431f00369527cdef9cc368456641fbca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

431f00369527cdef9cc368456641fbca_JaffaCakes118
Size

3.5MB
MD5

431f00369527cdef9cc368456641fbca
SHA1

9a7042e4f1799be59f62a75be0006b4ac5662226
SHA256

fecdec11244eaa1c9af4cb8d00f47115604938e042fbb55207e83c080faff5bc
SHA512

baa45f9df2685d400558e20067341854b4647455697163936c7669d8d62ac1a51158a09e20acca21ace6cded16952bdcc6b51decca6ea509ac07c8afe0fd79e3
SSDEEP

6144:TCEyu6y70z+S1Z0zmcLNY0W97ftwDkDrqCoWWWckEgJyMBiDZYC4vhcYubPb4vhT:TUu6y70z+SVcLGwSrqCPJjwBNUv0Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431f00369527cdef9cc368456641fbca_JaffaCakes118

Files

431f00369527cdef9cc368456641fbca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8e8ee018afe4ad9672ed9e52d842497

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
memcpy
realloc
free
printf
strcpy
strlen
strncpy
cos
sin
malloc
memcmp
strcat
fread
sprintf
abs
pow
longjmp
strtod
calloc
fopen
fseek
fclose
_stricmp
strncmp
strcmp
localtime
mktime
_strnicmp
gmtime
memmove
floor
_iob
_setjmp
_isnan
_lseek
_close
_fstat
_open
_read
_write

user32

wsprintfA
SetClassLongA
SendMessageA
ShowWindow
SetWindowLongA
InvalidateRect
GetWindowLongA
SetLayeredWindowAttributes
GetSystemMetrics
GetDC
ReleaseDC
EnumDisplaySettingsA
GetAsyncKeyState
wvsprintfA
SetWindowPos
GetDesktopWindow
FillRect
ShowCursor
GetWindowRect
OffsetRect
SetRect
CallWindowProcA
GetClientRect
ClientToScreen
GetPropA
SetPropA
TranslateMessage
DispatchMessageA
PeekMessageA
SetWindowTextA
MoveWindow
EnableWindow
ScreenToClient
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
SetFocus
DestroyWindow
GetWindow
GetParent
GetWindowTextLengthA
GetWindowTextA
GetClassNameA
ValidateRect
LoadCursorA
RegisterClassA
GetSysColor
AdjustWindowRect
GetActiveWindow
SetActiveWindow
GetMessageA
TranslateAcceleratorA
UnregisterClassA
DestroyAcceleratorTable
GetMenu
PostMessageA
IsWindowEnabled
IsWindowVisible
GetFocus
IsChild
EnumChildWindows
GetKeyState
CreateAcceleratorTableA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
DrawIconEx

gdi32

GetStockObject
StretchBlt
CreatePatternBrush
GetPixel
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject
GetDeviceCaps
CreateCompatibleBitmap
GetObjectA
GetDIBits
Rectangle
GetObjectType
SetDIBits
SetStretchBltMode
SetBrushOrgEx
CreateDCA
CreateBrushIndirect
CreateSolidBrush
CreatePen
SetTextAlign
SetTextColor
SelectPalette
RealizePalette
StretchDIBits
SetPixelV
MoveToEx
LineTo
SetBkColor
TextOutA
SetROP2
SetBkMode
Ellipse

winmm

timeGetTime

oleaut32

OleLoadPicture

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

imagehlp

MakeSureDirectoryPathExists

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetModuleFileNameA
GetTempPathA
HeapDestroy
HeapReAlloc
FreeLibrary
GetProcAddress
HeapAlloc
LoadLibraryA
IsBadReadPtr
HeapFree
GetCurrentProcess
WriteProcessMemory
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
VirtualAlloc
VirtualFree
VirtualProtect
GetProcessHeap
CloseHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetSystemInfo
CreateFileA
GetFileSize
ReadFile
WriteFile
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
GetTickCount
WaitForSingleObject
Sleep
GetDriveTypeA
FindFirstFileA
FindClose
DeleteFileA
SetFileAttributesA
FindNextFileA
RemoveDirectoryA
SetFilePointer
GetLocalTime

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3.2MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e8e8ee018afe4ad9672ed9e52d842497

Headers

File Characteristics

Imports

crtdll

user32

gdi32

winmm

oleaut32

ole32

imagehlp

comctl32

kernel32

shell32

Sections

.text Size: 247KB - Virtual size: 247KB

.data Size: 3.2MB - Virtual size: 3.5MB

.rsrc Size: 2KB - Virtual size: 1KB

.flat Size: 1KB - Virtual size: 1KB

.text
Size: 247KB - Virtual size: 247KB

.data
Size: 3.2MB - Virtual size: 3.5MB

.rsrc
Size: 2KB - Virtual size: 1KB

.flat
Size: 1KB - Virtual size: 1KB