ed2910511eff7a89b30bd182f01a734f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed2910511eff7a89b30bd182f01a734f_JaffaCakes118
Size

580KB
MD5

ed2910511eff7a89b30bd182f01a734f
SHA1

7f7328fadabc772256c91a21449ddc52801b7d57
SHA256

d462459076e00f019e06f2973c07c09ba178c0af85e43bc298298ca3abd0a75b
SHA512

88360df8b672505a46a5f08ac1f2700623e3a158ccc312fb0b966c0b6c002fd4a25d59e69ccf44fe5b8fe93475803c23ca0f80b1f45b1364a3138b0661a21ab9
SSDEEP

12288:q27rFsqlJoP3VvzR8i7XnMkUN2KmX2B9dm4Vg/:r7r3JoP3VvzRjMDcKmX2B9dLV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed2910511eff7a89b30bd182f01a734f_JaffaCakes118

Files

ed2910511eff7a89b30bd182f01a734f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

002e49633ec8a46442e23875ae1cd88f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strcmp
memcpy
fseek
ftell
fread
fopen
fclose
strncpy
strlen
strcat
strcpy
sprintf
strncmp
atoi
_strnicmp
localtime
mktime
gmtime
fabs
ceil
malloc
floor
free
memmove
fmod
sin
cos
abs

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetVersionExA
OpenMutexA
CloseHandle
CreateMutexA
MulDiv
FreeLibrary
HeapFree
LoadLibraryA
GetProcAddress
HeapAlloc
Sleep
GetCurrentProcessId
GetCurrentThreadId
SetFileAttributesA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetDriveTypeA
GetFileAttributesA
CreateDirectoryA
WriteFile
CreateFileA
ReadFile
SetFilePointer
SetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetLocalTime
TlsAlloc
TlsSetValue
GlobalAlloc
GlobalFree

comctl32

InitCommonControls
InitCommonControlsEx

user32

SetTimer
SetForegroundWindow
GetDesktopWindow
GetDC
ReleaseDC
SetClassLongA
InvalidateRect
KillTimer
FindWindowA
GetWindow
GetWindowThreadProcessId
GetClassNameA
GetWindowTextA
EnumDisplaySettingsA
GetSystemMetrics
ShowCursor
DestroyWindow
ShowWindow
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
SendMessageA
MessageBoxA
GetForegroundWindow
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
SetActiveWindow
RemovePropA
UnregisterClassA
DestroyAcceleratorTable
LoadCursorA
RegisterClassA
AdjustWindowRectEx
GetActiveWindow
GetWindowRect
SetPropA
CreateAcceleratorTableA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
IsZoomed
IsIconic
SetWindowPos
GetClientRect
GetMenu
SetCursorPos
LoadImageA
SetCursor
GetWindowLongA
GetParent
MapWindowPoints
MoveWindow
SystemParametersInfoA
GetKeyState
SetCapture
PostMessageA
GetCursorPos
ReleaseCapture
GetPropA
FillRect
EnumChildWindows
DefFrameProcA
SetFocus
GetFocus
IsChild
GetWindowTextLengthA
SetWindowTextA
InflateRect
GetWindowDC
CallWindowProcA
SetWindowLongA
RedrawWindow
GetSysColor
GetSysColorBrush
ScreenToClient
GetIconInfo
UpdateWindow
DrawStateA
ValidateRect
DestroyIcon
CopyImage
CreateIconFromResourceEx
CreateIconFromResource
CharUpperA
CharLowerA
DrawIconEx

gdi32

GetStockObject
CreateSolidBrush
GetDeviceCaps
DeleteObject
CreatePatternBrush
SetBkMode
SetTextColor
CreateDCA
DeleteDC
CreateFontA
ExcludeClipRect
SetBkColor
GetObjectType
GetObjectA
CreateCompatibleDC
SetDIBits
SelectObject
SetStretchBltMode
SetBrushOrgEx
StretchBlt
CreateDIBSection
BitBlt
GdiSetBatchLimit
GdiGetBatchLimit
GetDIBits
CreateBitmap
SetPixel
GetTextExtentPoint32A
SetTextAlign
TextOutA
GetPixel
CreateFontIndirectA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegConnectRegistryA
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

ole32

CoInitialize
CoTaskMemFree
RevokeDragDrop

winmm

timeEndPeriod

Sections

.code
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 488KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

002e49633ec8a46442e23875ae1cd88f

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

advapi32

ole32

winmm

Sections

.code Size: 6KB - Virtual size: 5KB

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 1024B - Virtual size: 936B

.data Size: 488KB - Virtual size: 491KB

.rsrc Size: 3KB - Virtual size: 3KB

.code
Size: 6KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 1024B - Virtual size: 936B

.data
Size: 488KB - Virtual size: 491KB

.rsrc
Size: 3KB - Virtual size: 3KB