ff624abf1022a35de05603d55a8b2788_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ff624abf1022a35de05603d55a8b2788_JaffaCakes118
Size

92KB
MD5

ff624abf1022a35de05603d55a8b2788
SHA1

db7571dac473e1c4f176f0bcd4d0d31327d2f3df
SHA256

10f5f5f6eaea99f7fbfa73a45582361984c53c3116984745cc2d9ebb186f1fd1
SHA512

3396816a8b6149f08cc216978362ed03094a66ce25a383f035b686f9113b6a073a95d3b58b04453745690271b4353d022d5e48f5caf36f004b6388b116fdd4f5
SSDEEP

1536:jNzVEcOZheecfAJXhPcP80MfdcJswsXzpi:xxPOZEecfAJXhPT0udcJswsXzpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff624abf1022a35de05603d55a8b2788_JaffaCakes118

Files

ff624abf1022a35de05603d55a8b2788_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f257df46c13b68d6a44488f94bbcde67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalReAlloc
lstrlenA
ReadFile
GetFileSize
CreateFileA
GetWindowsDirectoryA
LocalFree
LocalSize
WriteFile
SetFilePointer
InitializeCriticalSection
lstrcatA
GetSystemDirectoryA
lstrcpyA
DeleteFileA
lstrcmpiA
HeapAlloc
GetProcessHeap
VirtualProtect
IsBadReadPtr
HeapFree
GetCurrentProcessId
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetCurrentThreadId
GetSystemInfo
GetComputerNameA
GetVersionExA
GetCurrentProcess
CreateThread
OpenEventA
SetErrorMode
MoveFileA
GetModuleFileNameA
FindClose
FindFirstFileA
RemoveDirectoryA
WritePrivateProfileStringA
GetLocalTime
GetTickCount
CancelIo
RaiseException
GetStartupInfoA
GetModuleHandleA
InterlockedExchange
SetEvent
ResetEvent
GetLastError
WaitForSingleObject
CloseHandle
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
Sleep
VirtualFree
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GlobalFree
FreeLibrary

user32

PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
DestroyCursor
GetCursorPos
GetDesktopWindow
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
mouse_event
SetCursorPos
WindowFromPoint
SetCapture
MapVirtualKeyA
SystemParametersInfoA
SendMessageA
LoadCursorA
MessageBoxA
ExitWindowsEx
GetKeyState
GetAsyncKeyState
GetForegroundWindow
GetWindowTextA
wsprintfA
ReleaseDC

advapi32

RegQueryValueExA
RegOpenKeyExA
CloseEventLog
ClearEventLogA
OpenEventLogA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
DeleteService
RegOpenKeyA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegCloseKey

shell32

ShellExecuteA
SHGetSpecialFolderPathA

msvcrt

calloc
strncat
_strrev
_except_handler3
_beginthreadex
realloc
_errno
strchr
free
strcmp
strncmp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strnset
_strnicmp
_stricmp
??1type_info@@UAE@XZ
atoi
strrchr
strcat
putchar
??3@YAXPAX@Z
memcpy
__CxxFrameHandler
_CxxThrowException
memmove
ceil
_ftol
puts
strlen
strstr
memset
??2@YAPAXI@Z
memcmp
rand
strcpy
sprintf
strncpy
malloc

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f257df46c13b68d6a44488f94bbcde67

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 4KB - Virtual size: 84KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 4KB - Virtual size: 84KB