JaffaCakes118_f9d3a15503482e1532ff7c3b00cb123a

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_f9d3a15503482e1532ff7c3b00cb123a
Size

5.8MB
MD5

f9d3a15503482e1532ff7c3b00cb123a
SHA1

8dea28d1396fd7d060568b7d466b96ed5a2bf475
SHA256

b9fe7fcddaf7e81ccb94ede654944520b32c62f388e9c951023886c9f1fa6d60
SHA512

8597a46a8a553d48d7522a86192455ae0f1497b41c9769f41004d4ace49e71418792510ea182e28c9dd538f9c5a4fa1109bfc97919ca903b9039aa7b7ca5eadf
SSDEEP

98304:/KwNxYx2OU7LX7yLPP5FKAwUiROH5Hwjl4ecAGMUdaVelHxzINC7:wayDnlqc5H0l43ueJO47

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_f9d3a15503482e1532ff7c3b00cb123a

Files

JaffaCakes118_f9d3a15503482e1532ff7c3b00cb123a
.exe windows:4 windows x86 arch:x86

17d2ee5462f90b50a62ac56c7c1938c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

kernel32

ConnectNamedPipe
TerminateProcess
CreateSemaphoreW
InitializeCriticalSection
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
GetProcessHeap
CreateFileMappingW
GetLocaleInfoW
GetFileAttributesW
IsValidCodePage
GetCurrentDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableW
CreateThread
GetFileType
QueryPerformanceFrequency
GetStringTypeW
SetEvent
lstrcpyW
GetShortPathNameW
OutputDebugStringA
SetFilePointer
InterlockedDecrement
InterlockedCompareExchange
LockFile
WaitForSingleObjectEx
DeleteFileA
GetStringTypeA
ClearCommBreak
CallNamedPipeW
AddAtomW
BackupRead
BackupSeek
BackupWrite
CallNamedPipeA
GetStartupInfoA
VirtualAlloc
VirtualQuery
UnhandledExceptionFilter
GlobalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
FreeLibrary
LocalFree
ReleaseSemaphore
GetTempPathW
FormatMessageA
SetHandleCount
HeapCreate
CreateMutexW
FindResourceExW
LoadLibraryA
GetVersion
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentThreadId
CreateDirectoryW
GetLastError
FindClose
FindFirstFileW
GetCurrentProcess
FormatMessageW
lstrcmpiW
LocalAlloc
GetSystemInfo
GetModuleHandleA
GetVersionExA
WinExec
SetProcessAffinityMask
SetThreadAffinityMask
FreeEnvironmentStringsW
GetLogicalDrives
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadResource
MultiByteToWideChar
Sleep
WaitForSingleObject
ResumeThread
GetVersionExW
CloseHandle
SetStdHandle
GlobalUnlock
lstrcmpW
GlobalDeleteAtom
FreeResource
GetDriveTypeW
WaitNamedPipeW
FindNextFileW
ReadConsoleW
GetCurrentDirectoryW
GetStdHandle
GetACP
GetOEMCP
CreateFileW
UnlockFileEx
ExitProcess
GetCommandLineW
ReleaseMutex
GetStartupInfoW

user32

GetDlgItemTextW
IsDlgButtonChecked
CloseClipboard
ClientToScreen
CheckRadioButton
CallNextHookEx
CallWindowProcW
CheckDlgButton
SetDlgItemTextW
SetDlgItemInt
MoveWindow
SetScrollInfo
GetLastActivePopup
DrawEdge
MapWindowPoints
RemovePropW
SetPropW
GetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
EndPaint
TrackPopupMenuEx
TrackPopupMenu
SetMenu
GetMenu
SetFocus
SetWindowPos
GetClassInfoExW
GetClassInfoW
DefWindowProcW
GetMessageTime
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowLongW
CopyIcon
SetCursor
DrawMenuBar
DestroyWindow
GetClassNameW
IsChild
CreateIconFromResourceEx
SendNotifyMessageW
CreateMenu
EnumChildWindows
EqualRect
LookupIconIdFromDirectoryEx
DrawFocusRect
DrawStateW
GetNextDlgTabItem
GetMessagePos
OffsetRect
SetRect
GetFocus
WaitForInputIdle
WinHelpW
GetKeyState
CopyRect
UnregisterClassW
SetClipboardData
OpenClipboard
SetMenuItemInfoW
GetCursorPos
CopyImage
ReleaseDC
SetTimer
LoadIconW
ValidateRect
WindowFromPoint
WindowFromDC
SendMessageTimeoutW
GetDesktopWindow
GetWindow
MessageBoxW
PostMessageW
GetParent
GetWindowRect
UpdateWindow
DeferWindowPos
LockWindowUpdate
RegisterClassW
ToUnicodeEx
SetActiveWindow
GetClientRect
InvalidateRect
LoadBitmapW
ScreenToClient
FillRect
SetWindowPlacement

