3eabc935b86b6851466d69d6da9dcd74_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3eabc935b86b6851466d69d6da9dcd74_JaffaCakes118
Size

288KB
MD5

3eabc935b86b6851466d69d6da9dcd74
SHA1

3bd7c63b1034c437122da0cd7a106976bb71d103
SHA256

c9e9b4f87dc6e6df0dd7a6487a0764d79b0237e8fdb6129a1513b25bd268887d
SHA512

31fb245de36205a9dca19c7495fab37179697af62fdac3ad0abb2800e2eb3cf8136ccb471ca6e4a83429b23655ef465234e18575da6eb6f77e2a04733f6baf09
SSDEEP

6144:G0mHni/Mgd5gNqyL+B6vTsqPUHtTBgzX:cCbyqKTOHtT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eabc935b86b6851466d69d6da9dcd74_JaffaCakes118

Files

3eabc935b86b6851466d69d6da9dcd74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22c7a1202cc9f09b0077f5867a86abd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EnumProcessModules
GetModuleFileNameExA
EnumPageFilesA

kernel32

GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
TerminateThread
WaitForSingleObject
GetModuleFileNameA
CreateFileA
WriteFile
ResetEvent
WaitForMultipleObjects
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
ReadFile
DeleteFileA
SetEvent
OpenEventA
CloseHandle
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
AddAtomA
Beep
Sleep
CreateThread
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GetCurrentProcess
DuplicateHandle
CreateProcessA
GetDriveTypeA
GetVolumeInformationA
GetLongPathNameA
GetCurrentProcessId
FindNextFileA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
CreatePipe
GetExitCodeProcess

user32

AnyPopup
MessageBoxA
IsWindow
SendMessageA
DestroyWindow
GetSystemMetrics
FindWindowA
PostThreadMessageA
GetMessageA
GetWindowTextA
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA

gdi32

GetObjectA
BeginPath
CreateCompatibleBitmap
CreateDCA
BitBlt
CreateCompatibleDC
GetDIBits

advapi32

RegQueryInfoKeyA
AbortSystemShutdownA
RegCloseKey
RegOpenKeyExA
RegEnumValueA

shell32

ShellExecuteA
SHFormatDrive
SHFileOperationA

ws2_32

WSACreateEvent
recv
send
connect
shutdown
getsockname
recvfrom
WSAGetLastError
ntohs
WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
socket
bind
htons
sendto

winmm

PlaySoundA
timeKillEvent
timeSetEvent

gdiplus

GdipLoadImageFromFile
GdipCloneImage
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipAlloc
GdipFree
GdiplusStartup
GdiplusShutdown
GdipSaveImageToFile
GdipDisposeImage

mfc42

ord537
ord3663
ord3626
ord2414
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord3571

msvcrt

_ftol
_purecall
malloc
pow
free
wcscmp
_strupr
_strset
??1type_info@@UAE@XZ
_exit
_XcptFilter
rand
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
srand
memcmp
strchr
strlen
strrchr
_CxxThrowException
memset
strcpy
strstr
strcmp
__CxxFrameHandler
sprintf
memcpy
exit

ole32

CoCreateGuid
CoInitialize
StringFromGUID2
CoUninitialize

avicap32

capGetDriverDescriptionA
capCreateCaptureWindowA

Sections

.text
Size: 240KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22c7a1202cc9f09b0077f5867a86abd3

Headers

File Characteristics

Imports

psapi

kernel32

user32

gdi32

advapi32

shell32

ws2_32

winmm

gdiplus

mfc42

msvcrt

ole32

avicap32

Sections

.text Size: 240KB - Virtual size: 237KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 240KB - Virtual size: 237KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 12KB - Virtual size: 9KB