7648c982d7f1167c095f9d2ebaf9856f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7648c982d7f1167c095f9d2ebaf9856f_JaffaCakes118
Size

452KB
MD5

7648c982d7f1167c095f9d2ebaf9856f
SHA1

4c953acee14726edf617b033e61851b7235856dc
SHA256

d56c993dfd5c806d59465a61565bd770841dc74e00e8024a661f05f7a7de7a96
SHA512

f6a73044ade1eb22acd7952b6977b47542410882da08495551444f2b6134dd7b25629f62ea2a8d57b2313d534519a7a73a4a1799545bf56a21827d7f14653cc9
SSDEEP

3072:ETkd5D9btK0vx/C37hjgzk1AEWyUizbODFZjOOu+axoe7t9ccoWtIixpg7t+UVf6:FD5x/C9jh1LWzJFUF7mjpC8faw4MK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7648c982d7f1167c095f9d2ebaf9856f_JaffaCakes118

Files

7648c982d7f1167c095f9d2ebaf9856f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8afa2d0104fc77379cd01d969bb0b7f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA

kernel32

HeapAlloc
HeapFree
RaiseException
ExitProcess
TerminateProcess
HeapSize
HeapReAlloc
GetACP
SetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
GlobalFree
VirtualFree
GetTimeZoneInformation
GetCommandLineA
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
SetErrorMode
GetSystemTimeAsFileTime
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
FindClose
GetVolumeInformationA
FindFirstFileA
SetEndOfFile
FlushFileBuffers
UnlockFile
LockFile
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
GetProcessVersion
GetOEMCP
GetCPInfo
LocalReAlloc
TlsGetValue
TlsFree
TlsSetValue
GlobalReAlloc
GlobalFlags
GlobalHandle
TlsAlloc
VirtualAlloc
GetCurrentThread
GetModuleFileNameA
lstrcpyA
GlobalAlloc
DeleteCriticalSection
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LocalAlloc
GetLastError
lstrcpynA
WaitForSingleObject
CloseHandle
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
MultiByteToWideChar
FormatMessageA
LocalFree
InterlockedIncrement
WideCharToMultiByte
lstrlenA
GetVersion
LoadLibraryA
FreeLibrary
IsBadWritePtr
lstrcatA
SetUnhandledExceptionFilter
HeapCreate
LockResource
MulDiv
SetLastError
GetProcAddress
GetModuleHandleA
FindResourceA
GlobalUnlock
GlobalLock
InterlockedDecrement
LoadResource

user32

SetDlgItemTextA
IsDialogMessageA
SetWindowTextA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
ShowWindow
wvsprintfA
ReleaseCapture
GetCursorPos
SetCursor
GetDesktopWindow
WindowFromPoint
GetMessageA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
DestroyMenu
LoadMenuA
LoadCursorA
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
LoadStringA
SetMenu
PostQuitMessage
ShowOwnedPopups
GetClassNameA
GetSysColorBrush
CharUpperA
IsWindowVisible
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
ValidateRect
CopyRect
GetMenuItemID
GetWindowTextA
GetKeyState
DefWindowProcA
CreateWindowExA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetNextDlgTabItem
EndDialog
GetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
UnhookWindowsHookEx
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
ScreenToClient
GetDlgCtrlID
LoadIconA
UpdateWindow
RegisterWindowMessageA
MessageBoxA
InvalidateRect
SetActiveWindow
KillTimer
SetTimer
GetSystemMetrics
PtInRect
DispatchMessageA
PeekMessageA
TranslateMessage
SetRect
EnableWindow
SendMessageA
LoadBitmapA
MapWindowPoints
GetSysColor
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
EndDeferWindowPos
GetClientRect
BeginDeferWindowPos
PostMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetMenuItemCount
GetSubMenu
SetWindowsHookExA
CallWindowProcA
DeferWindowPos
UnregisterClassA

gdi32

PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
BitBlt
SelectObject
GetStockObject
DeleteDC
RoundRect
RestoreDC
SaveDC
SetBkColor
SetTextColor
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
GetObjectA
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragFinish
FindExecutableA
ShellExecuteA
DragQueryFileA

comctl32

ord17

wsock32

sendto
recvfrom
socket
inet_ntoa
connect
WSAAsyncSelect
send
recv
gethostbyname
closesocket
htonl
htons
ioctlsocket
accept
getsockname
ntohs
inet_addr
WSASetLastError
WSAStartup
WSACleanup
WSAGetLastError
bind

wininet

InternetCloseHandle
InternetOpenUrlA
InternetGetLastResponseInfoA
InternetReadFile
InternetCanonicalizeUrlA
InternetQueryDataAvailable
InternetCrackUrlA
InternetQueryOptionA
InternetOpenA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ani
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8afa2d0104fc77379cd01d969bb0b7f3

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

wininet

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 220KB - Virtual size: 218KB

.ani Size: 28KB - Virtual size: 28KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 220KB - Virtual size: 218KB

.ani
Size: 28KB - Virtual size: 28KB