31b006374cfdee32c87f26f8c8f93bf8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

31b006374cfdee32c87f26f8c8f93bf8_JaffaCakes118
Size

178KB
MD5

31b006374cfdee32c87f26f8c8f93bf8
SHA1

f56762d2f400e8ccc80613d1e88868098039f8fc
SHA256

ff9417f096ca865eb716ad14de07c241d532c6e77e6efb5559481664d46e5c81
SHA512

63b0cbe6eddb1a304b729944d1f29178ae2681730d695bcbebde07967153b8b0d6d51d1318bb522d4d5de5fe4cf375bed079a90b99240090e2fd693e42b96a33
SSDEEP

3072:5TUdSp4uqi67zBcNm1ZXxt64BLDS2JLB65/8igO+VNk4+wYEnBbUKDr1Go:F/pE7qkXPPBySGUigO+Vm4QkbpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31b006374cfdee32c87f26f8c8f93bf8_JaffaCakes118

Files

31b006374cfdee32c87f26f8c8f93bf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c4eca352a599558300773ec149094ee9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

sqrt
wcscspn
swprintf
sprintf
wcstol
mbstowcs
srand
malloc
rand
wcsncmp
memset
memmove
time
exit
wcschr
clock
memcpy
strlen

kernel32

MulDiv
GetLocaleInfoA
HeapFree
LocalAlloc
GetACP
lstrlenA
CompareStringA
LocalReAlloc
GetUserDefaultLCID
FormatMessageA
VirtualFree
GetStdHandle
lstrcatA
GetStartupInfoA
LoadLibraryA
GetCPInfo
ExitThread
FindFirstFileA
GlobalDeleteAtom
FindResourceA
FindClose
CreateFileA
GetCurrentProcess
GetModuleHandleA
Sleep
HeapAlloc
VirtualAlloc
lstrcpynA
GetLocalTime
GetProcessHeap
GetCommandLineA
GetEnvironmentStrings
MoveFileA
DeleteFileA
WaitForSingleObject
RaiseException
DeleteCriticalSection
ResetEvent
ExitProcess
GetSystemDefaultLangID
SetEvent
GetTickCount
FreeLibrary
GlobalAlloc
GetLastError
CloseHandle

comdlg32

FindTextA
ChooseColorA

user32

DrawFrameControl
IsDialogMessageA
FindWindowA
GetSysColor
ShowScrollBar
EnumThreadWindows
GetForegroundWindow
DefWindowProcA
GetCursorPos
CharNextA
EnumChildWindows
ClientToScreen
TrackPopupMenu
GetDlgItem
DrawIcon
FrameRect
CreateMenu
GetMenuItemInfoA
DefMDIChildProcA
CharToOemA
EqualRect
IsWindowEnabled
SetWindowTextA
BeginPaint
RegisterClassA
GetActiveWindow
IsWindowVisible
CreateIcon
EnableMenuItem
GetPropA
EndDeferWindowPos
CreatePopupMenu
EnableScrollBar
GetSubMenu
SetCursor
GetMenuItemID
EnableWindow
DispatchMessageW
CheckMenuItem
GetMenu
GetCursor
SetTimer
DeferWindowPos
DefFrameProcA
GetKeyState
DrawTextA
IsChild
GetScrollInfo
GetIconInfo
IsMenu
EnumWindows
GetScrollPos
CreateWindowExA
DrawIconEx
SystemParametersInfoA
GetMessagePos
GetLastActivePopup
GetClassInfoA
MessageBoxA
GetWindowTextA
CallNextHookEx
GetKeyNameTextA
CharLowerBuffA
EndPaint
GetDesktopWindow
GetDC
GetMenuItemCount
GetDCEx
CallWindowProcA
GetWindow
FillRect
DrawMenuBar
GetMenuState
GetCapture
GetMenuStringA
GetClipboardData

ole32

MkParseDisplayName
ReleaseStgMedium
OleRegGetUserType

version

VerFindFileA
GetFileVersionInfoSizeA
VerInstallFileA

Sections

.CODE
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c4eca352a599558300773ec149094ee9

Headers

File Characteristics

Imports

msvcrt

kernel32

comdlg32

user32

ole32

version

Sections

.CODE Size: 50KB - Virtual size: 50KB

BSS Size: 120KB - Virtual size: 120KB

INIT Size: 4KB - Virtual size: 52KB

.bss Size: 1KB - Virtual size: 1KB

.CODE
Size: 50KB - Virtual size: 50KB

BSS
Size: 120KB - Virtual size: 120KB

INIT
Size: 4KB - Virtual size: 52KB

.bss
Size: 1KB - Virtual size: 1KB