07efffbdbb07407fb0a31c21fe411bce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07efffbdbb07407fb0a31c21fe411bce_JaffaCakes118
Size

212KB
MD5

07efffbdbb07407fb0a31c21fe411bce
SHA1

d7a195d5fc1772627d5f064b6b3a61ed148ea480
SHA256

16c85f0f134dafb7029b14f3f78ceba585e9a804ede4e347a35df6ee55796f86
SHA512

1d8250ce073dfd3b042686031d3ba1d5c520be0e0f460ff79ab0dcc2ecb306943715e023d360d4724063f2ee8501aa0da7fd08ad154917d1e888a6a6df916ef2
SSDEEP

3072:dEhsxRt5GRyUj0wzI0JySQUEcbTv8kBlZQ4WOOeAqL5U1B/bumL/hl2+sYFsih27:+yb9Dnuz8WZQ4WOAfFL/r2+zo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07efffbdbb07407fb0a31c21fe411bce_JaffaCakes118

Files

07efffbdbb07407fb0a31c21fe411bce_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cfb0fbfc1d58f094ad0d19d726aa2b1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ilasm.pdb

Imports

msvcr71

_vsnwprintf
realloc
wcsncmp
_wcsnicmp
vswprintf
malloc
free
wcsncpy
??2@YAPAXI@Z
_controlfp
_onexit
__dllonexit
__security_error_handler
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_amsg_exit
__p___winitenv
_cexit
_XcptFilter
_exit
_c_exit
qsort
isalnum
isalpha
isdigit
isspace
strtod
vsprintf
_mbsinc
strncmp
strncat
wcscmp
swscanf
fwprintf
wcscat
wprintf
exit
_wfopen
fgets
wcschr
_purecall
wcsrchr
swprintf
_stricmp
clock
time
localtime
fopen
fread
fclose
wcslen
strrchr
wcscpy
wcsstr
printf
strcat
__CxxFrameHandler
strchr
strncpy
strcpy
sprintf
memcmp
strlen
memmove
_iob
fprintf
strcmp
memset
memcpy
wcstoul

advapi32

RegQueryInfoKeyW
RegEnumKeyExW
RegEnumKeyExA
RegQueryValueExA
GetUserNameA
GetUserNameW
DeregisterEventSource
ReportEventW
RegisterEventSourceA
RegEnumValueA
RegEnumValueW
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
IsTextUnicode
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegOpenKeyExW
LookupPrivilegeValueA
LookupPrivilegeValueW
SetFileSecurityA
SetFileSecurityW
RegDeleteKeyA
RegDeleteKeyW
RegSetValueExA
RegSetValueExW
RegCreateKeyExA
RegCreateKeyExW
RegQueryValueA
RegQueryValueW
RegDeleteValueA
RegDeleteValueW
RegLoadKeyA
RegLoadKeyW
RegUnLoadKeyA
LookupAccountNameW
LookupAccountNameA
LookupAccountSidW
LookupAccountSidA
CryptAcquireContextA
RegQueryValueExW
RegReplaceKeyW
RegReplaceKeyA
RegRestoreKeyW
RegRestoreKeyA
RegUnLoadKeyW

