30903a3515b170bae83af6632bae29df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

30903a3515b170bae83af6632bae29df_JaffaCakes118
Size

444KB
MD5

30903a3515b170bae83af6632bae29df
SHA1

f9eab8df7431383948399c8b181a2367c770c085
SHA256

29202a2a7249979a736bef6f26486bb529b8a862235893546e49eed49c58ed11
SHA512

29dc2ecd49059c7e50b87492f26e8c8a90aa51724f2723d355218d8292358d394b5cb94aa62eb99376f4ab92bd971d50155658fb797c3e68683a4dd2315ff7f3
SSDEEP

6144:Tp/1tzyCLY0OlP2JRn6txy/afALXqo1jmUZxL6xQGQo:V/fzyC8ZlP6RJZLXqs765

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30903a3515b170bae83af6632bae29df_JaffaCakes118

Files

30903a3515b170bae83af6632bae29df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2d6c29455ec2cb72279d4de9ca2e9769

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetStartupInfoA
SetStdHandle
RtlUnwind
HeapAlloc
RaiseException
TerminateProcess
HeapFree
GetFileType
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetACP
GetTimeZoneInformation
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GlobalUnlock
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
FileTimeToLocalFileTime
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetTickCount
FileTimeToSystemTime
SizeofResource
GetCPInfo
WritePrivateProfileStringA
GetOEMCP
SetErrorMode
GetProcessVersion
GlobalFlags
TlsSetValue
TlsGetValue
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
EnterCriticalSection
TlsAlloc
LocalAlloc
InitializeCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileSize
GetFileTime
SetHandleCount
GetStdHandle
GetFileAttributesA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetModuleFileNameA
FindFirstFileA
FindClose
ReleaseMutex
OpenMutexA
CloseHandle
CreateMutexA
GlobalAlloc
GlobalFree
GetPrivateProfileIntA
GetPrivateProfileStringA
MulDiv
IsBadWritePtr
GetProfileStringA
GlobalLock
lstrcmpA
GetCurrentThread
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
lstrcmpiA
GetThreadLocale
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FormatMessageA
LocalFree
lstrcpynA
GetLastError
SetLastError
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
DeleteFileA

user32

CharNextA
SetRect
GetNextDlgGroupItem
MessageBeep
InvalidateRect
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
GetSysColorBrush
LoadCursorA
GetDesktopWindow
PtInRect
GetClassNameA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
DestroyMenu
MapDialogRect
SetWindowContextHelpId
EndDialog
CreateDialogIndirectParamA
GetMessageA
TranslateMessage
GetActiveWindow
ValidateRect
GetCursorPos
SetCursor
PostQuitMessage
LoadStringA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
GetNextDlgTabItem
IsWindowEnabled
CopyAcceleratorTableA
SetWindowTextA
IsDialogMessageA
PostMessageA
UpdateWindow
SendDlgItemMessageA
GetSysColor
PeekMessageA
DispatchMessageA
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
GetTopWindow
IsChild
GetParent
GetCapture
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
ShowWindow
MoveWindow
IsWindow
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
CharUpperA
wsprintfA
WinHelpA
IsIconic
GetSystemMetrics
DrawIcon
GetClientRect
MapWindowPoints
GetSystemMenu
EnableMenuItem
AppendMenuA
SendMessageA
LoadIconA
MessageBoxA
EnableWindow
SetActiveWindow
GetFocus
LoadBitmapA
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetViewportExtEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
GetStockObject
DeleteDC
SaveDC
GetObjectA
SetBkColor
CreateBitmap
SetTextColor
GetClipBox

comdlg32

GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

shell32

DragQueryFileA
DragAcceptFiles

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2d6c29455ec2cb72279d4de9ca2e9769

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 160KB - Virtual size: 158KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 16KB - Virtual size: 14KB

.tc Size: 204KB - Virtual size: 204KB

.text
Size: 160KB - Virtual size: 158KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 16KB - Virtual size: 14KB

.tc
Size: 204KB - Virtual size: 204KB