071e1a9d314fbcb0e4b9fcd98c6bd859_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

071e1a9d314fbcb0e4b9fcd98c6bd859_JaffaCakes118
Size

1.8MB
MD5

071e1a9d314fbcb0e4b9fcd98c6bd859
SHA1

b91eac31d0a3353f1f4a44103a4b652e981a8898
SHA256

a42d70f8b94c88ee32263ffb85fb86abdbd14002c68292f6e0ee3a7bc17ffaad
SHA512

38ae9bf692688dc6e8d6b91aea0c18249d37e279cc281becaf37ad76d3c0d769b714bad59cf741225326740e442311c1649da78c8d1040ac1be97e8cbc2130ae
SSDEEP

24576:08VhV1Vo9nYd/bOXZ5YLW+R6VCUidFnBHgmsxx2/1im683C/yPViq5:dhuYy+qcKxxDm6COq5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
071e1a9d314fbcb0e4b9fcd98c6bd859_JaffaCakes118

Files

071e1a9d314fbcb0e4b9fcd98c6bd859_JaffaCakes118
.exe windows:4 windows x86 arch:x86

425cfdecf86ab59db48769758907f84b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mfc71

ord722
ord587
ord6005
ord781
ord297
ord2095
ord1591
ord4240
ord3317
ord741
ord1635
ord1543
ord3157
ord583
ord1063
ord1024
ord908
ord386
ord631
ord2280
ord2288
ord2575
ord2748
ord1892
ord1774
ord2168
ord6236
ord385
ord630
ord2021
ord3088
ord2747
ord6090
ord1191
ord1187
ord299
ord1489
ord2933
ord911
ord907
ord865
ord5410
ord1554
ord3195
ord620
ord5190
ord2256
ord6067
ord2987
ord754
ord416
ord651
ord2086
ord1545
ord4232
ord3164
ord1397
ord6266
ord1933
ord1484
ord4099
ord2091
ord1570
ord4237
ord3229
ord657
ord3883
ord762
ord370
ord2867
ord5751
ord5868
ord3406
ord4353
ord3328
ord1598
ord1654
ord3879
ord5866
ord328
ord588
ord6002
ord797
ord5833
ord2322
ord1934
ord2164
ord333
ord2019
ord2367
ord326
ord3210
ord3163
ord5640
ord2075
ord4115
ord3683
ord4467
ord4469
ord566
ord757
ord334
ord593
ord5119
ord4031
ord437
ord959
ord2156
ord5386
ord528
ord721
ord980
ord2036
ord761
ord715
ord1091
ord313
ord1198
ord383
ord629
ord6288
ord1439
ord5323
ord1183
ord1122
ord555
ord744
ord6310
ord1123
ord524
ord426
ord2903
ord2475
ord3333
ord4481
ord2838
ord5566
ord5213
ord5230
ord3948
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord6276
ord3801
ord6278
ord4014
ord4038
ord4109
ord6168
ord5491
ord3450
ord3645
ord4477
ord5007
ord368
ord616
ord4705
ord4264
ord4482
ord6043
ord5934
ord2768
ord3040
ord4222
ord1922
ord4739
ord4852
ord4257
ord5495
ord2742
ord5412
ord1379
ord5156
ord2051
ord2016
ord6238
ord2621
ord2614
ord4566
ord1930
ord3401
ord494
ord6004
ord443
ord676
ord3465
ord3647
ord393
ord530
ord3204
ord732
ord5174
