5b9e2e42a9ee46436122a6b0bf35d8cc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5b9e2e42a9ee46436122a6b0bf35d8cc_JaffaCakes118
Size

501KB
MD5

5b9e2e42a9ee46436122a6b0bf35d8cc
SHA1

cd5ec0747f4f8f79a80147e9fc1443d31e3c8436
SHA256

3056edbcd581e7cc1ad76d8aee7f40d9b66c4b2b34a1440795cef66bf5744f06
SHA512

fc604d8f304714087a9e3e17b200d98800e6790fafcff68a090b155312c8e04e4b726d4685aefe9c966a5eb8a24058e1dfac435d8f207854e586cbc1d8a9d3ac
SSDEEP

6144:pnJn6bBTE7vD+47XDfrqA/5vQiwmgSgxi2n+jmZt6CWfMN8WSo8Jbdp83hnEBVei:oiwmgZcUyfMN8WBhjxSpTrfl0O6KsrW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9e2e42a9ee46436122a6b0bf35d8cc_JaffaCakes118

Files

5b9e2e42a9ee46436122a6b0bf35d8cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

288672eed35222601dfa4314842edc44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcsncpy
log10
memcpy
fopen
fseek
fclose
_wfopen
wcslen
wcscpy
wcscat
wcscmp
memmove
_CIacos
floor
ceil
_CIpow
fread
longjmp
_setjmp3
_wcsicmp
_wcsnicmp
wcsncmp
_itow
localtime
mktime
gmtime
fabs
malloc
free
sqrt
atan2
fmod
abs
sin
cos
setlocale
swscanf
wcsstr
_wcsdup
_isnan
frexp
modf
__p__iob
fprintf
atof
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetUserDefaultLangID
GetProfileStringW
GetCurrentProcess
CloseHandle
CreateSemaphoreW
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageW
GetDiskFreeSpaceExW
GetShortPathNameW
GetVolumeInformationW
LocalFileTimeToFileTime
SystemTimeToFileTime
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
GetVersionExW
LoadLibraryW
GetProcAddress
DeleteCriticalSection
CreateThread
GetCurrentThreadId
Sleep
FreeLibrary
HeapAlloc
HeapFree
CreateFileW
GetFileSize
ReadFile
GetCurrentProcessId
GetCommandLineW
GetModuleFileNameW
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
TlsAlloc
TlsSetValue
GetTickCount
TlsGetValue
GetVersionExA
MulDiv
SetCurrentDirectoryW
DeleteFileW
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
CreateDirectoryW
FindNextFileW
SetFileAttributesW
RemoveDirectoryW
WriteFile
SetFilePointer
HeapReAlloc
MultiByteToWideChar
WideCharToMultiByte
LoadLibraryA
SetLastError
GetLocalTime
GlobalAlloc
GlobalFree
HeapSize
TlsFree
lstrlenA
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

