8242a851d6a865e9f17784b7d2d7793d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8242a851d6a865e9f17784b7d2d7793d_JaffaCakes118
Size

210KB
MD5

8242a851d6a865e9f17784b7d2d7793d
SHA1

c34645294f478edd0e266b924e9616d40ebe4b83
SHA256

f9bb4c097ac2fa1507eced97974e2007b72ffa493a3ee813f099b56c0e665559
SHA512

37cd05242adcbb118ba90e0ed13bd40323b7af751f0f286170127a34988344bc4981b4a8856784a597ef42251bb187b6d00ed593cbeb84e2b46e62a5744740e5
SSDEEP

3072:OB9RkGaGrt9tyTND64eOWItCrfmaoKwwwwwyfcf5n:OdHIDjeOWItITA5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8242a851d6a865e9f17784b7d2d7793d_JaffaCakes118

Files

8242a851d6a865e9f17784b7d2d7793d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8f575029faa81957f57011ed709aff67

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

comctl32

ord17
ord6
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create

user32

ChildWindowFromPoint
InvalidateRect
SendMessageA
GetClientRect
GetScrollPos
GetWindowLongA
CreateWindowExA
GetParent
SetDlgItemTextA
EndDeferWindowPos
EndDialog
GetWindowRect
GetSysColor
SystemParametersInfoA
GetSystemMetrics
GetDC
ReleaseDC
SetWindowPos
LoadCursorA
CallWindowProcA
SetCursorPos
ClientToScreen
GetCursorPos
SetForegroundWindow
LoadImageA
DefWindowProcA
PostQuitMessage
UpdateWindow
GetMenuState
DialogBoxParamA
GetMenuStringA
CheckMenuItem
GetMenu
SetWindowLongA
RegisterHotKey
FindWindowA
RegisterClassExA
CreateDialogParamA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
BeginPaint
DrawFrameControl
EndPaint
IsZoomed
PtInRect
GetClassNameA
DeferWindowPos
BeginDeferWindowPos
EnumChildWindows
ShowWindow
SetCursor
SetDlgItemInt
CheckDlgButton
CheckRadioButton
GetDlgItemInt
IsDlgButtonChecked
SetWindowTextA
ScreenToClient
GetSysColorBrush
LoadIconA
DestroyIcon
LoadBitmapA
MessageBoxA
GetDlgItem

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

gdi32

GetDeviceCaps
CreateFontIndirectA
DeleteObject
GetStockObject
SetBkMode
GetObjectA
GetTextExtentPoint32A
SetTextColor
SelectObject

ws2_32

ntohs
bind
WSAStartup
WSACleanup
ntohl
recvfrom
inet_ntoa
sendto
inet_addr
closesocket
socket
WSAGetLastError
htons

shell32

Shell_NotifyIconA
CommandLineToArgvW
ShellExecuteA

comdlg32

GetSaveFileNameA

ole32

OleInitialize

msvcr90

realloc
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
_mktime64
strncpy
strftime
strncmp
free
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
??2@YAPAXI@Z
??0exception@std@@QAE@XZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
_invalid_parameter_noinfo
??3@YAXPAX@Z
strstr
sscanf
_stricmp
atoi
strcmp
strcat
_beginthread
_time64
_localtime64
strcpy
fopen
fprintf
fclose
__CxxFrameHandler3
memset
sprintf
_vsnprintf
strlen
_controlfp_s

kernel32

TerminateProcess
GetCurrentProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
LoadLibraryA
GetProcAddress
ExpandEnvironmentStringsA
GetCommandLineW
LocalFree
GlobalAddAtomA
GetLastError
lstrcpyA
GetModuleFileNameA
GetVersion
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
OutputDebugStringA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStartupInfoA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f575029faa81957f57011ed709aff67

Headers

DLL Characteristics

File Characteristics

Imports

msvcp90

comctl32

user32

advapi32

gdi32

ws2_32

shell32

comdlg32

ole32

msvcr90

kernel32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 144KB - Virtual size: 143KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 144KB - Virtual size: 143KB