87ce698df28e8cc7c0e04fc202043fcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87ce698df28e8cc7c0e04fc202043fcc_JaffaCakes118
Size

237KB
MD5

87ce698df28e8cc7c0e04fc202043fcc
SHA1

203d069e8bc8c657ac6962af67ed1e6f6d72f357
SHA256

8628ebeeddd532e106f2888d4389b0ad390e98ffe345f990b2b8bf0716b11af5
SHA512

8f8054879e6bba692e90c492850490f55e5cd6e46128583f4ac86419103774a2f1957108bff01479d1d4a08b7b8cf6fecf405ef688443e84b837214599081746
SSDEEP

6144:5Iy0QmMyzU9xqXJQgiAaNDs1xUNlwOg5b:pNm69xpgiA4DOebwz5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87ce698df28e8cc7c0e04fc202043fcc_JaffaCakes118

Files

87ce698df28e8cc7c0e04fc202043fcc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

79dc4be8477717e9f518d3b2406df2aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GlobalFindAtomA
GetEnvironmentVariableW
GetComputerNameA
GetCurrentDirectoryA
AddAtomW
GetProcessHeaps
lstrcat
CreateEventA
LocalAlloc
GetModuleFileNameW
QueryPerformanceCounter
QueryPerformanceFrequency
MoveFileW
GetMailslotInfo
SetEvent
GetExitCodeThread
GetTempPathW
WaitForSingleObject
FatalAppExitA
SetLocaleInfoA
SetCurrentDirectoryA
GetVersionExA
GetCurrentProcessId
FileTimeToDosDateTime
OpenMutexW
lstrcmpW
SetComputerNameW
LoadLibraryW
ReplaceFileW
FreeLibrary
IsValidLocale
IsValidCodePage
OpenSemaphoreW
ConnectNamedPipe
CompareFileTime
GetCalendarInfoA
OpenFile
GetTickCount
lstrcmpiA
GetLongPathNameA
EnumTimeFormatsA
CreatePipe
GetHandleInformation
WaitForMultipleObjects
LoadLibraryA
CreateMailslotA
GetExpandedNameA
LocalFree
GetShortPathNameA
WinExec
GetThreadPriority
SleepEx
Sleep
DeleteAtom

user32

SetTimer
LoadBitmapW
GetDCEx
RegisterClassExA
CreateMenu
CharUpperW
EmptyClipboard
SetParent
mouse_event
keybd_event
SetCapture
PostMessageA
RegisterClassA
OffsetRect
SendMessageW
CreateAcceleratorTableA
GetAsyncKeyState
GetWindowRgn
CharLowerA
wsprintfA
CharNextA
MoveWindow
wsprintfW
LoadIconW
GetMenuItemID
GetCapture
GetScrollPos
CharNextW
SetMenu
CreateDialogIndirectParamW
FindWindowW
GetKeyboardLayout
CopyRect
InsertMenuItemA
MessageBoxW
IsMenu
ShowCursor
SetForegroundWindow
wvsprintfW
GetClassInfoExA
SendDlgItemMessageW
SetDlgItemTextA
GetKeyState
GetTopWindow

gdi32

CreateBrushIndirect
CreateFontIndirectA
CreateScalableFontResourceA
CreateBitmapIndirect
GetTextExtentPointA
CreateEllipticRgn
GetMetaFileW
CreatePatternBrush
CreateICW
CreateFontA
CreatePalette
RemoveFontResourceExA
CreatePolyPolygonRgn
AddFontResourceA
DeleteObject
GetStockObject
TranslateCharsetInfo
CreateFontIndirectExW
SelectBrushLocal

shell32

StrCmpNW
ExtractIconEx
SHCreateDirectoryExW
SHCreateDirectoryExA
StrRStrW
Shell_NotifyIconW
ExtractAssociatedIconExW
ExtractIconW
StrStrA
SHBrowseForFolderA

shlwapi

PathRemoveExtensionW
IntlStrEqWorkerW
wvnsprintfW
UrlIsOpaqueW
PathCommonPrefixA
DllGetVersion
SHRegGetPathA
StrNCatW
PathIsDirectoryEmptyW
StrCmpNW
SHSetValueA
SHRegCreateUSKeyW
UrlGetLocationW
SHRegSetPathA
StrSpnW
StrRetToStrA
PathCombineW

oleaut32

VarI1FromR8
VarDateFromUdate
VarDecDiv
VarDecFromBool
VarDecInt
VarUI2FromR8
RegisterTypeLib
VarR8FromI1
VarI8FromR4
VarI1FromUI1

winmm

mmioInstallIOProcA
midiInGetID

Sections

.LjmjnO
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uht
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qWng
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HaJNhz
Size: 1KB - Virtual size: 483KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nq
Size: 5KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Smr
Size: 4KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.v
Size: 10KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aCqdLZ
Size: 2KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79dc4be8477717e9f518d3b2406df2aa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

oleaut32

winmm

Sections

.LjmjnO Size: 3KB - Virtual size: 3KB

.uht Size: 84KB - Virtual size: 83KB

.qWng Size: 13KB - Virtual size: 13KB

.HaJNhz Size: 1KB - Virtual size: 483KB

.nq Size: 5KB - Virtual size: 225KB

.Smr Size: 4KB - Virtual size: 49KB

.b Size: 85KB - Virtual size: 85KB

.v Size: 10KB - Virtual size: 121KB

.aCqdLZ Size: 2KB - Virtual size: 177KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 1024B

.LjmjnO
Size: 3KB - Virtual size: 3KB

.uht
Size: 84KB - Virtual size: 83KB

.qWng
Size: 13KB - Virtual size: 13KB

.HaJNhz
Size: 1KB - Virtual size: 483KB

.nq
Size: 5KB - Virtual size: 225KB

.Smr
Size: 4KB - Virtual size: 49KB

.b
Size: 85KB - Virtual size: 85KB

.v
Size: 10KB - Virtual size: 121KB

.aCqdLZ
Size: 2KB - Virtual size: 177KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 1024B