user32

GetSysColor
RegisterWindowMessageW
SetForegroundWindow
SendMessageW
FlashWindow
GetSystemMetrics
SetLayeredWindowAttributes
GetWindowLongW
SetWindowLongW
GetClipCursor
ClientToScreen
ClipCursor
GetSubMenu
RemoveMenu
InsertMenuItemW
SetMenuItemInfoW
GetDesktopWindow
GetDC
ReleaseDC
SetRect
DrawTextW
UpdateLayeredWindow
RedrawWindow
LoadCursorW
SetCursor
AnimateWindow
InvalidateRect
ShowCursor
SetClassLongW
SystemParametersInfoW
GetWindowRect
SetWindowPos
BringWindowToTop
DrawIconEx
GetClientRect
GetComboBoxInfo
GetCursorInfo
GetForegroundWindow
GetIconInfo
GetLastInputInfo
GetPropW
GetScrollInfo
GetWindowInfo
GetWindowTextW
IsWindow
SetCursorPos
SetParent
SetWindowRgn
ShowScrollBar
mouse_event
DestroyWindow
GetParent
SetPropW
DestroyIcon
CreateIconIndirect
BeginPaint
EndPaint
DefWindowProcW
LoadIconW
RegisterClassExW
CreateWindowExW
MessageBoxW
EnableWindow
GetWindowTextLengthW
UnregisterClassW
IsWindowEnabled
SetFocus
CreateAcceleratorTableW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyAcceleratorTable
GetWindowThreadProcessId
IsWindowVisible
GetWindowLongA
EnumWindows
SetMenu
DestroyMenu
GetPropA
GetMenu
CallWindowProcA
CreateMenu
SetWindowLongA
SetPropA
AppendMenuW
GetMenuItemInfoW
CreatePopupMenu
TrackPopupMenu
GetCursorPos
EnumDisplaySettingsW
MapWindowPoints
GetWindow
GetDlgCtrlID
GetClassNameW
CallWindowProcW
ShowWindow
ScreenToClient
GetUpdateRect
IntersectRect
ValidateRect
RemovePropW
MoveWindow
SetWindowTextW
GetSysColorBrush
UpdateWindow
DrawStateW
GetFocus
FrameRect
DrawFocusRect
SendMessageA
ReleaseCapture
SetCapture
InflateRect
GetWindowDC
FillRect
PeekMessageW
EnumPropsExW
RemovePropA
DefWindowProcA
DrawFrameControl
SetActiveWindow
AdjustWindowRectEx
RegisterClassW
GetActiveWindow
MsgWaitForMultipleObjects
SetTimer
IsZoomed
IsIconic
KillTimer
EnumChildWindows
PostMessageW
DefFrameProcW
IsChild
GetKeyState
LoadImageW
RegisterClassA
CreateWindowExA
RegisterWindowMessageA
PostMessageA
CreateIconFromResourceEx
CreateIconFromResource
CharLowerW
CharUpperW

gdi32

DeleteObject
GetObjectW
CreateFontIndirectW
BitBlt
GetDIBits
SetDIBits
AddFontMemResourceEx
CreateEllipticRgn
CreateRectRgn
CreateRoundRectRgn
GetDeviceCaps
SetDeviceGammaRamp
GetObjectType
GetStockObject
CreateDCW
CreateFontW
DeleteDC
SetBkMode
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateBrushIndirect
SetTextColor
SetBkColor
SelectClipRgn
ExcludeClipRect
StretchBlt
CreateSolidBrush
CreatePen
MoveToEx
LineTo
CreateDIBSection
GetObjectA
CreateRectRgnIndirect
GetClipRgn
ExtSelectClipRgn
CreateBitmap
SetPixel
GdiSetBatchLimit
GdiGetBatchLimit
SetStretchBltMode
SetBrushOrgEx
SetTextAlign
SetPixelV
Rectangle
RoundRect
Ellipse
SetROP2
SelectPalette
RealizePalette
StretchDIBits
TextOutW
GetPixel
ExtFloodFill
GetTextExtentPoint32W
GetTextMetricsW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
RegCreateKeyW
RegDeleteValueW
RegOpenKeyW
RegSetValueExW

comctl32

ImageList_SetIconSize
InitCommonControlsEx
ImageList_Destroy
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon
ImageList_Remove
ImageList_AddMasked
ImageList_GetIconSize

shell32

SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteExW

ole32

CoInitialize
CoTaskMemFree
CoUninitialize
CoCreateInstance
RevokeDragDrop

winmm

mciSendStringW
timeBeginPeriod
timeEndPeriod

Sections

.code
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

288672eed35222601dfa4314842edc44

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

comctl32

shell32

ole32

winmm

Sections

.code Size: 111KB - Virtual size: 110KB

.text Size: 213KB - Virtual size: 213KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 60KB - Virtual size: 70KB

.rsrc Size: 89KB - Virtual size: 88KB

.code
Size: 111KB - Virtual size: 110KB

.text
Size: 213KB - Virtual size: 213KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 60KB - Virtual size: 70KB

.rsrc
Size: 89KB - Virtual size: 88KB