gdi32

SetROP2
CreateRectRgn
CreateRectRgnIndirect
TextOutW
Polygon
RoundRect
CreatePen
SetDIBitsToDevice
SetPixelV
GetPixel
ExtTextOutW
RealizePalette
GetStockObject
GetDeviceCaps
SelectObject
SetBkColor
CreateSolidBrush
GetBkColor
SetTextColor
SetGraphicsMode
SetMapMode
SetPolyFillMode
SetTextAlign
EnumMetaFile
ModifyWorldTransform
StartDocW
PolyDraw
ExcludeClipRect
SelectClipPath
MoveToEx
PolyBezierTo
PolylineTo
SetViewportExtEx
SetViewportOrgEx
IntersectClipRect
GetTextExtentPointW
GetNearestColor
CreateHatchBrush
CreateFontIndirectW
CreateDIBSection
CreateFontW
GetClipBox
GetClipRgn
GetObjectType
GetViewportExtEx
GetTextExtentPoint32W
DeleteDC
DeleteObject
RectVisible
RestoreDC
SaveDC
SelectClipRgn
SetBkMode
GetPolyFillMode
GetTextAlign
SelectPalette
Escape

winspool.drv

ClosePrinter
DocumentPropertiesW
GetJobW
OpenPrinterW

advapi32

EnumServicesStatusW
OpenServiceW
QueryServiceConfigW
SetFileSecurityW
GetFileSecurityW
IsTextUnicode
RegEnumKeyW
RegSetValueW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
QueryServiceStatus
RegEnumKeyExW
RegEnumValueW
CloseServiceHandle
LookupPrivilegeValueW
RegSetValueExW
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExA
RegCloseKey
OpenSCManagerW
RegQueryValueExW
RegQueryValueW
RegOpenKeyExA
GetServiceDisplayNameW
RegOpenKeyW

ole32

WriteFmtUserTypeStg
WriteClassStm
StringFromGUID2
StringFromCLSID
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoUninitialize
OleDraw
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
PropVariantCopy
OleInitialize
OleUninitialize
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
CoRegisterClassObject
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
OleCreateLinkToFile
OleCreateFromFile
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleSetMenuDescriptor
StgOpenStorage
StgIsStorageFile
CreateFileMoniker
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleRegGetMiscStatus
OleRegEnumVerbs
CreateGenericComposite
CreateItemMoniker
OleCreate
OleQueryCreateFromData
OleQueryLinkFromData
OleIsRunning
GetRunningObjectTable
CreateOleAdviseHolder
CreateDataAdviseHolder
GetHGlobalFromILockBytes
OleGetIconOfClass
OleSetContainedObject
OleSaveToStream
OleSave
OleLoad
OleCreateFromData
ReadFmtUserTypeStg
OleRun
OleCreateStaticFromData
OleCreateLinkFromData
CoTaskMemFree
CoTaskMemAlloc
OleRegGetUserType
SetConvertStg
ReleaseStgMedium
StgCreateDocfile
OleDuplicateData
CoCreateInstance
CoDisconnectObject
CoFreeUnusedLibraries
CoGetClassObject
CoGetMalloc
CoInitialize

Sections

.text
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Q39b6a
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 30.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ixi0
Size: 642KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17d2ee5462f90b50a62ac56c7c1938c4

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

Sections

.text Size: 420KB - Virtual size: 420KB

.Q39b6a Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 30.1MB

.ixi0 Size: 642KB - Virtual size: 641KB

.rsrc Size: 4.7MB - Virtual size: 4.7MB

.text
Size: 420KB - Virtual size: 420KB

.Q39b6a
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 30.1MB

.ixi0
Size: 642KB - Virtual size: 641KB

.rsrc
Size: 4.7MB - Virtual size: 4.7MB