84a7a4b365b65a8f7fe67328009ec89e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

84a7a4b365b65a8f7fe67328009ec89e_JaffaCakes118
Size

345KB
MD5

84a7a4b365b65a8f7fe67328009ec89e
SHA1

cfc9fbb63086b6d28adcce028b87dba189706acd
SHA256

1431cec9867ecb57f8126c36625065d0436089c2bfc0ac68cd44da1960434988
SHA512

20c78c93aed8de31562da87c0157d52370651302342cdd8a5256fc73f4f983aa8e007462480b8e4de7a8278616089ec194c707173eef5fa2cd2d5ce1954c8e9e
SSDEEP

6144:+i7JE3UtklN7I5Ws0BNxh5TNKQTBd7+w7KWvda7fS0da:+qydNY0FTNKQTH7+w2Wvmq8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84a7a4b365b65a8f7fe67328009ec89e_JaffaCakes118

Files

84a7a4b365b65a8f7fe67328009ec89e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0b1d9407c25de43d3c2e5a4c32a5efe3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
floor
ceil
wcsncpy
_wcsnicmp
wcsncmp
_wcsdup
free
wcslen
wcscpy
wcscat
strlen
strcpy
strcat
memcmp
_stricmp
atoi
memcpy
fread
longjmp
_setjmp3
memmove
wcscmp
localtime
mktime
_itow
gmtime
fabs
malloc
fclose
abort
_snprintf
__p__iob
fprintf
_CIpow
strtod
_vsnwprintf
fmod
sin
cos
abs

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
MulDiv
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
CreateThread
HeapAlloc
HeapFree
LoadLibraryW
GetProcAddress
FreeLibrary
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
CreateFileW
ReadFile
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetTickCount
TlsAlloc
TlsSetValue
TlsGetValue
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
Sleep
HeapReAlloc
SetLastError
FindClose
FindFirstFileW
GetLastError
FindNextFileW
GetDriveTypeW
GetFileAttributesW
GetCurrentDirectoryW
CopyFileW
CreateDirectoryW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
MoveFileW
GetLocalTime
GetVersionExW
DeleteCriticalSection
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

comctl32

InitCommonControls
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

user32

GetWindowLongW
SetWindowLongW
SendMessageW
IsWindowVisible
SystemParametersInfoW
LoadCursorW
SetClassLongW
DestroyCursor
SetParent
GetDC
ReleaseDC
GetSysColor
DestroyWindow
UpdateLayeredWindow
CharLowerW
CharUpperW
MessageBoxW
GetWindowThreadProcessId
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
GetSysColorBrush
CreateWindowExW
SendMessageA
GetWindowRect
ScreenToClient
RedrawWindow
GetIconInfo
SetWindowPos
InvalidateRect
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateW
EndPaint
SetCapture
CallWindowProcW
GetSystemMetrics
ShowWindow
GetClientRect
FillRect
DefWindowProcW
RegisterClassExW
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetWindow
ValidateRect
GetParent
MapWindowPoints
InflateRect
GetPropW
GetWindowDC
RemovePropW
SetPropW
SetFocus
PeekMessageW
TranslateMessage
DispatchMessageW
MoveWindow
GetPropA
SetPropA
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
LoadIconW
RegisterClassW
AdjustWindowRectEx
GetActiveWindow
CreateAcceleratorTableW
GetMenu
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
GetCursorPos
SetTimer
GetFocus
EnumChildWindows
PostMessageW
DefFrameProcW
SetCursorPos
LoadImageW
SetCursor
GetKeyState
IsChild
GetClassNameW
EnumDisplaySettingsW
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
DrawIconEx

gdi32

DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
CreateCompatibleDC
SelectObject
DeleteDC
CreateDCW
CreateFontW
GetStockObject
SetBkColor
SetTextColor
GetObjectType
ExcludeClipRect
CreateSolidBrush
CreateCompatibleBitmap
StretchBlt
CreatePen
MoveToEx
LineTo
SetDIBits
BitBlt
GdiSetBatchLimit
GdiGetBatchLimit
CreateDIBSection
GetObjectA
GetDIBits
CreateBitmap
SetPixel
GetTextExtentPoint32W
SetBkMode
SetTextAlign
TextOutW
SetStretchBltMode
SetBrushOrgEx
GetPixel
GetTextMetricsW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

SysFreeString
VariantInit
DispGetParam
SysAllocString
VariantClear
SysStringLen

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteExW

shlwapi

PathIsDirectoryW

Sections

.code
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b1d9407c25de43d3c2e5a4c32a5efe3

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

advapi32

oleaut32

ole32

shell32

shlwapi

Sections

.code Size: 33KB - Virtual size: 32KB

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 93KB - Virtual size: 96KB

.rsrc Size: 32KB - Virtual size: 31KB

.code
Size: 33KB - Virtual size: 32KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 93KB - Virtual size: 96KB

.rsrc
Size: 32KB - Virtual size: 31KB