87dde30126fbbbbd4cfaaf8c662c78fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87dde30126fbbbbd4cfaaf8c662c78fa_JaffaCakes118
Size

64KB
MD5

87dde30126fbbbbd4cfaaf8c662c78fa
SHA1

99c179e2d2c905bb82048198e72753dc29bf7710
SHA256

40024878d773c849957e87b5d6eeca7598448af06195d1df88aa8be93f8c1e01
SHA512

d1a97e16f00509153231161b20982dcf2966d8a09f80a8eb90c0be631e1fe261c7b662f5605144039682587166bdc6150bac59547e6dd622d49120e1f29f4c65
SSDEEP

1536:68OT5Dbk68OuTToOaVtet9NmAQO3GZOo1bgfiOu:6/sIOaVYo83GEomiOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87dde30126fbbbbd4cfaaf8c662c78fa_JaffaCakes118

Files

87dde30126fbbbbd4cfaaf8c662c78fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e12afb73cf03655c07c0ba4f85523064

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wcsdup
calloc
iswctype
__getmainargs
_fileno
strstr
_wcslwr
swprintf
_onexit
wcscmp
exit
__badioinfo
wcstombs
_strnicmp
_itow
_snwprintf
_iob
mbstowcs
_ltoa
wcscspn
strchr
_c_exit
_CIacos
_vsnprintf
wcstok
wcsncpy
wcsstr
ceil
_wtol
_wcsnicmp
isalnum
isxdigit
_unlock
_initterm
??0exception@@QAE@ABV0@@Z
fclose
memset
printf

user32

CreatePopupMenu
CallWindowProcA
RegisterClassExA
LoadStringA
RedrawWindow
GetWindowDC
GetSubMenu
CharPrevA
SetRect
GetSysColorBrush
RegisterWindowMessageW
LoadIconA
LoadCursorW
GetWindowTextW
SetFocus
CharNextW
TrackPopupMenu
DestroyWindow
CharNextA
GetCursorPos
CharPrevW
PostMessageA
CheckRadioButton
SendMessageA
SetWindowLongA
DrawTextA
SetCapture
GetProcessWindowStation
IsWindow
GetCapture
GetMessageA
GetMenuItemCount
GetWindow
MessageBoxW
GetDesktopWindow
SetDlgItemTextA
GetSystemMenu
SetDlgItemTextW
CreateDialogParamW
GetSystemMetrics
SendDlgItemMessageW
GetClassNameW
ReleaseCapture
SendMessageW
LoadIconW

kernel32

GetWindowsDirectoryA
IsDBCSLeadByte
SetFilePointer
GetLocaleInfoW
IsDebuggerPresent
GetModuleHandleA
HeapAlloc
GetFileAttributesA
Sleep
LocalFree
GetExitCodeProcess
GetFileSize
CreateThread
CreateFileA
lstrcmpW
GetCPInfo
ExitProcess
HeapSize
InterlockedExchange
GlobalLock
GetModuleFileNameA
GetModuleHandleW
lstrcmpiA
OutputDebugStringA
GetTickCount
GetCurrentDirectoryW
CreateDirectoryW
WaitForMultipleObjects
GetExitCodeThread
GetCommandLineW
OpenEventW
GetCommandLineA
VirtualAlloc
InitializeCriticalSection
GetUserDefaultLCID
GetConsoleMode
GetLocaleInfoA
GetSystemTimeAsFileTime
WaitForSingleObject
FreeEnvironmentStringsW
WriteFile
FileTimeToLocalFileTime
GetCurrentProcess
FindResourceA
GetComputerNameW
LocalAlloc
SetHandleCount
IsBadReadPtr
MulDiv
FlushFileBuffers
LCMapStringW
GetThreadTimes
GetCurrentThreadId
OutputDebugStringW
InterlockedDecrement
SetFileAttributesW
InitializeCriticalSectionAndSpinCount
RaiseException
TlsGetValue
CreateDirectoryA
RtlUnwind
QueryPerformanceCounter
VirtualQuery
OpenMutexW
ReadFile
EnterCriticalSection
GetProcessHeap
GlobalAlloc
SetLastError
FormatMessageA
lstrcatA
TlsFree
TlsAlloc
GetACP

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 512B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e12afb73cf03655c07c0ba4f85523064

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 4KB - Virtual size: 4KB

BSS Size: 512B - Virtual size: 2.9MB

BSS Size: 4.9MB - Virtual size: 4.9MB

.tls Size: - Virtual size: 20KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB

BSS
Size: 512B - Virtual size: 2.9MB

BSS
Size: 4.9MB - Virtual size: 4.9MB

.tls
Size: - Virtual size: 20KB

.rsrc
Size: 17KB - Virtual size: 16KB