08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118
Size

241KB
MD5

08570b2b4e0182c6e61fc9467b20003b
SHA1

28c95ead6bb8ad44ce86a73e2d9e484b4df67e87
SHA256

3a1174eb1bcd7d4e5a410242389b73764cb0dba9acf7abaec911cc33b9a97b0e
SHA512

360a683d9a8aaead844b6f3c2d4b0901a35fffcd8445dfe0be2533e047b1e01dd2e56eed80daae33ac25247a696315748922a6d91b1ecbb3733f8aa030c9d861
SSDEEP

6144:YAvXFIvsb2YXEfB/KB/vZcSQucrPJ2t54G9FeddLW0PI:YAvVdqY4e3ZtNAEt57GdkuI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118

Files

08570b2b4e0182c6e61fc9467b20003b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7957f4db42f502578d032a7c9f79f6dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy
GetWindowsDirectoryW
CreateNamedPipeA
GetCommandLineA
GetOEMCP
GlobalAlloc
GetExitCodeProcess
ExpandEnvironmentStringsW
GetEnvironmentVariableW
DeleteAtom
lstrcpyW
CreateDirectoryW
GetVersionExW
GetCurrentProcessId
FindAtomW
GetStartupInfoA
GetShortPathNameW
IsBadCodePtr
LoadResource
TlsAlloc
GetTimeFormatW
OpenSemaphoreA
FileTimeToDosDateTime
GetWindowsDirectoryA
LoadLibraryExA
GetCurrentThreadId
CreateEventA
GetExpandedNameA
GetProcessHeap
Beep
LocalAlloc
GetSystemTime
IsBadStringPtrW
EnumDateFormatsW
GetModuleHandleW
WaitForMultipleObjects
lstrlenW
GetLogicalDriveStringsA
GetEnvironmentVariableA
ExpandEnvironmentStringsA
MoveFileW
FileTimeToLocalFileTime
OpenWaitableTimerA
GetProcAddress
CreateEventW
GetLogicalDrives
GetVersion
GetStringTypeA
OpenMutexA
GetLocaleInfoW
GetCalendarInfoW
CreateMailslotA
SleepEx
lstrlen
IsValidLocale
lstrcmpA
GetCalendarInfoA
GetTickCount
SetErrorMode
GetLocaleInfoA
FindResourceA
RaiseException
CreateMailslotW
lstrcmpW
SetCurrentDirectoryW
CreateMutexW
BeginUpdateResourceA
CreatePipe
CreateSemaphoreW
lstrcmpiA
lstrcmp

user32

GetAsyncKeyState
GetSysColorBrush
wvsprintfW
GetClassInfoW
LoadImageW
SetCursor
SendDlgItemMessageW
GetMenuItemInfoW
CreateDesktopW
SetDlgItemInt
GetMenuState
GetSystemMetrics
CharNextW
AppendMenuA
GetDlgItemTextA
RegisterClassW
UnregisterClassW
CharUpperA
CreateAcceleratorTableW
GetTopWindow
SetCursorPos
InsertMenuA
GetMenu
PostMessageA
GetWindowRgn
CharPrevW
SetWindowTextA
ActivateKeyboardLayout
LoadMenuIndirectA

gdi32

CreateFontIndirectW
CreateColorSpaceW
GetTextExtentPointA
SelectBrushLocal
AddFontResourceA
CreateCompatibleDC
CreateFontIndirectExA
CreateBitmap
StretchDIBits
SetWinMetaFileBits
CreateBrushIndirect
CreateICW
GetStockObject
CreatePen
GetEnhMetaFileA
CreateDIBPatternBrushPt
CreateDIBSection
UpdateICMRegKeyW
SetEnhMetaFileBits
CreateHatchBrush
CreateFontA
CreateScalableFontResourceA

advapi32

SystemFunction022
DuplicateEncryptionInfoFile

shell32

StrChrIA
StrCmpNW
StrStrA

comctl32

CreateMappedBitmap
ImageList_Copy
InitCommonControls
ImageList_GetImageRect
ImageList_Write
ImageList_LoadImage
GetMUILanguage
ImageList_SetImageCount
DrawInsert

oleaut32

VarUI1FromUI8

ws2_32

socket

sqlunirl

_ExpandEnvironmentStrings_@12
_GetSaveFileName@4
_EnumFonts_@16
_DialogBoxParam_@20
_CreateWaitableTimer_@12

wsock32

EnumProtocolsA
closesocket
EnumProtocolsW
GetAddressByNameW
ioctlsocket
SetServiceA
GetServiceW
dn_expand
TransmitFile
htons
getnetbyname
AcceptEx
sethostname
getprotobynumber

Sections

.MdHi
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BC
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QNZjz
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UHnCf
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dCu
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MQLZK
Size: 11KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gR
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7957f4db42f502578d032a7c9f79f6dd

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

oleaut32

ws2_32

sqlunirl

wsock32

Sections

.MdHi Size: 9KB - Virtual size: 8KB

.BC Size: 88KB - Virtual size: 88KB

.QNZjz Size: 11KB - Virtual size: 11KB

.UHnCf Size: 4KB - Virtual size: 28KB

.dCu Size: 91KB - Virtual size: 91KB

.MQLZK Size: 11KB - Virtual size: 227KB

.gR Size: 1024B - Virtual size: 1KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.MdHi
Size: 9KB - Virtual size: 8KB

.BC
Size: 88KB - Virtual size: 88KB

.QNZjz
Size: 11KB - Virtual size: 11KB

.UHnCf
Size: 4KB - Virtual size: 28KB

.dCu
Size: 91KB - Virtual size: 91KB

.MQLZK
Size: 11KB - Virtual size: 227KB

.gR
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB