02327f84acf28bf4ea2c07cb09772f21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02327f84acf28bf4ea2c07cb09772f21_JaffaCakes118
Size

149KB
MD5

02327f84acf28bf4ea2c07cb09772f21
SHA1

c2bf2a311f80513fea0700152735ad59a7a3dc6d
SHA256

32d9d31468d97a5e14214ea3e099bfc9234f740c8e46ffd33a45a7938e8d5041
SHA512

ffc75d6137822b0876aa7bbbf119a6898808dd73b7ce22d3bdb0f217915614f678836123ad94b39e59f9755561b37912a1bef6c29deffb5b8f70339b43fb94ff
SSDEEP

3072:Difptzr7mtXASw4ktigNX4CuREP6llOq9QrMxE/HOqQbeCc0m:DifpR7Yfw4kNNocclKzZQHc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02327f84acf28bf4ea2c07cb09772f21_JaffaCakes118

Files

02327f84acf28bf4ea2c07cb09772f21_JaffaCakes118
.exe windows:4 windows x86 arch:x86

815a67522e74b1eb9a6f590c68a9e08f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VirtualAlloc
FlushFileBuffers
FreeEnvironmentStringsA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FindFirstFileA
FindNextFileA
FindClose
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
MulDiv
QueryPerformanceCounter
CreateEventA
CreateEventW
SetEvent
ResetEvent
GetFileAttributesA
SetThreadLocale
RaiseException
CreateThread
GetCurrentThreadId
ResumeThread
SetThreadPriority
GetExitCodeThread
ExitThread
TerminateThread
MultiByteToWideChar
LocalFileTimeToFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileW
ReadFile
CloseHandle
CompareStringW
EnumCalendarInfoA
IsBadReadPtr
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
WriteFile
GetFileSize
SetEndOfFile
GetFileType
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FindResourceW
InterlockedCompareExchange
RemoveDirectoryA
CreateFileA
OpenProcess
GetTempPathW
SetLastError
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetSystemDefaultLCID
GetUserDefaultLangID
GetLocaleInfoW
GetCurrentThread
SetHandleCount
GetTickCount
GetCommandLineW
WritePrivateProfileStringA
CreateDirectoryA
FileTimeToDosDateTime
LocalAlloc
GetWindowsDirectoryA
LCMapStringW
LCMapStringA
lstrcmpiA
WaitForMultipleObjects
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadCodePtr
GetFileAttributesW
WideCharToMultiByte
DeviceIoControl
GetStringTypeExA
GetModuleFileNameA
ExpandEnvironmentStringsA
FileTimeToSystemTime
SetFileAttributesA
TerminateProcess
GetVersion
GetSystemTimeAsFileTime
lstrcatA
VirtualQuery
FindFirstFileW
FindNextFileW
WriteConsoleA
GetThreadLocale
InterlockedDecrement
GlobalHandle
InterlockedExchange
GlobalAlloc
GetVersionExW
SystemTimeToFileTime
CreateMutexA
ReleaseMutex
GetSystemTime
GetCurrentDirectoryA
GetTimeZoneInformation
GetUserDefaultLCID
GetEnvironmentStringsW
CompareStringA
CreateFileMappingA
CompareFileTime
GetLocaleInfoA
GetCurrentProcess
GetLocalTime
GetConsoleMode
lstrlenW
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
IsDBCSLeadByte
SetFileAttributesW
DeleteFileW
FileTimeToLocalFileTime
ExitProcess
GetModuleHandleW
GlobalLock
OpenMutexA
GetCommandLineA
GetStdHandle
GetModuleFileNameW

