0371bf97d7414b93953362af2c991371_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0371bf97d7414b93953362af2c991371_JaffaCakes118
Size

204KB
MD5

0371bf97d7414b93953362af2c991371
SHA1

965094ed423a1084a00ed8813c46d4420a8e4ebf
SHA256

95f41f0f6dbaf29911d08d1bf251b6a7522237e73d15a63bb5b99450ff59203d
SHA512

dceb9cdcd377644b5445435ae66e307a58bceae6a08cdd5f2cdb313c19e1f29a0a434f2724ae5e4dc0c8b9b4710935af800296a59c4b2a3f8fa3da63af18d58c
SSDEEP

3072:V8gM1tV1BMBW6sdRtWfoH+eiQ11kvazpIDQ6TsUBeF1FYA:V8lDVg6ddzz3UBeF4A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0371bf97d7414b93953362af2c991371_JaffaCakes118

Files

0371bf97d7414b93953362af2c991371_JaffaCakes118
.exe windows:1 windows x86 arch:x86

91a0060223f236430eeef20e6b54266d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_aligned_offset_malloc
_wchdir
_winmajor
_ismbcupper
_fgetchar
_heapwalk
_wstrtime
_copysign
_wexecvpe
cosh
_onexit
_cscanf
exit
_ismbslead
_isatty
_mbsnbcnt
_beginthread
_wasctime
_exit
vsprintf
_fmode
_ultoa
_execvp
_ctime64
strtol
__setusermatherr
_wfindnexti64
_unloaddll
_wcmdln
tolower
_longjmpex
_wutime64
_fileinfo
_except_handler3
_chkesp
_XcptFilter
iswgraph
_mbsicoll
isalpha
rand
wcspbrk
remove
_wstat64
_strlwr
_controlfp
_mbsnbicmp
_adjust_fdiv
_wputenv
wscanf
__getmainargs
_lrotr
_write
putc
_wpopen
_ismbbkana
__p__commode
putwchar
_snscanf
_wexecve
_adj_fdivr_m16i
iswascii
_ftol
_mbsnbset
_dstbias
_acmdln
strcspn
iswspace
_wstat
_getcwd
_ftime
_spawnvpe
_statusfp
abs
_mbclen
_heapmin
_cexit
strxfrm
memcpy
_execl
_mktime64
_pctype
__p__fmode
fprintf
time
_wfindfirst64
__set_app_type
vswprintf
vwprintf
_lock
_findfirst
getwchar
_initterm
iswprint

kernel32

TerminateThread
GetTickCount
RtlUnwind
GetTimeFormatA
TlsAlloc
HeapAlloc
FileTimeToSystemTime
GetStringTypeA
SizeofResource
ReadFile
DuplicateHandle
CreateFileMappingA
GetCurrentProcessId
GetSystemDirectoryA
VirtualFree
ExpandEnvironmentStringsA
FreeLibrary
PulseEvent
ReadProcessMemory
lstrcmpiA
WaitForMultipleObjects
SetThreadAffinityMask
GlobalLock
GlobalUnlock
GetFileType
MapViewOfFile
LCMapStringA
GetDateFormatA
Module32First
QueryPerformanceCounter
CreateThread
SetEvent
GetConsoleOutputCP
GlobalReAlloc
GetEnvironmentStrings
SearchPathA
FlushFileBuffers
CreateToolhelp32Snapshot
HeapCreate
lstrcmpA
FreeEnvironmentStringsA
InterlockedDecrement
GetModuleHandleA
LoadLibraryW
SetLastError
OpenProcess
GetCPInfo
LoadLibraryA
ResetEvent
LockResource
FreeEnvironmentStringsW
GetOEMCP
GetACP
GlobalMemoryStatus
DeleteCriticalSection
SetErrorMode
GetStdHandle
FindResourceA
lstrcpynA
WideCharToMultiByte
GetProcessWorkingSetSize
SetFilePointer
EnterCriticalSection
MulDiv
GetStartupInfoA
GetConsoleMode
GetProcessHeap

user32

DrawFrameControl
CreateMenu
GetUpdateRgn
GetSysColor
CallWindowProcA
SendMessageTimeoutA
MapWindowPoints
DialogBoxIndirectParamA
TrackPopupMenu
MoveWindow
LoadMenuA
GetParent
IsWindowVisible
SetTimer
TranslateMessage
DispatchMessageA
InsertMenuA
PeekMessageA
FillRect
UnionRect
IsZoomed
CreateWindowExA
DefFrameProcA
RegisterClassExA
GetUserObjectSecurity
KillTimer
UpdateWindow
DrawMenuBar
ModifyMenuA
GetWindowLongA
GetWindowRect
DrawTextA
DrawIconEx
CheckMenuRadioItem
EndPaint
GetDlgCtrlID
DefWindowProcA
TranslateAcceleratorA
LoadIconA
FindWindowExA
CreatePopupMenu
LoadImageA
GetWindowPlacement
LoadStringA
IsIconic
SetMenuItemInfoA
GetWindow
MessageBoxA
GetMenu
CreateDialogParamA
GetMenuItemCount
FrameRect
SetClassLongA
IsDialogMessageA
SetWindowTextA
SetPropA
DrawEdge
GetDoubleClickTime
GetWindowTextA
InvalidateRgn
EndDialog
ChildWindowFromPoint
GetWindowThreadProcessId
GetSystemMetrics
GetCursorPos
SetCapture
GetDlgItemTextA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91a0060223f236430eeef20e6b54266d

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 181KB - Virtual size: 180KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 181KB - Virtual size: 180KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 4B