063fd2c79efac6370c6d09ab84b37ec9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

063fd2c79efac6370c6d09ab84b37ec9_JaffaCakes118
Size

248KB
MD5

063fd2c79efac6370c6d09ab84b37ec9
SHA1

8d3ddbd7b055cf29bd26a7e7446fb8dfa1564450
SHA256

d9dbcf1028c481ea681e13d08740c30d14ae85f97178b8742d2486be11da0443
SHA512

49d7c7b58bf35e53d9719714c9c2e9b2cb484107033706d3fe988c0bd933850254759877b8147bc731ab2b3737c3537d385b837b130960b95925368d3b5af9f1
SSDEEP

6144:l3G5uLKXWQQYKGYc579LMmrNga5kX8OZXOxCnT0wSxxXHK:9G5pKG5LMmrtwNZXrjSxNq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063fd2c79efac6370c6d09ab84b37ec9_JaffaCakes118

Files

063fd2c79efac6370c6d09ab84b37ec9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b97bab6d03b02b5a322019f8481d4e66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PurgeComm
SetCommState
SetCommTimeouts
GetCommTimeouts
GlobalReAlloc
SetCommMask
GetCommState
GetFileType
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LocalFree
LocalAlloc
GetLocalTime
LoadResource
LockResource
LoadLibraryA
GetDateFormatA
FreeLibrary
SetFileAttributesA
GetProcAddress
CreateDirectoryA
FileTimeToSystemTime
GetFileTime
FileTimeToLocalFileTime
lstrcpynA
GetComputerNameA
MoveFileA
lstrcmpA
GetFileAttributesA
ResetEvent
WaitForMultipleObjects
GetFileSize
WaitCommEvent
CreateEventA
GetOverlappedResult
SetEvent
GetCommMask
GetCommProperties
CreateFileA
GetCPInfo
CopyFileA
Sleep
GetModuleHandleA
RtlUnwind
GetCommandLineA
GetVersion
GetStartupInfoA
HeapFree
HeapAlloc
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
TerminateProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetModuleFileNameA
GetEnvironmentStringsW
SetHandleCount
GetEnvironmentStrings
HeapDestroy
HeapCreate
GetStdHandle
VirtualAlloc
HeapReAlloc
VirtualFree
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GlobalFree
ReadFile
CloseHandle
SetFilePointer
GlobalAlloc
lstrlenA
LCMapStringA
GetCurrentThreadId
GetTickCount
lstrcatA
lstrcpyA
DeleteFileA
GetSystemDefaultLangID
WriteFile
GetCurrentDirectoryA
GetLastError
LCMapStringW
GetACP
GlobalMemoryStatus
GlobalUnlock
lstrcmpiA
GlobalLock
CreateThread
GetOEMCP

user32

GetWindowRect
GetDC
MessageBoxA
EnableWindow
GetSystemMetrics
GetDesktopWindow
EndPaint
GetFocus
GetParent
SetRect
GetClientRect
SetWindowTextA
SendMessageA
GetDlgItem
GetDialogBaseUnits
SetWindowRgn
CallNextHookEx
IsChild
WaitMessage
SetCursor
PostMessageA
SetWindowLongA
SetParent
IsWindow
CopyRect
SetRectEmpty
OffsetRect
GetDlgItemInt
CreateDialogIndirectParamA
ShowCursor
SetDlgItemTextA
GetDlgItemTextA
SetDlgItemInt
ChangeDisplaySettingsA
GetWindowLongA
EnumDisplaySettingsA
PostThreadMessageA
PeekMessageA
MsgWaitForMultipleObjects
IsDlgButtonChecked
CheckRadioButton
CheckDlgButton
GetCursorPos
FillRect
EndDialog
SendDlgItemMessageA
ScreenToClient
SetFocus
GetClassInfoA
GetActiveWindow
GetWindowTextA
GetDlgCtrlID
RegisterClassA
CallWindowProcA
DestroyWindow
PostQuitMessage
WinHelpA
DefWindowProcA
InvalidateRect
DialogBoxParamA
BeginPaint
KillTimer
wsprintfA
SetWindowsHookExA
ReleaseDC
SetWindowPos
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
UnregisterClassA
SetTimer

gdi32

CreatePolygonRgn
GetDeviceCaps
DeleteDC
GetStockObject
SelectObject
CreateCompatibleDC
BitBlt
DeleteObject
CreateDIBitmap
GetObjectA

comdlg32

GetOpenFileNameA

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListA

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize

oleaut32

SysFreeString

avifil32

AVIFileRelease
AVIStreamWrite
AVIFileExit
AVIFileInit
AVIFileOpenA
AVIStreamSetFormat
AVIFileCreateStreamA
AVIStreamRelease

msvfw32

MCIWndCreateA
ICImageDecompress
ICClose

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

comctl32

ord17

winmm

mmioClose
mmioDescend
mmioOpenA
mmioRead
mciSendCommandA
mmioAscend

ws2_32

send
connect
WSACloseEvent
recv
WSASend
gethostbyname
WSAWaitForMultipleEvents
WSAGetOverlappedResult
WSASocketA
WSASetEvent
WSACreateEvent
WSAEventSelect
htons
sendto
WSAStartup
WSACleanup
WSAGetLastError
closesocket
WSAEnumNetworkEvents

wininet

InternetOpenA
InternetCloseHandle
InternetConnectA
FtpOpenFileA
InternetWriteFile

japi

_End_JPEG_Compress@0
_Compress_One_Line@8
_Close_JPEG_Compressor@0
_Init_JPEG_Compressor@4
_Close_JPEG_Decompressor@0
_Start_JPEG_Compress@16
_Decompress_One_Line@4
_Start_JPEG_Decompress@16
_End_JPEG_Decompress@0
_Start_JPEG_Compress_Mem@16
_Init_JPEG_Decompressor@4

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b97bab6d03b02b5a322019f8481d4e66

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

avifil32

msvfw32

avicap32

comctl32

winmm

ws2_32

wininet

japi

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 100KB - Virtual size: 176KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 100KB - Virtual size: 176KB

.rsrc
Size: 12KB - Virtual size: 10KB