dd1abb7baac1e2add6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
InitializeCriticalSection
GetModuleFileNameA
DeleteCriticalSection
TerminateProcess
GetPrivateProfileStringA
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
GetLastError
GetSystemDirectoryA
CreateProcessA
GetComputerNameA
GlobalMemoryStatus
CreateThread
GetTickCount
Sleep
ExitProcess
LoadLibraryA
GetProcAddress
LocalFree
FreeLibrary
CloseHandle
lstrlenA
WaitForSingleObject
DeleteFileA
InterlockedDecrement
GetVersionExA
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
lstrcpynA
lstrcpyA
LocalAlloc
SetLastError
GlobalUnlock
GlobalLock
lstrcmpA
GetVersion
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetCurrentProcess
WriteFile
SetFilePointer
FlushFileBuffers
lstrcmpiA
GlobalFlags
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
ResumeThread
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
ExitThread
GetCommandLineA
SetStdHandle
GetFileType
GetACP
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr

user32

GetMenuItemCount
GetClassNameA
PtInRect
GetWindowRect
GetWindow
ClientToScreen
GetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
GetSubMenu
LoadIconA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
GetMenuItemID
GetLastActivePopup
SendMessageA
MessageBoxA
GetSystemMetrics
UnhookWindowsHookEx
LoadStringA
GetParent
SetFocus
EnableWindow
IsWindowEnabled
SetWindowPos
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetWindowLongA
GetDlgItem
GetWindowTextA
GetMenuState
PostMessageA
DispatchMessageA
PeekMessageA
PostThreadMessageA

advapi32

StartServiceCtrlDispatcherA
CreateServiceA
DeleteService
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

oleaut32

SysFreeString
VariantClear
SysAllocString

comctl32

ord17

urlmon

URLDownloadToFileA

ws2_32

gethostbyname
shutdown
connect
WSACleanup
closesocket
sendto
htonl
inet_addr
htons
setsockopt
socket
WSAStartup
WSAGetLastError
bind
recvfrom

gdi32

SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
CreateBitmap
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetDeviceCaps
ExtTextOutA
TextOutA
Escape
RectVisible
PtVisible

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc97dd0c75460dd1abb7baac1e2add6d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

comctl32

urlmon

ws2_32

gdi32

winspool.drv

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 23KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 23KB