67cfc98f7fc9e9cf66b66c35b79f55cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67cfc98f7fc9e9cf66b66c35b79f55cd_JaffaCakes118
Size

173KB
MD5

67cfc98f7fc9e9cf66b66c35b79f55cd
SHA1

c0b011e61b65059ade4db0dc32537df4a850ec8c
SHA256

99e732c37390fce76230beb82b94a0dfb0b88050f77d492839b5edade3f8a336
SHA512

659e62d4557fd2fed5a82b13e8df18f3a0fbe3e1ed764d5f14484e8dfeb0b48d41abec06e48b918d1d5822024f8fd374ac3f33f1c74a2f7290dca88a89ed1bd5
SSDEEP

3072:Jv8BajiCOq5gay4wPWXCros0rDawJB8zFRRvihNYQvntLzVcokH6NRdU:JkBaGRay4wPWX+os0JJB8zFR9GNvZVC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67cfc98f7fc9e9cf66b66c35b79f55cd_JaffaCakes118

Files

67cfc98f7fc9e9cf66b66c35b79f55cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

187dbed60c49286bd310a5ee28e8f8c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsW
GetExpandedNameW
LoadResource
lstrcpy
lstrcmpi
GetCurrentDirectoryA
GetTickCount
SleepEx
GetEnvironmentStringsW
LoadLibraryExA
GetFullPathNameA
OpenEventA
GetShortPathNameW
OpenMutexW
GetDateFormatW
IsBadStringPtrA
GetVersionExW
GetCPInfo
SetCalendarInfoW
GetProcAddress
GetDiskFreeSpaceW
Sleep
CreateNamedPipeA
GetTempFileNameW
GetSystemDirectoryW
GetNumberFormatA
CopyFileA
EnumCalendarInfoA
Beep
SearchPathW
GetTempPathW
LocalAlloc
GetModuleFileNameW
lstrlenW
AddAtomA
OpenSemaphoreA
OpenWaitableTimerW
lstrcpyn
FileTimeToLocalFileTime
SystemTimeToFileTime
GetAtomNameA
TlsAlloc
GetShortPathNameA
ReadDirectoryChangesW
CompareFileTime
MoveFileA
ExitProcess
GetCurrentProcessId
SetCurrentDirectoryW
IsBadStringPtrW
GetModuleHandleA
GetVersionExA
GetNumberFormatW
lstrcmpiW
GetLocalTime
IsDebuggerPresent
GlobalDeleteAtom
GetComputerNameA
GetLastError
AddAtomW
lstrcmpA
CreateMutexA
SetErrorMode
CreateDirectoryW
GetTimeFormatW
GetTempPathA
CreateMutexW
FindAtomA
GetMailslotInfo

user32

DefWindowProcA
GetDlgItemInt
GetMenuStringA
RegisterWindowMessageA
SetWindowLongW
RegisterClassW
IsDlgButtonChecked
GetKeyboardType
SetForegroundWindow
UnregisterClassA
LoadCursorW
DialogBoxParamA
SetWindowPos
InvalidateRgn
CreatePopupMenu
LoadBitmapW
GetIconInfo
MessageBoxIndirectA
SetCursor
InsertMenuItemA
DestroyMenu
UnregisterClassW
GetMenuState
UpdateLayeredWindow
FindWindowA
CreateDialogIndirectParamA
GetSubMenu
CreateDialogIndirectParamW
EnumWindows
GetAsyncKeyState
CheckMenuItem
IsChild
GetMenu
PostMessageA
LoadIconA
SetDlgItemTextA
MoveWindow
SetActiveWindow
DefWindowProcW
CopyIcon
PostMessageW
MessageBoxW
DestroyIcon
SetTimer
GetDlgItemTextW
GetScrollPos
CharLowerW
GetCursorPos
TrackPopupMenuEx
CreateDesktopW
CreateAcceleratorTableW
SetParent
GetKeyboardLayout
SetCapture
GetTopWindow
CharNextW
OpenClipboard
GetMenuItemRect
CharUpperW
GetKeyState
CopyRect
CreateAcceleratorTableA
GetClassInfoA
FindWindowW
mouse_event
GetClassInfoW
DestroyCursor
SendMessageW
LoadCursorA
SetMenu
SetDlgItemTextW
GetDesktopWindow
GetMenuItemInfoA
GetClassInfoExW
DialogBoxParamW
LoadIconW
CharLowerA
wvsprintfA
keybd_event
AppendMenuW
SetWindowRgn
SendDlgItemMessageW
IsIconic
LoadImageW
GetSysColorBrush
GetWindowRgn