msvcrt

strerror
iswctype
wcschr
pow
memcpy
strtok
vsprintf
_isctype
_strnicmp
_CIsqrt
_fstat
_strcmpi
strncpy
_vsnprintf
_setjmp3
wcstoul
fwrite
_itow
_wtol
_onexit
strncmp
_CIpow
_wtoi
strcmp
memset
rename
log
exit
_mktemp
_filelengthi64
_iob
_mbsrchr
printf
_putenv
cos
iswspace
_filbuf
_stricmp
wcsncmp
getenv
perror
_snwprintf
srand
rewind
sprintf
gmtime
abort
_mkdir
_read
_unlink
_fileno
strcat
_flsbuf
__p__fmode
_setmode
fgetc
isxdigit
fgets
fputs
wcscspn
isspace
_wfopen
strcpy
_vsnwprintf
_wcsicmp
__p__environ
_open_osfhandle
_open
swprintf
memmove
wctomb
_umask
wcscmp
_strlwr
_lseeki64
_initterm
_dup
strstr
localeconv
fseek
signal
wcsncpy
_amsg_exit
_getcwd
strrchr
putchar
fgetpos
localtime
malloc
_adjust_fdiv
_pipe
sscanf
_controlfp
memchr
_errno
_getpid
_itoa
towupper
fflush
setlocale
__set_app_type
_cexit
__badioinfo
_lock
fclose
_mbsicmp
_dup2
wcsrchr
__pioinfo
_osver
ungetc
_getch
remove
__p__commode
_mbscmp
__CxxFrameHandler
floor
atexit
fread
realloc
__mb_cur_max
_ftol
ctime
_assert
__dllonexit
towlower
_exit
rand
free
atof
_wcsupr
__setusermatherr
iswdigit
_unlock
strtol
__p___initenv
_pctype
swscanf
wcstombs
_c_exit
sin
_ultoa
_isatty
wcscat
_wcslwr
clearerr
calloc
fputc
isdigit
_utime
_get_osfhandle
_fdopen
wcslen
strchr
__getmainargs
longjmp
qsort
clock
ceil
_kbhit
time
strtoul
sqrt
__lc_codepage
_chmod
puts
ftell
__initenv
_stat
_write
toupper
wcstol
fsetpos
atol
_purecall
strcspn
_setjmp
_ismbblead
_strdup
_beginthreadex
_lseek
strlen
fopen
strspn
fprintf
wcsstr
tolower
_acmdln
atoi
_wcsnicmp
_close
strncat
_XcptFilter
bsearch

user32

CharNextA
CreatePopupMenu
MapWindowPoints
GetCursorPos
GetMenuState
GetWindowTextA
GetMenu
UnregisterClassA
LoadIconA
UnhookWindowsHookEx
GetSystemMetrics
LoadCursorA
IsWindowEnabled
SetWindowPos
ReleaseCapture
DefWindowProcA
GetSysColor
SendDlgItemMessageA
PostQuitMessage
IsIconic
GetMessageA
SetActiveWindow
GetActiveWindow
SetScrollPos
PostMessageA
GetClassInfoA
SetFocus
SetPropA
ClientToScreen
DispatchMessageA
GetWindowRect
SystemParametersInfoA
EndDialog
DestroyMenu
GetPropA
OemToCharA
GetCapture
DrawTextA
GetKeyState
LoadStringA
DrawMenuBar
SetScrollRange
OpenClipboard
GetMenuStringA
IsChild
GetClassNameA
CreateMenu
DestroyCursor
CloseClipboard
InsertMenuA
EmptyClipboard
GetDC
SetWindowLongA
GetIconInfo
FillRect
GetWindow
InflateRect
SetClipboardData
FrameRect
RemoveMenu
GetScrollRange
SetRect
WinHelpA
SetMenu
RegisterClassA
CharLowerA
UpdateWindow
GetWindowLongA
FindWindowA
TrackPopupMenu
GetSystemMenu
RedrawWindow
RegisterWindowMessageA
CallWindowProcA
EndPaint
SetCapture
SetTimer
GetWindowDC
SetForegroundWindow
DeleteMenu
RemovePropA
GetSubMenu
TranslateMessage
GetDlgItem
EnableMenuItem
AdjustWindowRectEx
wsprintfA
GetFocus
IsWindowVisible
DestroyIcon
GetSysColorBrush
GetKeyboardType
GetScrollPos
EnumThreadWindows
MessageBoxA
CallNextHookEx
ShowCursor
ScrollWindow
GetDesktopWindow
BeginPaint
InsertMenuItemA
DrawEdge
GetScrollInfo
GetMenuItemID
IsDialogMessageA
EnableWindow
ShowWindow
SetWindowTextA
PeekMessageA
WindowFromPoint
GetMenuItemCount
ScreenToClient
SetCursor
SetClassLongA
OffsetRect
RegisterClipboardFormatA
WaitMessage
GetWindowThreadProcessId
GetWindowPlacement
SetWindowsHookExA
IsZoomed
DrawIcon
SendMessageA
CreateWindowExA
GetParent
ReleaseDC
GetTopWindow
SetWindowPlacement
MessageBeep
IsWindow
IsRectEmpty
KillTimer
SetScrollInfo
GetClientRect
EnumWindows
CheckMenuItem
GetLastActivePopup
GetForegroundWindow
GetDCEx
DestroyWindow

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

815a67522e74b1eb9a6f590c68a9e08f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 4KB