498ca1849b9cde0477a463083c20c5df_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

498ca1849b9cde0477a463083c20c5df_JaffaCakes118
Size

426KB
MD5

498ca1849b9cde0477a463083c20c5df
SHA1

c367106349eedb10b0a04d64ac56433a16db8ee4
SHA256

af8ee252538fcbed2a3bbbfabee3f3064e9708d872b06db378da2d1f809a96f6
SHA512

4df842d921c7eaa3d374fc872b1a90f664134d924682448d0592040f5d25056f905f849e375523e6bf7203f4d0a5345670289542fb869ed16489b45e467e066b
SSDEEP

6144:I2ipzrQWoCvppOnY2/45ya3mv3LkgJtc4Ek9qd0AAobzjhs3PLj:IzvQWoaenR/45ydVAASA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
498ca1849b9cde0477a463083c20c5df_JaffaCakes118

Files

498ca1849b9cde0477a463083c20c5df_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e69ddb52168e1522c7eb79fb8fbf8436

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutRestart
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveInClose
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveOutWrite
timeKillEvent
timeEndPeriod
timeGetDevCaps
midiInGetDevCapsA
midiInGetNumDevs
timeBeginPeriod
timeSetEvent
waveInGetNumDevs
waveOutGetDevCapsA
waveInGetDevCapsA
waveInStart
waveInReset
waveOutPause
waveOutUnprepareHeader
waveInUnprepareHeader
midiOutGetDevCapsA
midiOutGetNumDevs
midiInUnprepareHeader
waveOutGetNumDevs
midiOutClose
midiInClose
midiInReset
midiInMessage
midiInStart
midiInOpen
midiOutOpen
midiOutShortMsg
midiInAddBuffer
midiInPrepareHeader
midiOutLongMsg

niasio

ord4
ord8
ord1
ord3
ord2
ord10
ord5
ord6
ord7
ord9

mfc42

ord565
ord817
ord2723
ord2390
ord3741
ord2256
ord4337
ord5103
ord3059
ord4303
ord3350
ord5012
ord975
ord5472
ord5100
ord2879
ord4467
ord4151
ord6055
ord4077
ord3403
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord2649
ord1665
ord3798
ord4837
ord2878
ord2055
ord6376
ord3749
ord5065
ord1776
ord5252
ord2446
ord2124
ord5277
ord4627
ord4427
ord2648
ord2092
ord5484
ord4299
ord6199
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord5302
ord4698
ord5714
ord3401
ord3738
ord815
ord561
ord2621
ord6215
ord1727
ord3953
ord2725
ord4234
ord5265
ord4998
ord2514
ord6052
ord3623
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord641
ord324
ord2086
ord3092
ord4710
ord2645
ord4080
ord4078
ord5290
ord3402
ord567
ord1651
ord3663
ord2463
ord2575
ord4396
ord3574
ord609
ord4284
ord3610
ord656
ord3873
ord5981
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord3716
ord790
ord6111
ord6197
ord6380
ord4424
ord5678
ord289
ord4242
ord366
ord674
ord4457
ord2863
ord2864
ord4220
ord2584
ord3654
ord1644
ord2438
ord2455
ord326
ord2379
ord4622
ord3831
ord3079
ord3825
ord2976
ord3830
ord3353
ord3262
ord3081
ord2985
ord3259
ord3136
ord4465
ord5289
ord3147
ord2982
ord4079
ord5307
ord4699
ord5300
ord2726
ord5303
ord823
ord3346
ord2396
ord4853
ord825
ord4376
ord1146
ord613
ord1576
ord1168

msvcrt

_endthread
malloc
realloc
free
_CxxThrowException
strchr
strrchr
strstr
strncpy
tolower
_controlfp
_XcptFilter
vsprintf
rand
srand
rename
_ftol
_purecall
__RTDynamicCast
__CxxFrameHandler
_except_handler3
__p__commode
__set_app_type
__p__fmode
_initterm
_adjust_fdiv
__setusermatherr
exit
__getmainargs
_acmdln
_exit
strncmp
_setmbcp
_fcloseall
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
strtol
sscanf
sprintf

kernel32

GetProcAddress
GetStartupInfoA
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
ExitProcess
GetVersionExA
GetUserDefaultLCID
GetSystemInfo
TerminateThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetExitCodeThread
WaitForSingleObject
ResumeThread
GetLocalTime
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
ReadFile
GetLastError
GlobalLock
GlobalAlloc
LoadLibraryA
SetPriorityClass
GetCurrentProcess
Sleep
GetCurrentThread
GlobalFree
SetThreadPriority
GetCurrentThreadId
InitializeCriticalSection
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
FindClose
GetTempFileNameA
WinExec
FindFirstFileA
CreateFileA
CloseHandle
SetFilePointer
WriteFile
FreeLibrary

user32

PostThreadMessageA
SetTimer
KillTimer
GetKeyState
GetMessageA
MessageBoxA
PostQuitMessage
InvalidateRect
SetFocus
FindWindowExA
GetClientRect
GetWindowRect
PostMessageA
UpdateWindow
SendMessageA
LoadIconA
EnableWindow
GetDlgItem
RedrawWindow
GetSystemMetrics
GetMenu
GetParent
EnableMenuItem
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenu
LoadMenuA
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuA
AppendMenuA
DeleteMenu
GetMenuStringA
ModifyMenuA
CheckMenuItem
GetMenuState
ScreenToClient
SetCapture

gdi32

GetTextExtentPoint32A
SelectObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e69ddb52168e1522c7eb79fb8fbf8436

Headers

File Characteristics

Imports

winmm

niasio

mfc42

msvcrt

kernel32

user32

gdi32

comdlg32

advapi32

msvcp60

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 24KB - Virtual size: 25KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 24KB - Virtual size: 25KB

.rsrc
Size: 22KB - Virtual size: 22KB