f7fd92e8b16317a7c798742033ce4526_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7fd92e8b16317a7c798742033ce4526_JaffaCakes118
Size

156KB
MD5

f7fd92e8b16317a7c798742033ce4526
SHA1

d51a8cf27153563cbd0a0f3e61db5e6b4242a075
SHA256

104465f67ebe6772def23e15051ff55c055974dfbe2e16968972afca23049bba
SHA512

1e049fb344928cc76cd86ea040eee4ed7ce7ddca0661e1bcc46e032a39e48fda434c0d93d6955a4fc5b13dda85f4ff217add215002c463346fabdd127ca600d5
SSDEEP

3072:I137Rriyqip4+S5j9w7QXdJNl0KFeAuwLeu+rSfva4SX6JE/olx/:IjFq04+69w7QXdJrDKu6WpSX6y0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7fd92e8b16317a7c798742033ce4526_JaffaCakes118

Files

f7fd92e8b16317a7c798742033ce4526_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files\Beqire.pdb

Imports

user32

AppendMenuA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
SetForegroundWindow
CheckRadioButton
SendDlgItemMessageA
IsClipboardFormatAvailable
SendMessageA
DestroyWindow
SetClipboardData
GetClientRect
GetWindowThreadProcessId
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
IsDialogMessageA
GetActiveWindow
SystemParametersInfoA
GetWindowRect
DialogBoxIndirectParamA
CreatePopupMenu
GetSysColorBrush
DispatchMessageA
GetForegroundWindow
CreateDialogIndirectParamA

gdi32

RestoreDC
SaveDC
ExtTextOutA
CreateFontIndirectA
StartDocA
StartPage
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
SelectObject
Rectangle

winspool.drv

SetFormA
ScheduleJob
ResetPrinterA
OpenPrinterA
GetPrintProcessorDirectoryA
GetJobA
EnumPrinterDriversA
EnumPrinterDataA
EnumPrinterDataExA
DeletePrinter
DeletePrintProvidorA
DeletePrintProcessorA
DeletePortA

mprapi

MprAdminInterfaceConnect
MprInfoCreate
MprInfoBlockSet
MprInfoBlockRemove
MprInfoBlockQuerySize
MprInfoBlockFind
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminMIBEntryCreate
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceTransportAdd
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials

odbc32

ord154
ord58
ord59
ord72
ord24
ord26
ord28
ord135
ord136
ord37
ord138
ord139
ord173
ord74

kernel32

SetConsoleCtrlHandler
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
QueryPerformanceCounter
IsBadReadPtr
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
VerLanguageNameA
SetTapePosition
RemoveDirectoryA
GetCurrentThreadId
SetFileAttributesA
CreateProcessA
GetProcAddress

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

winspool.drv

mprapi

odbc32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 64KB - Virtual size: 721KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 64KB - Virtual size: 721KB

.reloc
Size: 8KB - Virtual size: 5KB