306c80102198993002ce18f17b5b96ef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

306c80102198993002ce18f17b5b96ef_JaffaCakes118
Size

432KB
MD5

306c80102198993002ce18f17b5b96ef
SHA1

5c1bc7165eb2edbd32128e94609be3e7a7b4a1bd
SHA256

f5d847f541076961bc016c9bacf41cd88d4b84fb415005a15d5ff16496769f5a
SHA512

3a40f99a78b12e6eb0c573dbe24f9b7c19e4fae1427cf9c872455a45568deae0f4a5dc822d5a6e438243eb7c78487a136e08fb32e2c59f3adc5d119bc4c72508
SSDEEP

6144:KK6asMaUpIwK4Pcani96KyBG8+MMoxWDW3Ql2Ji9ik/J:KK6UaUC2u96LBGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
306c80102198993002ce18f17b5b96ef_JaffaCakes118

Files

306c80102198993002ce18f17b5b96ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ed8da255a1633d3458493b97c13d5fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
RaiseException
TerminateProcess
RtlUnwind
ExitProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCPInfo
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetOEMCP
WriteFile
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
CloseHandle
ReadProcessMemory
CreateMutexA
GetLastError
ReleaseMutex
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
SetLastError
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
FreeLibrary
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
InitializeCriticalSection
DuplicateHandle
GetFileType
GetStdHandle
LocalFree
OpenProcess
EnterCriticalSection
Process32Next
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
Sleep
GetModuleHandleA
HeapDestroy
HeapCreate
SetHandleCount
WriteProcessMemory
GetSystemDirectoryA
Process32First
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
GetProfileStringA
CreateEventA
WaitForSingleObject
DeviceIoControl
CreateFileA
LeaveCriticalSection
GetStartupInfoA
GetCommandLineA
RaiseException
TerminateProcess
RtlUnwind
ExitProcess
CreateThread
ExitThread
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCPInfo
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetOEMCP
WriteFile
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcmpA
CloseHandle
ReadProcessMemory
CreateMutexA
GetLastError
ReleaseMutex
FileTimeToLocalFileTime
FileTimeToSystemTime
GlobalGetAtomNameA
GlobalAddAtomA
SetErrorMode
GetFileTime
GetFileSize
GetFileAttributesA
WritePrivateProfileStringA
SizeofResource
GetVersionExA
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
DeleteCriticalSection
TlsAlloc
LocalAlloc
SetLastError
GetModuleFileNameA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
lstrcpyA
FreeLibrary
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetCurrentProcess
InitializeCriticalSection
DuplicateHandle
GetFileType
GetStdHandle
LocalFree
OpenProcess
EnterCriticalSection
Process32Next
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
GlobalAlloc
GlobalDeleteAtom
lstrcmpiA
GetCurrentThread
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
MulDiv
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
Sleep
GetModuleHandleA
HeapDestroy
HeapCreate
SetHandleCount
WriteProcessMemory
GetSystemDirectoryA
Process32First
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
GetProfileStringA
CreateEventA
WaitForSingleObject
DeviceIoControl
CreateFileA
LeaveCriticalSection

user32

GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ReleaseDC
ShowOwnedPopups
SetCursor
MessageBoxA
PostQuitMessage
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
PtInRect
CharUpperA
GetClassNameA
ClientToScreen
GetDesktopWindow
GetSysColorBrush
DestroyMenu
FindWindowA
OffsetRect
LoadStringA
ReleaseCapture
WindowFromPoint
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
IntersectRect
InflateRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
CopyRect
GetMenuCheckMarkDimensions
IsWindowVisible
SetScrollInfo
GetMenuState
GetDC
SetScrollRange
GetScrollPos
IsChild
GetParent
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetWindowThreadProcessId
LoadBitmapA
SetWindowRgn
PostMessageA
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
ScreenToClient
RedrawWindow
GetDialogBaseUnits
SendMessageA
GetSysColor
DrawFocusRect
LoadCursorA
LoadIconA
FindWindowExA
ShowWindow
BringWindowToTop
SetMenuItemBitmaps
SetForegroundWindow
GetDlgCtrlID
GetClientRect
FillRect
CheckMenuItem
EnableMenuItem
MoveWindow
SetWindowTextA
IsDialogMessageA
ShowScrollBar
ModifyMenuA
EndDeferWindowPos
ScrollWindow
InvalidateRect
EnableWindow
IsWindowEnabled
GetTopWindow
wsprintfA
SetScrollPos
CharNextA
DefDlgProcA
ShowCaret
UnregisterClassA
IsWindowUnicode
ExcludeUpdateRgn
HideCaret

gdi32

SelectObject
CreateCompatibleDC
BitBlt
CreateSolidBrush
GetObjectA
GetRegionData
ExtCreateRegion
CreateBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CombineRgn
CreateRectRgn
GetPixel
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateCompatibleBitmap
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
CreateHatchBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextMetricsA
GetTextExtentPointA
PatBlt
OffsetViewportOrgEx
CreateDIBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ed8da255a1633d3458493b97c13d5fa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 80KB - Virtual size: 96KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 180KB - Virtual size: 180KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 80KB - Virtual size: 96KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 180KB - Virtual size: 180KB