0badfe5796c25ed0d5592d97b0655baf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0badfe5796c25ed0d5592d97b0655baf_JaffaCakes118
Size

160KB
MD5

0badfe5796c25ed0d5592d97b0655baf
SHA1

1cbe2c56e85887ccba427d8daa7729a33842f4d6
SHA256

81cde4d1bbc35ee7fda57e7e4e85a918c787ae9bc621cc20a07dacb3ffb16872
SHA512

593af405abb99984741e71548e331f907d4965d1370418902f7dc1287adebacc73b91dbe643962ed121e2711e1e8bb3105e903259f4df71699f021fb7ff375dc
SSDEEP

3072:CHf7FrjVrIEpTOB19HPcVvjRv3DKpkOIuuntTBf4nO:Cf7FfNXgdvc5lv3epPIuuntTBwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0badfe5796c25ed0d5592d97b0655baf_JaffaCakes118

Files

0badfe5796c25ed0d5592d97b0655baf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b620f374296ef360b1d432f45dd1a67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
TerminateThread
WaitForSingleObject
GetModuleFileNameA
CreateThread
GetTempPathA
ResetEvent
WaitForMultipleObjects
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
CreateFileA
ReadFile
DeleteFileA
SetEvent
OpenEventA
CloseHandle
WideCharToMultiByte
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
AddAtomA
WriteFile
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GetExitCodeProcess
CreatePipe
GetCurrentProcess
DuplicateHandle
CreateProcessA
GetDriveTypeA
GetVolumeInformationA
GetLongPathNameA
GetCurrentProcessId
FindNextFileA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
Sleep

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage
GdipSaveImageToFile
GdipLoadImageFromFile

mfc42

ord3626
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord537
ord3663
ord3571
ord2414

msvcrt

strrchr
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_XcptFilter
_controlfp
exit
_exit
??1type_info@@UAE@XZ
_CxxThrowException
memset
strcpy
strstr
strcmp
__CxxFrameHandler
sprintf
memcpy
_strset
_strupr
wcscmp
free
pow
malloc
_purecall
_ftol
rand
srand
memcmp
strchr
_onexit
strlen

psapi

EnumProcessModules
GetModuleFileNameExA

user32

PostThreadMessageA
GetMessageA
GetWindowTextA
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA
FindWindowA
GetSystemMetrics
DestroyWindow
SendMessageA
IsWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetObjectA
CreateDCA
GetDIBits

ole32

StringFromGUID2
CoCreateGuid
CoUninitialize
CoInitialize

ws2_32

recv
send
connect
shutdown
getsockname
recvfrom
WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
socket
bind
htons
sendto
ntohs
WSAGetLastError

winmm

timeKillEvent
timeSetEvent

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b620f374296ef360b1d432f45dd1a67

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

gdiplus

mfc42

msvcrt

psapi

user32

gdi32

ole32

ws2_32

winmm

avicap32

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB