468b8f257ccf8a271dca661d2a2d435f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

468b8f257ccf8a271dca661d2a2d435f_JaffaCakes118
Size

373KB
MD5

468b8f257ccf8a271dca661d2a2d435f
SHA1

2ab5000a1b68e97c0d4f9a030fc36e27403a31b6
SHA256

5ae61c980b4c524b39d5cd88349d5baae99b1f0e19d02f76929c733fb80bc0aa
SHA512

b333d799163e441b0a7ed5981405eaab19b3cfd3369b6c1127e119ddef39d06a661ab42c21ac458f7336b662b76a08d28eee7d3b0375dd30890cd7d41e671229
SSDEEP

6144:2mfeqajaqAAZlXXlgV7lA65MfFFIVFYok5iWktrnuQ1LZOK9HAk:CPtlM7Cgi3R5iWeNLZ1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
468b8f257ccf8a271dca661d2a2d435f_JaffaCakes118

Files

468b8f257ccf8a271dca661d2a2d435f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1690b2b157a78be60aae2a170095427

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
TerminateThread
GetExitCodeThread
GetLastError
CreateMutexA
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrcmpiA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
MulDiv
FlushInstructionCache
GetCurrentProcess
CompareStringW
CompareStringA
SetStdHandle
FlushFileBuffers
LoadLibraryA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
SetFilePointer
ReadFile
GetProcAddress
WriteFile
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
DebugBreak
WaitForSingleObject
HeapSize
LCMapStringW
lstrcpynA
GlobalAlloc
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RaiseException
GetSystemTime
GetTimeZoneInformation
GetSystemTimeAsFileTime
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
TerminateProcess
CreateThread
WaitForMultipleObjects
GlobalUnlock
GlobalHandle
GlobalLock
QueryPerformanceCounter
Sleep
SetEvent
ResetEvent
WinExec
CloseHandle
InterlockedIncrement
GetModuleFileNameA
lstrlenA
GetCurrentThreadId
SetEnvironmentVariableA
OutputDebugStringA
EnterCriticalSection
lstrcpyW
lstrcpyA
lstrcmpA
LeaveCriticalSection
GetLocalTime
LCMapStringA
GetTickCount
ReleaseMutex
CreateEventA
InterlockedDecrement
FreeEnvironmentStringsA
UnhandledExceptionFilter

user32

EndPaint
CallWindowProcA
RedrawWindow
FillRect
GetSubMenu
TranslateMessage
GetMessageA
DispatchMessageA
GetFocus
DrawFocusRect
LoadMenuA
TrackPopupMenuEx
SetWindowTextA
SetFocus
PeekMessageA
wvsprintfA
CharNextA
ShowWindow
SetTimer
GetDlgItem
SetWindowPos
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
GetParent
GetWindowLongA
SendMessageA
IsWindowVisible
IsWindow
BringWindowToTop
EnableWindow
CheckDlgButton
GetAsyncKeyState
DrawTextA
OffsetRect
GetClassNameA
CreateCursor
GetWindowTextA
GetWindowTextLengthA
DestroyWindow
IsDlgButtonChecked
GetSystemMetrics
ReleaseDC
GetDC
SetDlgItemTextA
LoadStringA
ScreenToClient
IsDialogMessageA
SetForegroundWindow
LoadImageA
PostQuitMessage
KillTimer
SetMenuDefaultItem
DestroyMenu
GetMenuItemID
FindWindowA
DialogBoxParamA
GetActiveWindow
EndDialog
IsChild
FindWindowExA
DefWindowProcA
SetRectEmpty
DestroyCursor
PostMessageA
GetCursorPos
ReleaseCapture
BeginPaint
GetCapture
SetCapture
SetWindowLongA
CreateWindowExA
DestroyIcon
RegisterWindowMessageA
PtInRect
InvalidateRect
CreateDialogParamA
SetCursor

gdi32

SetTextColor
GetObjectA
SetBkMode
CreateCompatibleDC
SelectObject
CreateFontIndirectA
DeleteDC
DeleteObject
GetTextExtentPoint32A

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoCreateGuid
CoUninitialize
CoInitialize
CoCreateInstance
CoInitializeEx

comctl32

InitCommonControlsEx

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

winmm

waveInStart
waveInGetNumDevs
waveInAddBuffer
waveInPrepareHeader
waveInOpen
waveInClose
waveInUnprepareHeader
waveInReset
waveOutGetDevCapsA
waveOutWrite
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose
waveOutUnprepareHeader
waveOutReset
waveOutGetVolume
waveOutSetVolume
waveInGetDevCapsA

dsound

ord1
ord2

dinput

DirectInputCreateA

wsock32

send
socket
htons
sendto
recv
ntohs
recvfrom
listen
setsockopt
ioctlsocket
gethostbyname
gethostname
inet_addr
connect
getpeername
getsockname
accept
__WSAFDIsSet
select
htonl
ntohl
WSAStartup
WSACleanup
inet_ntoa
shutdown
WSAGetLastError
bind
closesocket

Sections

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 249KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e1690b2b157a78be60aae2a170095427

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

winmm

dsound

dinput

wsock32

Sections

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 249KB - Virtual size: 300KB

.rsrc Size: 107KB - Virtual size: 108KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 249KB - Virtual size: 300KB

.rsrc
Size: 107KB - Virtual size: 108KB