f0a5da1e0b928c759354a24cb675f671_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0a5da1e0b928c759354a24cb675f671_JaffaCakes118
Size

145KB
MD5

f0a5da1e0b928c759354a24cb675f671
SHA1

8a2a810f3cdcc3c801853196e21a7f2053e7f647
SHA256

36d3b8cabf9032695352fd68a9daf16df8a55673160d6d9f7c361d3bc38cdc07
SHA512

62ca4bcdc88aa2c3724ce6f49bb4bbad424d9a7b387d225830c32100f72a7aca9a471170253c37b930ab59a9867f6ea6499798c4ce63fb65ba4314ed782bfce7
SSDEEP

3072:K6zrJGkuJZ4F1/YLCK1KUODcP99SnyFkdfSzaO:Oo6mzUOD4kyF2fSP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0a5da1e0b928c759354a24cb675f671_JaffaCakes118

Files

f0a5da1e0b928c759354a24cb675f671_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1227be7b36b139d29391f9daf01f9df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
LoadLibraryA
GetProcAddress
FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
CreateEventA
CreateEventW
SetEvent
ResetEvent
TlsAlloc
TlsGetValue
TlsFree
LocalFileTimeToFileTime
GetFileAttributesA
GetFullPathNameA
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
FindFirstFileA
FindNextFileA
FindClose
WriteConsoleA
CreateFileW
ReadFile
CloseHandle
GetCommandLineW
ExitProcess
SetThreadLocale
GetUserDefaultLangID
QueryPerformanceCounter
InterlockedDecrement
lstrcmpA
SetHandleCount
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetDriveTypeA
UnhandledExceptionFilter
GetVersion
TlsSetValue
GetPrivateProfileStringA
CreateFileA
WriteFile
GetFileSize
SetEndOfFile
lstrcatA
FindFirstFileW
FindNextFileW
UnmapViewOfFile
MapViewOfFile
GlobalReAlloc
GetConsoleOutputCP
SetFileAttributesW
SetFileAttributesA
WaitForMultipleObjects
lstrcpyA
LCMapStringW
GetSystemDefaultLCID
GetModuleHandleW
RtlUnwind
GetCommandLineA
CreateDirectoryA
IsBadCodePtr
GetFileAttributesW
GetACP
CreateThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
ExitThread
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
GlobalAlloc
InterlockedIncrement
GetModuleHandleA
CreateMutexA
ReleaseMutex
OpenMutexA
GetExitCodeThread
TerminateThread
DeleteFileW
VirtualProtect
ExpandEnvironmentStringsA
IsBadWritePtr
GetStringTypeA
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsA
VirtualFree
GetLastError
GetEnvironmentStringsW
GlobalHandle
WideCharToMultiByte
GetExitCodeProcess
OpenProcess
GlobalLock
CompareFileTime
GetStartupInfoA
GetTempPathW
SetUnhandledExceptionFilter
lstrlenA
lstrlenW
GetLocaleInfoA
GetStartupInfoW
GetTimeZoneInformation
GetCurrentThread
IsBadReadPtr
GetDiskFreeSpaceA
GetStringTypeW
DisableThreadLibraryCalls
VirtualAlloc

