85036e2a5d5d333cfd42fbb8c2b102b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85036e2a5d5d333cfd42fbb8c2b102b4_JaffaCakes118
Size

342KB
MD5

85036e2a5d5d333cfd42fbb8c2b102b4
SHA1

b76c49516e1ae006b2cabe6eaa101d95042938d9
SHA256

f25df2802c40d6d9a46a6867e27395cf62a27d2ec642731c9dbc8e32a32d2f05
SHA512

b68620c8f32fd03a8051428fdca6597c70e027a42cf7de91590b61b7687c0fd865848f1842dcaa4a69daa0f12fa501a8da050e9c8a63575344a26dbf20b88b55
SSDEEP

6144:X952RINRVzPi/15c8mMMed2/DHIetim9XHOh/JxGeed/p68UI00:tHx7i/TJMnoetLOhG1U8UI00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85036e2a5d5d333cfd42fbb8c2b102b4_JaffaCakes118

Files

85036e2a5d5d333cfd42fbb8c2b102b4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

47068a0142e4d3cce4d4d67d6ff76cef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wtol
_wsplitpath
_CxxThrowException
??2@YAPAXI@Z
malloc
realloc
__CxxFrameHandler
wcstok
??3@YAXPAX@Z
vswprintf
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_adjust_fdiv
_initterm
free
_purecall
_wopen
strlen
_errno
_snwprintf
wcscmp
_close
_wtoi
wcscat
wcslen
wcschr
wcscpy
_write

iphlpapi

GetAdaptersInfo
GetIpAddrTable

winmm

mixerGetControlDetailsA
timeGetTime

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder

gdi32

CreatePen
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
CreateBrushIndirect
CreateCompatibleDC
SaveDC
DeleteObject
ExtCreatePen
LPtoDP
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
GetPixel
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
DeleteDC
RestoreDC
CreateCompatibleBitmap
Rectangle
BitBlt
SetTextAlign
GetStockObject
TextOutW

user32

CallWindowProcW
GetWindowLongW
SetWindowLongW
IntersectRect
EqualRect
OffsetRect
LoadBitmapA
LoadIconA
SetWindowRgn
RegisterClassExA
SetTimer
GetDC
GetClipboardOwner
ReleaseDC
UnionRect
PtInRect
GetDoubleClickTime
SetFocus
DefWindowProcW
DestroyWindow
TranslateMessage
MapVirtualKeyW
GetWindowRect
DefWindowProcA
GetParent
CreateWindowExA
GetForegroundWindow
ShowWindow
GetCursor
GetProcessDefaultLayout
GetActiveWindow
CreateWindowExW
GetClassInfoExW
LoadCursorW
LoadCursorA
SendMessageA
wsprintfW
RegisterClassExW
GetFocus
IsChild
BeginPaint
GetClipboardViewer
EndPaint
wsprintfA
GetCaretBlinkTime
UnregisterClassA
CharNextW
KillTimer
PostMessageW
GetClientRect
MoveWindow
InvalidateRect
DestroyAcceleratorTable
GetCapture
GetSysColor
GetKeyState
LoadStringW
SetWindowPos
IsWindow

kernel32

OutputDebugStringW
SetCurrentDirectoryA
GetSystemDirectoryW
GetThreadLocale
LCMapStringW
CreateEventW
SetFilePointer
CreateThread
FindClose
GetAtomNameA
GetModuleHandleA
GetComputerNameExW
SetEvent
WideCharToMultiByte
CreateMutexW
WaitForSingleObject
GetVersionExA
CloseHandle
ExitThread
GetACP
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GetStdHandle
FindResourceA
GetCommandLineW
GlobalUnlock
GetShortPathNameW
LoadLibraryExW
GetLastError
FindResourceW
GetComputerNameW
ReadFile
LoadResource
SizeofResource
lstrlenA
LoadLibraryW
FindAtomA
GetStartupInfoA
FindResourceExW
GetProcAddress
DebugBreak
Sleep
CreateProcessW
IsDebuggerPresent
SetLastError
GetTickCount
GlobalMemoryStatusEx
LocalAlloc
LocalFree
GetSystemDefaultLangID
GetVersion
AreFileApisANSI
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
OutputDebugStringA
InterlockedCompareExchange
OpenSemaphoreA
HeapCreate
FreeLibrary
DisableThreadLibraryCalls
GetModuleFileNameW
GetUserDefaultLCID
lstrcatW
HeapDestroy
TlsSetValue
lstrcpynW
lstrcmpiW
FindResourceExA
GetConsoleCP
DeleteCriticalSection
InitializeCriticalSection
GetSystemDefaultLCID
lstrcpyW
MultiByteToWideChar
lstrlenW
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalFree
DeleteFileA
GetLogicalDrives
CreateSemaphoreA
GetConsoleOutputCP
InterlockedDecrement
InterlockedIncrement

advapi32

CryptHashData
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegEnumValueA
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExA
RegEnumKeyExA
RegEnumKeyExW
RegQueryValueExW
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash
RegDeleteKeyW
CryptGetHashParam
CryptDestroyHash

secur32

GetUserNameExW

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Sections

.text
Size: 98KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 206KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47068a0142e4d3cce4d4d67d6ff76cef

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

iphlpapi

winmm

ole32

gdi32

user32

kernel32

advapi32

secur32

msvcp60

Sections

.text Size: 98KB - Virtual size: 96KB

.data Size: 206KB - Virtual size: 216KB

.bss Size: - Virtual size: 49KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 96KB

.data
Size: 206KB - Virtual size: 216KB

.bss
Size: - Virtual size: 49KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 4KB - Virtual size: 4KB