ed41db3618f26237661bb6a919635164_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ed41db3618f26237661bb6a919635164_JaffaCakes118
Size

401KB
MD5

ed41db3618f26237661bb6a919635164
SHA1

9c1fd58cfa53acd91db75ea808b80c792ab37c51
SHA256

c0df4455218a4337f055e8b5c79619ac3d04078f79509fea6ea04e78e25f704a
SHA512

ec9ba94323780585d1d8f955b6c7e5e1e9f28e8af95b92d39587c514a4ff525ef15e9fd760e8cc5c81a8551ab714e92e8b9097317fc420e4d04ea5558ba084b2
SSDEEP

6144:D3YWs6Mhj4EkgvbChbA8g2mTYwWjsgJo2EcX/CugRqhC7UJj7J:DpE3vbCZAfqwks9FBihFxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed41db3618f26237661bb6a919635164_JaffaCakes118

Files

ed41db3618f26237661bb6a919635164_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10479c0ceaf3831fdfd39a21eab4af3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetTickCount
GetSystemTimeAsFileTime
RtlUnwind
HeapFree
HeapAlloc
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
RaiseException
HeapSize
GetACP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCPInfo
LCMapStringA
LCMapStringW
GetTimeZoneInformation
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
FreeResource
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GetCurrentProcessId
GlobalAddAtomA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
MulDiv
SetLastError
WritePrivateProfileStringA
GetPrivateProfileIntA
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
GetProcAddress
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
MultiByteToWideChar
InterlockedExchange
GetModuleFileNameA
GetPrivateProfileStringA
LoadLibraryA
FreeLibrary
GetEnvironmentVariableA
Sleep
CreateProcessA
CloseHandle
WaitForSingleObject
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
IsDebuggerPresent
GetCurrentThreadId

user32

SetRect
InvalidateRgn
SetCapture
ReleaseCapture
GetNextDlgGroupItem
GetNextDlgTabItem
MessageBeep
CreateDialogIndirectParamA
RegisterClipboardFormatA
PostThreadMessageA
UnregisterClassA
LoadCursorA
GetSysColorBrush
SetWindowContextHelpId
MapDialogRect
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
IsWindow
SetFocus
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
IsRectEmpty
PtInRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
GetActiveWindow
IsWindowVisible
GetKeyState
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetSysColor
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
InvalidateRect
SetActiveWindow
SetForegroundWindow
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CopyAcceleratorTableA
CharNextA
DestroyMenu
MoveWindow
EqualRect
IsDialogMessageA
UpdateWindow
ShowWindow
GetWindowLongA
SetWindowTextA
LoadStringA
SendMessageA
EnableWindow
GetDlgItem
CopyRect
LoadIconA
GetWindowTextA
DispatchMessageA
PeekMessageA
EnumWindows
GetDlgCtrlID
EndDialog
GetWindowRect
GetDesktopWindow
LoadBitmapA
EndPaint
DrawIcon
GetClientRect
GetSystemMetrics
BeginPaint
IsIconic
SetWindowPos
DialogBoxParamA
CharUpperA
PostQuitMessage
PostMessageA
GetClassInfoA

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreateBitmap
SetWindowExtEx
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
PtVisible
TextOutA
CreateSolidBrush
GetWindowExtEx
GetViewportExtEx
DeleteObject
GetClipBox
SetMapMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
SetTextColor
SetBkMode
GetStockObject
GetObjectA
CreateFontIndirectA
RectVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetFolderPathA

shlwapi

PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CLSIDFromProgID

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10479c0ceaf3831fdfd39a21eab4af3a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 104KB - Virtual size: 104KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 104KB - Virtual size: 104KB