01d379c0f8ca717c72623eb36980b9bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

01d379c0f8ca717c72623eb36980b9bf_JaffaCakes118
Size

170KB
MD5

01d379c0f8ca717c72623eb36980b9bf
SHA1

8fe41b89abe213ab60ed17d72c9283f274eeb2f0
SHA256

9cd895dbaac82328557e290217c558053703f6374284243a2ba17ef69e4cfba3
SHA512

3dd4bb710231d794204ebe3775f3dcb521c8cffca8227a65075093a9de1c68c819a8652a26b0e06c1058030adc8fdf48c7bf5f456feb2f943d83d2d03c11bfce
SSDEEP

3072:hUxlHpViUS7IuDfZvJZDItW1o2x1dA2se0cRqKkl0d9b/Hn15f:4Grz5IMWqdRd0cRUKd9j7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d379c0f8ca717c72623eb36980b9bf_JaffaCakes118

Files

01d379c0f8ca717c72623eb36980b9bf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0b61554fa47fa97c741fec3c6ffc7ff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
IsDebuggerPresent
GetTickCount
InterlockedCompareExchange
Sleep
InterlockedExchange
TerminateProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
lstrcpyW
GetPrivateProfileSectionW
CloseHandle
OutputDebugStringA
GetProcAddress
lstrcmpiA
GetLastError
GetPrivateProfileIntW
SetProcessAffinityMask
MultiByteToWideChar
GetModuleFileNameW
MulDiv
HeapCreate
GetModuleHandleW
GetStartupInfoA
GetSystemTimeAsFileTime

user32

CheckDlgButton
GetCursorPos
MoveWindow
GetWindow
GetMessagePos
GetSysColor
DefWindowProcA
LoadCursorA
SetClipboardData
EnableWindow
EndDialog
IsWindowVisible
PtInRect
GetDC
DrawFocusRect
GetWindowRgn
EnumWindows
GetDlgItem
EmptyClipboard
ShowWindow
CreatePopupMenu
GetSysColorBrush
IsDlgButtonChecked
GetSystemMetrics
OpenClipboard
DefDlgProcA
ReleaseDC
CreateWindowExA
GetWindowLongA
MessageBoxA
SetWindowLongA
SetRect
GetWindowTextA
GetWindowWord
GetMenu
GetForegroundWindow
EndPaint
CloseClipboard
UpdateLayeredWindow
SetTimer
GetWindowRect
PostQuitMessage
SendDlgItemMessageA
TrackPopupMenu
GetWindowDC
FillRect
GetTopWindow
KillTimer
DrawTextA
GetSubMenu
SetForegroundWindow
CopyImage
GetFocus
GetParent
IsWindowEnabled
CreateMDIWindowA
GetClientRect
SendMessageA
BeginPaint
SetWindowTextA
AppendMenuA
InflateRect

gdi32

GdiFlush
CreateFontIndirectA
GetEnhMetaFilePaletteEntries
CreateFontA
PatBlt
CombineRgn
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateRectRgn
GetDeviceCaps
SelectObject
CreateSolidBrush

comdlg32

GetSaveFileNameA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoInitializeEx

oleaut32

SysAllocString

ws2_32

closesocket
socket
recvfrom
ioctlsocket

msvcp90

??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ
?open@?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXPBDHH@Z

shlwapi

AssocCreate
PathFindExtensionW
PathFindFileNameA

comctl32

ImageList_DragShowNolock

imm32

ImmGetGuideLineA

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory
WTSQuerySessionInformationA

msvcr90

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_mbslen
memset
_snprintf
strchr
strlen
malloc
free
vsprintf

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b61554fa47fa97c741fec3c6ffc7ff9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

ws2_32

msvcp90

shlwapi

comctl32

imm32

wtsapi32

msvcr90

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 47KB - Virtual size: 46KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 47KB - Virtual size: 46KB