JaffaCakes118_68be8b7ab3e3c0b6253d61d37692a602

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_68be8b7ab3e3c0b6253d61d37692a602
Size

1.2MB
MD5

68be8b7ab3e3c0b6253d61d37692a602
SHA1

13100f91c97761c0166f55d90ed647658bc11ac7
SHA256

28a467606a9a55bb1dc6b296cf5ec0916c53fee7fdb843d34b4929c5e806678d
SHA512

6fc5e0f4c89edaaf6c60a347cea0c15dff838f5db73997ea627c146926af5238d7bbe8d63472f611c7fcf383f7e16123bd4878fd6ddffdadfe51c050dad67523
SSDEEP

24576:FsNVVfbEzNuK3kl721nJeWqn0Wrn6p/+QlNW9YqWOl1Ecflu11lT:ONVVfbEK723eWqXn6koqWOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_68be8b7ab3e3c0b6253d61d37692a602

Files

JaffaCakes118_68be8b7ab3e3c0b6253d61d37692a602
.exe windows:4 windows x86 arch:x86

c63bb0c8a92e89d095509f6df387cab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsTextUnicode
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegCloseKey
GetUserNameA

winspool.drv

GetPrinterA
ClosePrinter
GetPrinterDriverDirectoryA
StartDocPrinterA
EndDocPrinter
OpenPrinterA
WritePrinter
GetPrinterDataA
GetJobA

gdi32

GetGlyphOutlineW
RemoveFontResourceA
AddFontResourceA
GetTextExtentPoint32W
CreateScalableFontResourceA
DeleteObject
DeleteDC
SetBkColor
BitBlt
CreatePatternBrush
GetTextMetricsW
GetDeviceCaps
CreateCompatibleDC
GetObjectA
GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetGlyphOutlineA
DPtoLP
CreateBitmap
SelectObject
ExtCreatePen
GetCurrentObject
StrokePath
FillPath
MaskBlt
GetROP2
GetBkColor
GetBkMode
CreateCompatibleBitmap
SetDIBits
SetRectRgn
ExtCreateRegion
CombineRgn
GetWindowOrgEx
GetViewportOrgEx
GetViewportExtEx
CreateRectRgn
SaveDC
RestoreDC
CreatePen
SelectClipRgn
StretchDIBits
StretchBlt
PolyBezier
Arc
Ellipse
StrokeAndFillPath
CreateFontIndirectW
TextOutW
CreateSolidBrush
CreateDIBPatternBrushPt
CreateBrushIndirect
GetDIBits
SetBrushOrgEx
CreatePenIndirect
LPtoDP
SetBkMode
SetTextColor
SetROP2
SetStretchBltMode
SetGraphicsMode
CreateDIBSection
SetWindowOrgEx
SetViewportOrgEx
SetMapMode
SetBoundsRect
SetTextAlign
PatBlt
MoveToEx
Rectangle
LineTo
GetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
GetTextMetricsA
ExtTextOutA
EndPath
BeginPath
ExtTextOutW
SetPixel
Polyline
Chord
Pie
Polygon
GetStockObject
GdiFlush
CreateDIBitmap
SetPolyFillMode
TextOutA

user32

LoadBitmapA
GetMessageA
DispatchMessageA
DestroyWindow
LoadStringA
SetWindowTextA
GetDlgItem
EnableWindow
ShowWindow
SendMessageA
SendDlgItemMessageA
GetDesktopWindow
GetWindowRect
SetWindowPos
MessageBoxA
EndDialog
DialogBoxParamA
SetWindowLongA
PostQuitMessage
MsgWaitForMultipleObjects
CreateWindowExA
RegisterWindowMessageA
IntersectRect
RegisterClassA
TranslateMessage
wsprintfA
UnionRect
UnregisterClassA
PostThreadMessageA
IsRectEmpty
GetWindowLongA
DefWindowProcA
SetRect
CopyRect
SetRectEmpty

kernel32

WinExec
lstrcatA
GetSystemDirectoryA
GetFileAttributesA
lstrcpyA
lstrcpyW
WideCharToMultiByte
GlobalFree
IsDBCSLeadByte
lstrlenW
GlobalAlloc
GetFileType
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenEventA
ReleaseSemaphore
Sleep
RaiseException
RtlUnwind
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
ResumeThread
TlsSetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapSize
SetUnhandledExceptionFilter
IsBadReadPtr
EnterCriticalSection
GetComputerNameA
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapDestroy
ReleaseMutex
VirtualFree
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteCriticalSection
InitializeCriticalSection
CreateSemaphoreA
GetModuleFileNameA
LoadLibraryExA
GetStdHandle
GetHandleInformation
CreateEventA
WaitForSingleObject
CreateThread
LoadLibraryA
GetProcAddress
TlsAlloc
GlobalMemoryStatus
CloseHandle
CreateMutexA
WaitForMultipleObjects
FreeLibrary
GetCurrentThreadId
GetTempPathA
LocalAlloc
LocalFree
FindFirstFileA
GetLastError
ReadFile
lstrcpynA
FindClose
lstrlenA
MultiByteToWideChar
GetFileSize
GetSystemTime
WriteFile
CreateFileA
SetFilePointer
GetVersionExA
FlushFileBuffers
DeleteFileA
SetLastError
OutputDebugStringA
TlsGetValue
GlobalUnlock
GlobalLock
HeapCreate
GetLocalTime
SizeofResource
LockResource
LoadResource
FindResourceA

ole32

StringFromCLSID
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SafeArrayCreate
SysAllocString
SafeArrayPutElement
SysAllocStringLen
SysStringLen
SysFreeString
SafeArrayDestroy
VariantInit

Exports

Exports

HTCBGetHPRaster
HTCBGetIndexColor
HTCBGetInputRaster24
HTCBGetInputRaster32
HTCBGetInputRasterBGR24
HTCBGetInputRasterChunkyRow
HTCBGetInputRasterIndex8
HTCBRestoreData
HTCBSaveData
HTCBSendHPRaster
HTCBSendRasterMayYield

Sections

.text
Size: 392KB - Virtual size: 391KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 752KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c63bb0c8a92e89d095509f6df387cab6

Headers

File Characteristics

Imports

advapi32

winspool.drv

gdi32

user32

kernel32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 392KB - Virtual size: 391KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 32KB - Virtual size: 39KB

.rsrc Size: 752KB - Virtual size: 2.5MB

.text
Size: 392KB - Virtual size: 391KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 32KB - Virtual size: 39KB

.rsrc
Size: 752KB - Virtual size: 2.5MB