kernel32

GetProcAddress
LoadLibraryA
MultiByteToWideChar
CompareStringA
GetModuleFileNameA
GetSystemDirectoryA
GetSystemDirectoryW
GetWindowsDirectoryA
GetWindowsDirectoryW
FindNextFileA
FindNextFileW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
FreeEnvironmentStringsW
lstrlenW
GetModuleFileNameW
GetVersionExA
GetVersionExW
GetComputerNameA
GetComputerNameW
WideCharToMultiByte
GetCPInfo
EnumResourceLanguagesW
LocalAlloc
LocalFree
SetLastError
GetLastError
GetFileSize
CloseHandle
UnmapViewOfFile
MapViewOfFile
GetCurrentProcessId
ReadFile
DeleteFileW
GetBinaryTypeA
lstrcmpiA
GetStdHandle
GetModuleHandleA
GetCurrentDirectoryA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
GetProcessAffinityMask
VirtualQuery
VirtualAlloc
WriteFile
GetSystemInfo
OpenProcess
FreeLibrary
lstrcpyW
lstrcatW
CreateProcessW
CreateProcessA
OpenFileMappingW
OpenFileMappingA
CreateFileMappingW
CreateFileMappingA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetEnvironmentVariableW
GetEnvironmentVariableA
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetModuleHandleW
OpenEventW
OpenEventA
CreateEventW
CreateEventA
CreateMutexW
CreateMutexA
FatalAppExitW
FatalAppExitA
OutputDebugStringW
OutputDebugStringA
FindFirstFileW
FindFirstFileA
FindClose
GetDateFormatW
GetDateFormatA
RemoveDirectoryW
RemoveDirectoryA
CreateDirectoryW
CreateDirectoryA
CreateSemaphoreW
CreateSemaphoreA
GetVolumeInformationW
GetVolumeInformationA
GetDriveTypeW
GetDriveTypeA
MoveFileExW
DeleteFileA
MoveFileW
MoveFileA
CopyFileW
CopyFileA
CreateFileW
CreateFileA
GetFileType
WritePrivateProfileStringW
WritePrivateProfileStringA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
RaiseException
GetPrivateProfileIntA
SearchPathW
SearchPathA
FormatMessageW
FormatMessageA
GetCurrentDirectoryW
LoadLibraryExW
LoadLibraryExA
GetTempPathA
GetTempPathW
GetFullPathNameA
GetFullPathNameW
GetTempFileNameA
GetTempFileNameW
FindResourceA
FindResourceW
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
FindFirstChangeNotificationA
ExitProcess
InterlockedExchange
FindFirstChangeNotificationW

mscoree

StrongNameFreeBuffer
StrongNameErrorInfo
StrongNameSignatureSize
StrongNameSignatureGeneration
StrongNameGetPublicKey
StrongNameKeyDelete
StrongNameKeyInstall

ole32

CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitializeEx

user32

CharPrevW
GetDlgItem
SetDlgItemTextW
SetDlgItemTextA
SetWindowTextW
SetWindowTextA
LoadCursorW
LoadCursorA
LoadIconW
LoadIconA
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
MessageBoxW
MessageBoxA
LoadImageW
LoadImageA
LoadAcceleratorsW
LoadAcceleratorsA
CreateWindowExW
CreateWindowExA
RegisterClassW
RegisterClassA
GetClassInfoW
GetClassInfoA
LoadMenuW
LoadMenuA
SendMessageW
SendMessageA
GetProcessWindowStation
GetUserObjectInformationW
LoadStringW
LoadStringA
GetMessageW
GetMessageA
IsDialogMessageW
IsDialogMessageA
SetWindowLongA
GetWindowLongA
TranslateAcceleratorW
TranslateAcceleratorA
DefWindowProcW
DefWindowProcA
GetClassNameW
GetClassNameA
PostMessageW
PostMessageA
DispatchMessageW
DispatchMessageA
PeekMessageW
PeekMessageA
GetWindowTextW
GetWindowTextA
SystemParametersInfoA
CallWindowProcA
GetWindowLongW
SetWindowLongW
SendDlgItemMessageW

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cfb0fbfc1d58f094ad0d19d726aa2b1e

Headers

File Characteristics

PDB Paths

Imports

msvcr71

advapi32

kernel32

mscoree

ole32

user32

Sections

.text Size: 156KB - Virtual size: 154KB

.data Size: 28KB - Virtual size: 3.0MB

.rsrc Size: 4KB - Virtual size: 1KB

.mdata Size: 20KB - Virtual size: 20KB

.text
Size: 156KB - Virtual size: 154KB

.data
Size: 28KB - Virtual size: 3.0MB

.rsrc
Size: 4KB - Virtual size: 1KB

.mdata
Size: 20KB - Virtual size: 20KB