ord4935
ord5613
ord6065
ord4587
ord2368
ord3952
ord2878
ord5714
ord3991
ord2428
ord5204
ord4178
ord2496
ord1955
ord4100
ord2094
ord3244
ord1283
ord2371
ord6144
ord2876
ord1564
ord347
ord602
ord3161
ord1280
ord1279
ord3799
ord2884
ord1903
ord5713
ord1159
ord1181
ord1211
ord3254
ord5676
ord4273
ord1556
ord1360
ord3344
ord2420
ord2419
ord2418
ord2417
ord5151
ord5914
ord3974
ord4860
ord4863
ord4379
ord4384
ord4381
ord4399
ord4401
ord4386
ord4776
ord4171
ord4980
ord4781
ord4204
ord4790
ord4443
ord4444
ord3740
ord298
ord3684
ord501
ord709
ord5637
ord4123
ord4001
ord807
ord803
ord3499
ord3653
ord430
ord635
ord5168
ord4265
ord1963
ord4277
ord1306
ord2173
ord5207
ord1904
ord5148
ord3945
ord1557
ord4020
ord2424
ord2425
ord2992
ord5356
ord944
ord4904
ord2940
ord4135
ord4309
ord5013
ord5009
ord2615
ord1913
ord2246
ord1572
ord5010
ord3680
ord2370
ord5712
ord1643
ord1581
ord3292
ord805
ord5446
ord493
ord802
ord427
ord664
ord870
ord4067
ord384
ord1917
ord380
ord5493
ord2703
ord3201
ord5089
ord5877
ord5625
ord3094
ord567
ord758
ord5420
ord5484
ord573
ord5718
ord3819
ord4035
ord317
ord584
ord1434
ord2259
ord2306
ord5444
ord5403
ord5716
ord6003
ord3022
ord5430
ord3818
ord3858
ord3193
ord5671
ord3199
ord2746
ord2753
ord2750
ord2120
ord4055
ord6210
ord914
ord2308
ord2471
ord3295
ord718
ord4108
ord4158
ord5529
ord2272
ord2271
ord3850
ord5710
ord2469
ord799
ord800
ord462
ord789
ord1296
ord2468
ord1025
ord3595
ord570
ord759
ord1625
ord2249
ord3635
ord3605
ord5567
ord4569
ord5227
ord6174
ord804
ord4066
ord869
ord6182
ord4075
ord456
ord4085
ord5490
ord782
ord461
ord3596
ord3118
ord5946
ord3908
ord5647
ord6037
ord5731
ord1966
ord305
ord1169
ord5189
ord3760
ord1792
ord1793
ord3441
ord3109
ord1873
ord6305
ord516
ord6306
ord3667
ord4867
ord4617
ord4125
ord1791
ord499
ord502
ord5976
ord3907
ord3115
ord5945
ord423
ord660
ord866
ord5466
ord1425
ord4063
ord356
ord6119
ord1881
ord1788
ord4761
ord3287
ord4888
ord1395
ord794
ord1254
ord3552
ord4320
ord2654
ord1790
ord3110
ord5779
ord2482
ord1126
ord3830
ord1054
ord556
ord5097
ord5346
ord4568
ord2248
ord1971
ord4095
ord3788
ord1459
ord1124
ord1140
ord1153
ord3085
ord4908
ord1469
ord3080
ord5929
ord1065
ord1066
ord3989
ord2328
ord432
ord667
ord1799
ord1776
ord6223
ord1207
ord5641
ord2234
ord6035
ord350
ord604
ord3640
ord4579
ord4670
ord3181
ord2715
ord1618
ord1364
ord4199

