575bb4e33608ab6d7bf20154b52d1408_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

575bb4e33608ab6d7bf20154b52d1408_JaffaCakes118
Size

280KB
MD5

575bb4e33608ab6d7bf20154b52d1408
SHA1

9098cf0799f5dc91fcd15c99cd646e7aa4f3239b
SHA256

aab76c66e6acf02627ab48d8fa982416af96504a0e3a242b42a8034221567848
SHA512

cfe5242dd833e44211791aba1e570f83a0eab130f5ca7160775142ba5a4c5bd39790b5889d1310436d414685f5a35f242a2e7b5bf459879a64593f9c33e89114
SSDEEP

6144:4JmWMrRZnkLc7Hv9+gWyBYoAfHVAYxolXYd:+mWMrRewh+j4Yo6H4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
575bb4e33608ab6d7bf20154b52d1408_JaffaCakes118

Files

575bb4e33608ab6d7bf20154b52d1408_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2655b9fb108619203a641935d29638b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

RtlUnwind
GetTimeZoneInformation
SetErrorMode
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
GetOEMCP
SizeofResource
HeapAlloc
HeapFree
GetACP
TerminateProcess
HeapSize
LCMapStringA
LCMapStringW
SetStdHandle
GetFileType
HeapReAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
GetProcessVersion
GetCPInfo
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetModuleFileNameA
GetShortPathNameA
MoveFileExA
FindNextFileA
DeleteFileA
RemoveDirectoryA
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
Sleep
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
MultiByteToWideChar
CreateFileA
CloseHandle
GetSystemDirectoryA
lstrcpyA
GetVersionExA
GetLastError
lstrcmpiA
GlobalAlloc
GlobalFree
GetWindowsDirectoryA
lstrlenA
lstrcatA
FindFirstFileA
FindClose
GetPrivateProfileStringA
GlobalFlags
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DuplicateHandle
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileTime
GetFileSize
GetFileAttributesA
MulDiv
GlobalUnlock
GlobalLock
GetCurrentThread
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcpynA
SetLastError
LocalFree
InterlockedDecrement
InterlockedIncrement
SetCurrentDirectoryA
CreateDirectoryA
ReleaseMutex
CopyFileA
OpenMutexA
CreateMutexA
GetProfileStringA
WriteProfileStringA
GlobalReAlloc
GetComputerNameA
WideCharToMultiByte
lstrcmpA
GetCurrentDirectoryA
SetFileAttributesA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW

user32

IsDialogMessageA
SetWindowTextA
ShowWindow
DestroyMenu
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
InflateRect
CharUpperA
GetClassNameA
PtInRect
LoadCursorA
GetSysColorBrush
EndDialog
CreateDialogIndirectParamA
GetMessageA
GetActiveWindow
ValidateRect
GetCursorPos
IsWindowEnabled
SetCursor
PostQuitMessage
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
IsWindowVisible
GetTopWindow
GetCapture
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetParent
GetNextDlgTabItem
UnhookWindowsHookEx
CopyRect
GetDC
ReleaseDC
LoadStringA
EnableWindow
GetSysColor
GetMenuItemID
GetFocus
DrawFocusRect
InvalidateRect
GetWindowRect
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
PostMessageA
LoadIconA
WinHelpA
SendMessageA
SendMessageTimeoutA
PeekMessageA
TranslateMessage
DispatchMessageA
GetForegroundWindow
FindWindowA
DestroyIcon
MessageBoxA
wsprintfA
SetWindowLongA
DefWindowProcA
ShowCaret
ExcludeUpdateRgn
HideCaret
CharNextA
IsWindowUnicode
DefDlgProcA
UnregisterClassA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBitmap
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetTextExtentPointA
GetDeviceCaps
CreateSolidBrush
PatBlt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
EnumPrinterDriversA
DeletePrinterDriverA
GetPrinterDriverDirectoryA
DeleteMonitorA
DeletePrinter
DeletePrinterConnectionA
DocumentPropertiesA
SetPrinterA
GetPrinterA
GetPrinterDriverA
ClosePrinter
EnumPrintersA

advapi32

RegOpenKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyA
EnumDependentServicesA
RegDeleteValueA
RegEnumValueA
ControlService
StartServiceA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegCloseKey
RegQueryValueExA
OpenProcessToken
CloseServiceHandle
RegEnumKeyExA
LookupAccountSidA
GetTokenInformation

shell32

ExtractIconExA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

comctl32

ImageList_ReplaceIcon
ImageList_Draw
ImageList_Destroy
ImageList_Create
ord17

ole32

CoTaskMemAlloc
CoTaskMemFree

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2655b9fb108619203a641935d29638b0

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

Sections

.text Size: 208KB - Virtual size: 208KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 20KB - Virtual size: 36KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 208KB - Virtual size: 208KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 20KB - Virtual size: 36KB

.rsrc
Size: 16KB - Virtual size: 16KB