70b04a4131f59516166ec2cf6a88f5e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70b04a4131f59516166ec2cf6a88f5e5_JaffaCakes118
Size

500KB
MD5

70b04a4131f59516166ec2cf6a88f5e5
SHA1

34c862b72fc1548cbc3b5c9c53d5209a117ffe2f
SHA256

d5c035cac048c1b4ccd77ede30b2595eb7aa10d7071ca513949b40e2362264f7
SHA512

eb50e9d193441b0d740a758828af13ab23c0fafbf14b2040e2bf860ad7955525f20abd4d28211d2b6c59e37f66974e46295fa80595e738659774758db3b6f020
SSDEEP

12288:wCZiCPyV/Lu77zkk2IDFG4ACLZL9Fh6LtNkjOQbF:wCsCPK2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70b04a4131f59516166ec2cf6a88f5e5_JaffaCakes118

Files

70b04a4131f59516166ec2cf6a88f5e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5320abe209f936fefcb45ac7c07c2f45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetVersionExA
GetVersion
ExitProcess
GetACP
GetExitCodeProcess
WaitForSingleObject
GetWindowsDirectoryA
SetCurrentDirectoryA
CreateProcessA
CreateDirectoryA
SetConsoleTitleA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
VirtualAlloc
VirtualFree
AllocConsole
GetLocalTime
GetUserDefaultLangID
GetProcAddress
ReadFile
SetEndOfFile
SetLocalTime
WritePrivateProfileStringA
RemoveDirectoryA
FindClose
GetVolumeInformationA
GetLogicalDrives
FindFirstFileA
CopyFileA
MoveFileA
GlobalFree
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetDriveTypeA
QueryPerformanceCounter
QueryPerformanceFrequency
FindNextFileA
GetPrivateProfileStringA
FindResourceA
GetModuleFileNameA
GetCommandLineA
LockResource
SizeofResource
LoadResource
FreeLibrary
LoadLibraryA
SetFilePointer
SetFileTime
SetFileAttributesA
GetFileAttributesA
GetFileSize
GetDiskFreeSpaceA
GetStdHandle
MultiByteToWideChar
lstrlenW
CloseHandle
CompareStringA
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
SetVolumeLabelA
GetFullPathNameA
FreeConsole
WideCharToMultiByte
DeleteFileA
WriteFile
CreateFileA
lstrlenA
RaiseException

user32

FillRect
GetCursorPos
PostQuitMessage
DefWindowProcA
MessageBoxA
UpdateWindow
DrawTextA
InvalidateRect
EnableWindow
SetScrollInfo
DestroyWindow
CharToOemBuffA
OemToCharBuffA
IsIconic
EndPaint
BeginPaint
SetKeyboardState
GetKeyboardState
PeekMessageA
DispatchMessageA
TranslateMessage
IsDialogMessageA
GetMessageA
KillTimer
SetTimer
SetWindowPlacement
GetWindowPlacement
SetCursor
SetCursorPos
SendMessageA
GetClientRect
EnumDisplaySettingsA
GetSysColor
SetScrollPos
LoadCursorA
RegisterClassA
CreateWindowExA
SetWindowLongA
ShowWindow
GetClassNameA
GetWindowRect
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
GetForegroundWindow
GetSystemMetrics
LoadKeyboardLayoutA
GetDC
ReleaseDC
GetDlgItem
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
CharLowerA
CharUpperA
CreateCursor
DestroyIcon
DestroyCursor
IsWindow
GetWindow
GetWindowLongA
RegisterWindowMessageA
ScreenToClient
GetKeyState
GetAsyncKeyState
ClientToScreen
MoveWindow
LoadIconA
IsZoomed
ShowCursor
EndDialog
DialogBoxParamA
SetFocus
GetFocus
AdjustWindowRectEx
ChangeDisplaySettingsA

gdi32

RealizePalette
DeleteObject
GetDeviceCaps
CreatePalette
CreateSolidBrush
SetBkColor
SetTextColor
StretchDIBits
SelectPalette
CreateFontA
DeleteDC
SetStretchBltMode
TextOutA
GetTextExtentPoint32A
GetDIBits
CreateCompatibleDC
CreateBitmap
SelectObject
CreateCompatibleBitmap
CreateDCA
BitBlt
EndPage
StartPage
EndDoc
EnumFontFamiliesA
StartDocA
GetStockObject

msacm32

acmStreamOpen
acmFormatSuggest
acmStreamClose
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader

winmm

waveOutRestart
waveOutWrite
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
joyGetDevCapsA
mciSendCommandA
waveOutPause
waveOutGetPosition
waveOutOpen
joyGetPos
waveOutClose
timeGetTime

comdlg32

GetSaveFileNameA
FindTextA
GetOpenFileNameA
PrintDlgA

comctl32

ord17
ord6

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.petprg
Size: 1017KB - Virtual size: 1016KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5320abe209f936fefcb45ac7c07c2f45

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msacm32

winmm

comdlg32

comctl32

advapi32

shell32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 32KB - Virtual size: 31KB

.petprg Size: 1017KB - Virtual size: 1016KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 32KB - Virtual size: 31KB

.petprg
Size: 1017KB - Virtual size: 1016KB