634a6ed8800625e1756596d2fd77c61e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

634a6ed8800625e1756596d2fd77c61e_JaffaCakes118
Size

2.8MB
MD5

634a6ed8800625e1756596d2fd77c61e
SHA1

1f4d819bb69158ef8293ce919b460524c32a8677
SHA256

f887a10f4e8ae67f87007f2500542d7209991fd00a88b138944fdbdf7787a874
SHA512

c3be5689c27076b59f35773b728f1375e96eae484f8deb9d5ed583f929cbfb20a126257384318bb745a74ce69f64f418024616d0f99fadde8723475c1cfc8ac9
SSDEEP

24576:msgafCR7W6U1Gh1fe66CCTqEhXgihyEPUUU5Dua6666X66CCTqEhXgihyEPUUU5J:ep9hxWVYhTdFyFL0v392SadiTU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
634a6ed8800625e1756596d2fd77c61e_JaffaCakes118

Files

634a6ed8800625e1756596d2fd77c61e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

11787f155bff119bee66539bc09ae40b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cncs232

ord64
ord24
ord19
ord18
ord32
ord81
ord56
ord176
ord158
ord206
ord57
ord6
ord23
ord36
ord2
ord33
ord179
ord186
ord151
ord149
ord3
ord105
ord193
ord200
ord335
ord336
ord191
ord188
ord363
ord366
ord334
ord390
ord340
ord375
ord387
ord187
ord199
ord108
ord55
ord338
ord374
ord120
ord196
ord195
ord89
ord165
ord435
ord189
ord192
ord154
ord90
ord313
ord312
ord311
ord351
ord350
ord411
ord410
ord305
ord307
ord308
ord352
ord333
ord310
ord303
ord349
ord361
ord409
ord348
ord408
ord392
ord347
ord407
ord391
ord16
ord94
ord92
ord93
ord109
ord163
ord91
ord140
ord52
ord168
ord138
ord162
ord132
ord107
ord133
ord129
ord414
ord385
ord71
ord78
ord77
ord76
ord61
ord125
ord79
ord70
ord69
ord60
ord62
ord98
ord75
ord34
ord35
ord12
ord68
ord48
ord150
ord346
ord54
ord115
ord169
ord143
ord50
ord65
ord116
ord66
ord177
ord80
ord106
ord171
ord173
ord172
ord112
ord113
ord114
ord86
ord160
ord30
ord29
ord117
ord118
ord119
ord111
ord95
ord88
ord96
ord161
ord83
ord67
ord170
ord412
ord103
ord156
ord372
ord299
ord178
ord174
ord58

winmm

joyGetPos

kernel32

ReadFile
WriteFile
SetFilePointer
CloseHandle
_lread
_lwrite
GetTickCount
lstrcpy
lstrcmp
lstrcat
lstrlen
GetCommandLineA
_hread
_llseek
lstrcpyA
lstrcatA
lstrcmpA
lstrcpynA
SetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
UnhandledExceptionFilter
RaiseException
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetStartupInfoA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
SetEnvironmentVariableA
DeleteFileA
HeapSize
HeapReAlloc
HeapCompact
HeapAlloc
HeapFree
RtlUnwind
FreeResource
FlushFileBuffers
CompareStringA
CompareStringW
GetLastError
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GlobalReAlloc
GlobalAlloc
lstrlenA
GetExitCodeProcess
CreateProcessA
GetTempPathA
GetTempFileNameA
GlobalDeleteAtom
GetVersion
GlobalAddAtomA
GlobalLock
GlobalUnlock
GlobalFree
_lopen
_lclose
SetErrorMode
RemoveDirectoryA
FreeLibrary
LoadLibraryA
GetProcAddress
GetModuleFileNameA
WinExec
LocalAlloc
LocalFree
FindResourceA
SizeofResource
LoadResource
FreeEnvironmentStringsA
LockResource
SetEndOfFile

user32

SetScrollRange
CreateWindowExA
UnionRect
GetSysColor
DrawFocusRect
SetRect
InvertRect
OemToCharA
GetCursorPos
ShowCursor
GetAsyncKeyState
GetActiveWindow
MapWindowPoints
SetPropA
RemovePropA
GetPropA
CallWindowProcA
DefWindowProcA
ReleaseCapture
SetCapture
IntersectRect
GetDesktopWindow
TranslateMessage
DispatchMessageA
UpdateWindow
WinHelpA
SetForegroundWindow
EnumThreadWindows
IsWindow
GetTopWindow
GetClassNameA
GetWindow
LoadIconA
LoadImageA
RegisterClassExA
RegisterClassA
OffsetRect
GetSystemMetrics
AdjustWindowRectEx
CopyRect
DestroyIcon
GetSubMenu
CreateIconIndirect
PostQuitMessage
GetUpdateRect
FillRect
SetScrollPos
DestroyWindow
GetFocus
SetFocus
SendMessageA
RedrawWindow
GetClientRect
IsIconic
EnableMenuItem
GetParent
GetDC
ScreenToClient
ReleaseDC
BeginPaint
EndPaint
ClientToScreen
PtInRect
MessageBoxA
SetWindowTextA
GetDlgItem
wsprintfA
MapVirtualKeyA
GetInputState
PeekMessageA
SetTimer
LoadStringA
SetDlgItemTextA
KillTimer
SetWindowLongA
SendDlgItemMessageA
GetWindowLongA
GetDlgItemTextA
EndDialog
GetKeyState
PostMessageA
IsZoomed
GetWindowRect
GetMenu
DestroyMenu
LoadMenuA
LoadMenuIndirectA
GetMenuItemCount
DeleteMenu
SetWindowPlacement
IsWindowVisible
ShowWindow
GetWindowPlacement
SetWindowPos
GetMenuState
CheckMenuItem
InvalidateRect
SetCursorPos

gdi32

DeleteObject
LineTo
MoveToEx
Rectangle
CreateHatchBrush
CreatePen
SelectPalette
RealizePalette
CreateSolidBrush
GetStockObject
SetDIBits
CreateCompatibleBitmap
CreateBitmap
CreatePalette
CreateFontIndirectA
GetObjectA
GetTextExtentPointA
GetCharWidthA
GetTextMetricsA
SetROP2
SetBkColor
SetTextColor
GetNearestPaletteIndex
SetBkMode
SetTextAlign
DPtoLP
TextOutA
Polygon
SetPolyFillMode
SelectClipRgn
CreateRectRgn
LPtoDP
SelectObject

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyA

shell32

DragQueryFileA
ShellExecuteA
DragAcceptFiles

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT_1
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11787f155bff119bee66539bc09ae40b

Headers

File Characteristics

Imports

cncs232

winmm

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 198KB - Virtual size: 198KB

TEXT_1 Size: 50KB - Virtual size: 49KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 27KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 13KB - Virtual size: 13KB

.reloc Size: 18KB - Virtual size: 18KB

.text
Size: 198KB - Virtual size: 198KB

TEXT_1
Size: 50KB - Virtual size: 49KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 27KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 18KB - Virtual size: 18KB