msvcr71

_controlfp
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
memset
_ltoa
_mbslen
_mbscspn
_mbschr
_CxxThrowException
_except_handler3
__CxxFrameHandler
wcsncpy
wcscmp
fgets
fclose
ftell
fseek
ctime
_fstat
fopen
_wcsicmp
_wcsnicmp
_resetstkoflw
_strnicmp
ceil
abort
localtime
time
_isnan
_finite
log
exp
cos
sin
isalpha
_mbctolower
_mbctoupper
_stricmp
_ultoa
_setmbcp
_time64
_localtime64
_mktime64
free
atoi
strncpy
fabs
strstr
rand
malloc
strtol
wcslen
wcscpy
atol
srand
_access
_errno
_mkdir
_ismbcspace
_fullpath
_splitpath
_chdrive
toupper
_chdir
strftime
tolower
strncmp
floor
_purecall
_gcvt
strchr
atof
isspace
isalnum
isdigit
_mbslwr
strtod
sprintf
_itoa
_getcwd
sscanf
strtoul
sqrt
strspn
_strupr
memmove
modf
log10
setlocale
_ismbcdigit
_ismbcalnum
_ismbcalpha

kernel32

InitializeCriticalSection
RaiseException
DeleteCriticalSection
GetVersion
GetModuleHandleA
FindResourceExA
SizeofResource
BeginUpdateResourceA
UpdateResourceA
EndUpdateResourceA
EnumResourceNamesA
EnumResourceTypesA
CreateMutexA
CreateDirectoryA
EnumCalendarInfoA
WideCharToMultiByte
GlobalAlloc
GlobalReAlloc
GetCurrentDirectoryA
GetProfileStringA
LocalAlloc
GetStartupInfoA
ExitProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadResource
LockResource
FindResourceA
FlushViewOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
ReadFile
GetExitCodeProcess
GetStdHandle
CreatePipe
GetUserDefaultLangID
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
Sleep
WinExec
lstrlenA
lstrlenW
GetTickCount
CopyFileA
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
DeleteFileA
GetLastError
LocalFree
GlobalHandle
InterlockedDecrement
ResumeThread
WaitForSingleObject
FormatMessageA
GetModuleFileNameA
GetVolumeInformationA
CreateProcessA
GlobalLock
lstrcpynA
GlobalUnlock
FindFirstFileA
FindNextFileA
GlobalFree
FindClose

user32

ReleaseDC
GetDesktopWindow
LoadIconA
FillRect
GetSystemMetrics
UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GetMenuStringA
GetMenu
InsertMenuA
DrawMenuBar
UnpackDDElParam
ReuseDDElParam
SetWindowPos
GetDialogBaseUnits
SetRect
OffsetRect
RegisterWindowMessageA
RemoveMenu
CreatePopupMenu
GetNextDlgTabItem
IsWindow
ShowScrollBar
GetMenuItemID
GetClassNameA
SendMessageW
LoadStringW
EnumChildWindows
WindowFromPoint
DrawFrameControl
DispatchMessageA
IntersectRect
SetTimer
EqualRect
GetMessageA
IsRectEmpty
SetRectEmpty
PtInRect
GetDlgItem
GetSysColorBrush
GetWindowTextA
IsChild
GetFocus
SetWindowTextA
SetScrollInfo
GetScrollInfo
GetWindowLongA
GetWindow
GetTopWindow
MessageBoxA
LoadStringA
PostThreadMessageA
GetKeyState
LoadBitmapA
PostQuitMessage
ScreenToClient
ReleaseCapture
SetCapture
ShowCursor
ClientToScreen
GetDC
EnableMenuItem
InsertMenuItemA
GetMenuItemInfoA
GetMenuItemCount
AppendMenuA
GetSubMenu
LoadMenuA
ClipCursor
SetCursorPos
GetCursorPos
SetCursor
LoadCursorA
GetWindowRect
wsprintfA
FlashWindow
UpdateWindow
GetAsyncKeyState
KillTimer
DrawFocusRect
InflateRect
GetSysColor
CopyRect
InvalidateRect
MessageBeep
SetForegroundWindow
PostMessageA
SendMessageA
GetWindowTextW
GetClientRect
EnableWindow
GetParent
GetCapture

gdi32

CreatePalette
GetStockObject
CreateHatchBrush
GetEnhMetaFileBits
SetEnhMetaFileBits
GetTextMetricsA
ExtCreatePen
Arc
CreateFontA
CreateSolidBrush
PlayEnhMetaFile
GetEnhMetaFileA
DeleteEnhMetaFile
GetTextExtentPoint32A
CreatePatternBrush
CreateBitmapIndirect
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
CreateFontIndirectA
GetObjectA
Rectangle

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
GetUserNameA
RegSetValueA

shell32

ShellExecuteA

comctl32

ImageList_DragMove
ImageList_AddMasked
ImageList_DragShowNolock
ImageList_DragLeave
ImageList_EndDrag
ImageList_BeginDrag
ImageList_DragEnter
ord17
ImageList_Copy

ole32

CoInitializeSecurity
CoGetClassObject
CoCreateInstanceEx
CLSIDFromProgID
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoUninitialize
CoInitializeEx
OleRun

urlmon

CoInternetParseUrl

Exports

Exports

??4l4linkSt@CB@@QAEAAU01@ABU01@@Z
LangMakeUpper
LangMakeUpperConv

Sections

.text
Size: 892KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

425cfdecf86ab59db48769758907f84b

Headers

File Characteristics

Imports

version

mfc71

msvcr71

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

urlmon

Exports

Exports

Sections

.text Size: 892KB - Virtual size: 891KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 96KB - Virtual size: 145KB

.rsrc Size: 612KB - Virtual size: 609KB

.text
Size: 892KB - Virtual size: 891KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 96KB - Virtual size: 145KB

.rsrc
Size: 612KB - Virtual size: 609KB