gdi32

GetTextExtentPointA
DeleteObject
GetRasterizerCaps
CreateCompatibleDC
CreatePatternBrush
CreateICW
CreateICA
SelectBrushLocal
UpdateICMRegKeyW
CreateColorSpaceA
CreateEllipticRgn
SetWinMetaFileBits
CreateDIBPatternBrushPt
CreateFontA
StretchDIBits
CreateFontIndirectExA
CreatePolygonRgn
RemoveFontResourceExW
GetEnhMetaFileA
SetMetaFileBitsEx
RemoveFontResourceA
CreateFontIndirectW
CreateRectRgn
GetTextExtentPointW

shell32

ShellExecuteA
StrNCmpIW
ExtractIconExW
Shell_NotifyIconA
StrChrIW
Shell_NotifyIcon
SHGetFolderLocation
ExtractIconExA
SHCreateDirectoryExW
StrChrA
ShellExecuteEx
DuplicateIcon

ole32

OleLoad
CoGetInstanceFromFile
CoDeactivateObject
StringFromCLSID
CoDosDateTimeToFileTime
CoGetDefaultContext
CreateFileMoniker
CoCreateInstance
OleUninitialize
CoCreateInstanceEx

mprapi

MprConfigGetGuidName
MprConfigServerGetInfo
MprConfigInterfaceGetInfo
MprAdminInterfaceSetCredentials
MprAdminUserClose
MprAdminUserOpen

sqlunirl

_RegisterEventSource_@8
_GetProfileInt_@12
_MessageBoxIndirect_@4
_GetVolumeInformation_@32
_GetKerningPairs_@12
_RegEnumKey_@16
_RegisterWindowMessage_@4
_CopyFile_@12

Sections

.R
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pwkpw
Size: 3KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.azRoIP
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.l
Size: 4KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CqF
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.G
Size: 5KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.swFZ
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Fb
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.YUMJ
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NzB
Size: 15KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.OrQA
Size: 3KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

187dbed60c49286bd310a5ee28e8f8c7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

mprapi

sqlunirl

Sections

.R Size: 8KB - Virtual size: 7KB

.pwkpw Size: 3KB - Virtual size: 333KB

.azRoIP Size: 88KB - Virtual size: 88KB

.l Size: 4KB - Virtual size: 182KB

.CqF Size: 4KB - Virtual size: 132KB

.G Size: 5KB - Virtual size: 291KB

.swFZ Size: 12KB - Virtual size: 12KB

.Fb Size: 6KB - Virtual size: 18KB

.YUMJ Size: 91KB - Virtual size: 90KB

.NzB Size: 15KB - Virtual size: 229KB

.OrQA Size: 3KB - Virtual size: 27KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.R
Size: 8KB - Virtual size: 7KB

.pwkpw
Size: 3KB - Virtual size: 333KB

.azRoIP
Size: 88KB - Virtual size: 88KB

.l
Size: 4KB - Virtual size: 182KB

.CqF
Size: 4KB - Virtual size: 132KB

.G
Size: 5KB - Virtual size: 291KB

.swFZ
Size: 12KB - Virtual size: 12KB

.Fb
Size: 6KB - Virtual size: 18KB

.YUMJ
Size: 91KB - Virtual size: 90KB

.NzB
Size: 15KB - Virtual size: 229KB

.OrQA
Size: 3KB - Virtual size: 27KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB