37897b4eff66039922fb4433bc738420_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37897b4eff66039922fb4433bc738420_JaffaCakes118
Size

215KB
MD5

37897b4eff66039922fb4433bc738420
SHA1

bea6c9473fbed128153feec71377159fae35907b
SHA256

c980ee46ffcb7751abf634688a6f84a7d5b062937a6e57e11c8c9b93bf3e0050
SHA512

3c6f6adc1739cf40d8ab5de98f55c2cc856a51a44ad03132ddcdb8046cbe6c4ba33cd63e219e369232a1045bb23b39ae25c768f8029f086ba8617ea11645cb5b
SSDEEP

3072:4BKi9ifv+LPnsSgkeXgs5UavSAOMdxmVH9DJfae7m3g4MFttKE9VTXpWBF:Wx9in+LPn50OuQpae70M/tBAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37897b4eff66039922fb4433bc738420_JaffaCakes118

Files

37897b4eff66039922fb4433bc738420_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f680a0710fe0defc332a29ab406ac1e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

comctl32

ImageList_Destroy
ord17

kernel32

GetTempPathW
lstrcpynW
lstrlenW
GetModuleHandleA
SetUnhandledExceptionFilter
GetCurrentProcess
UnhandledExceptionFilter
ExitProcess
lstrcpyW
LocalFree
CloseHandle
LoadLibraryW
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcessId
FormatMessageW
GetDateFormatW
FileTimeToSystemTime
GetCommandLineA
VirtualAlloc
VirtualFree
GetFullPathNameW
GetFileAttributesW
GetLastError
FreeLibrary
QueryPerformanceCounter
GetProcAddress

shell32

Shell_NotifyIconA
DragFinish
DragQueryFileA

comdlg32

ReplaceTextA
FindTextW
GetFileTitleA
PrintDlgExW
PrintDlgExA
GetOpenFileNameW
PrintDlgA
ChooseColorW
PageSetupDlgW
GetOpenFileNameA
Ssync_ANSI_UNICODE_Struct_For_WOW
ReplaceTextW
GetFileTitleW
ChooseFontA
WantArrows
PrintDlgW
ChooseFontW
ChooseColorA
dwOKSubclass
dwLBSubclass
LoadAlterBitmap
GetSaveFileNameW
CommDlgExtendedError
FindTextA
GetSaveFileNameA
PageSetupDlgA

advapi32

AdjustTokenPrivileges

gdi32

GetObjectA
GetSystemPaletteEntries
GetStockObject
GetBitmapBits
MaskBlt
CopyEnhMetaFileA
SetWindowOrgEx
GetPixel
SaveDC
DeleteObject
SetTextColor
SetEnhMetaFileBits
GetClipBox
CreateDIBSection
SetBkColor
SetStretchBltMode
GetEnhMetaFileBits
SetViewportExtEx
GetTextMetricsA
GetDCOrgEx
GetDeviceCaps
RealizePalette
RectVisible
GetTextExtentPoint32A
LineTo
SelectClipRgn
GetPaletteEntries
CreateCompatibleDC
ExcludeClipRect
SetWinMetaFileBits
CreateDIBitmap
GetWindowOrgEx
GetBrushOrgEx
CreateFontIndirectA
SetMapMode
SetPixel
GetEnhMetaFileHeader
GetCurrentPositionEx
SetBrushOrgEx
SetViewportOrgEx
CreateBitmap
SetBkMode
SetWindowExtEx
Rectangle
PlayEnhMetaFile
PolyPolyline
GetWinMetaFileBits
CreatePalette
CreateSolidBrush
GetDIBits
CreatePenIndirect
ExtCreatePen
IntersectClipRect
UnrealizeObject
CreateHalftonePalette
BitBlt
SetROP2

msvcrt

_adjust_fdiv
_wfopen
exit
_controlfp
__winitenv
_except_handler3
_wcsicmp
_initterm
fwprintf
wcscat
_c_exit
__p__commode
wcschr
_wcsnicmp
fclose
__set_app_type
__p__fmode
wcscmp
_XcptFilter
wcsrchr
iswalpha
_cexit
_exit

Sections

.text
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f680a0710fe0defc332a29ab406ac1e9

Headers

File Characteristics

Imports

winspool.drv

comctl32

kernel32

shell32

comdlg32

advapi32

gdi32

msvcrt

Sections

.text Size: 142KB - Virtual size: 142KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 54KB - Virtual size: 55KB

.rsrc Size: 1024B - Virtual size: 808B

.text
Size: 142KB - Virtual size: 142KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 54KB - Virtual size: 55KB

.rsrc
Size: 1024B - Virtual size: 808B