msvcrt

_fstat
_lock
malloc
qsort
_assert
_iob
ftell
fclose
__setusermatherr
_strcmpi
rename
_errno
strtoul
cos
_ftol
__initenv
wcsstr
_isctype
atoi
fwrite
_wcslwr
strerror
__pioinfo
vsprintf
srand
_purecall
_umask
swprintf
setlocale
strncpy
_getpid
_mkdir
strlen
_CIsqrt
_onexit
_exit
iswctype
_acmdln
rewind
isdigit
_vsnprintf
wcscmp
localeconv
memset
memmove
strcat
_chmod
clearerr
_CIpow
_wcsupr
_except_handler3
strcspn
_open_osfhandle
_stat
_wfopen
sin
_strlwr
_fdopen
_snwprintf
__p__environ
_strnicmp
_lseek
_flsbuf
_c_exit
_cexit
_pipe
wcstoul
_strdup
putchar
fread
__set_app_type
strstr
__CxxFrameHandler
fgets
getenv
_mbsicmp
wcstombs
_unlock
strpbrk
longjmp
_setmode
wcstol
pow
_get_osfhandle
strrchr
memcpy
__lc_codepage
fsetpos
wcsncpy
_lseeki64
realloc
_osver
_kbhit
tolower
strchr
_snprintf
_mbsrchr
_pctype
_mktemp
__badioinfo
puts
_isatty
time
fgetc
calloc
_initterm
toupper
_open
fgetpos
floor
wcscat
fputc
__dllonexit
_close
perror
_wcsicmp
_wtoi
strtok
exit
_getcwd
strtol
_amsg_exit
swscanf
ceil
fflush
bsearch
_dup2
__p___initenv
_unlink
sqrt
isspace
strncmp
_adjust_fdiv
_wcsnicmp
_filelengthi64
_read
sprintf
_ultoa
localtime
strcmp
isleadbyte
_dup
atexit
_XcptFilter
iswdigit
memchr
atof
atol
abort
_write
wctomb
_fileno
remove
_stricmp
__p__fmode
_beginthreadex
strspn
__p__commode
fopen
memcmp
strncat
_setjmp3
wcsncmp
fputs
_vsnwprintf
wcschr
isxdigit
towlower
printf
__getmainargs
_putenv
_mbscmp
signal
_wtol
ctime
_filbuf
wcscspn
towupper
_itow
_fullpath
sscanf
free
ungetc
fseek
_setjmp
_itoa
clock
wcsrchr
wcslen
log
_ismbblead
__mb_cur_max

user32

ReleaseDC
CharNextA
DrawEdge
IntersectRect
PostMessageA
MessageBoxA
GetWindowRect
ShowOwnedPopups
GetKeyboardType
SetForegroundWindow
CharLowerA
TranslateMessage
SendDlgItemMessageA
GetTopWindow
GetWindowTextA
SetCursor
SetScrollInfo
IsDialogMessageA
LoadBitmapA
LoadIconA
GetScrollPos
LoadStringA
GetDesktopWindow
TrackPopupMenu
FillRect
CreateMenu
MessageBeep
DestroyIcon
SetScrollPos
InsertMenuA
SetWindowTextA
RemoveMenu
ClientToScreen
CheckMenuItem
CallWindowProcA
DrawIcon
KillTimer
GetSysColor
GetClientRect
OffsetRect
GetWindowThreadProcessId
UnregisterClassA
GetMenuState
DestroyMenu
DestroyWindow
GetActiveWindow
InflateRect
WindowFromPoint
EndPaint
BeginPaint
GetDC
SetRect
DispatchMessageA
GetClassInfoA
PtInRect
GetWindowDC
GetDCEx
SetWindowsHookExA
GetMessageA
IsIconic
EqualRect
EnumWindows
GetMenuItemID
GetMenu
SetFocus
WinHelpA
SetWindowPlacement
SetWindowPos
SetClassLongA
DrawMenuBar
GetMessagePos
GetScrollRange
IsWindowEnabled
SetScrollRange
UpdateWindow
GetFocus
RemovePropA
EndDialog
GetPropA
OpenClipboard
CreatePopupMenu
EnableMenuItem
WaitMessage
SetCapture
GetWindowLongA
GetIconInfo
GetKeyState
RegisterClipboardFormatA
IsWindow
ScrollWindow
GetWindow
ScreenToClient
DrawTextA
SetPropA
GetWindowPlacement
PostQuitMessage
IsWindowVisible
ReleaseCapture
GetCapture
SetClipboardData
GetForegroundWindow
InsertMenuItemA
GetDlgItem
SetWindowLongA
PeekMessageA
CloseClipboard
DrawIconEx
EnumThreadWindows
LoadCursorA
DialogBoxParamA
GetScrollInfo
GetSysColorBrush
wsprintfA
RegisterWindowMessageA
IsRectEmpty
GetLastActivePopup
CreateWindowExA
IsZoomed
GetSystemMenu
SystemParametersInfoA
DeleteMenu
RedrawWindow
GetMenuItemCount
ShowWindow
GetClassNameA
FindWindowA
DestroyCursor
GetSubMenu
UnhookWindowsHookEx
GetCursorPos
CallNextHookEx
SetTimer
RegisterClassA
IsChild
EmptyClipboard
GetParent
MapWindowPoints
InvalidateRect
SendMessageA
GetMenuStringA

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1227be7b36b139d29391f9daf01f9df

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 1024B - Virtual size: 4KB