85830a54b71651721a5889486a0a586f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

85830a54b71651721a5889486a0a586f_JaffaCakes118
Size

156KB
MD5

85830a54b71651721a5889486a0a586f
SHA1

65f71b8b26d90bb5b5111cb3275f58053a7cae04
SHA256

91095d047faec3b91a12cbc0f5c96510e8962080b86cc9f207e6bea122d3ca0a
SHA512

ab7915b9563e2aad09be4375114b50a41ee4be984d699c15d4db6b6651a8eb83304cba4ed8206dd4b082166a3f1b034b08ee1823995edff2539ee3523ab29b25
SSDEEP

3072:I137Rriyqipb+S5j9w7QXdJNlUeAuwLeu+rSfva4SX6JE/ol:IjFq0b+69w7QXdJcDKu6WpSX6y0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85830a54b71651721a5889486a0a586f_JaffaCakes118

Files

85830a54b71651721a5889486a0a586f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files\Beqire.pdb

Imports

user32

AppendMenuA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
SetForegroundWindow
CheckRadioButton
SendDlgItemMessageA
IsClipboardFormatAvailable
SendMessageA
DestroyWindow
SetClipboardData
GetClientRect
GetWindowThreadProcessId
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
IsDialogMessageA
GetActiveWindow
SystemParametersInfoA
GetWindowRect
DialogBoxIndirectParamA
CreatePopupMenu
GetSysColorBrush
DispatchMessageA
GetForegroundWindow
CreateDialogIndirectParamA

gdi32

RestoreDC
SaveDC
ExtTextOutA
CreateFontIndirectA
StartDocA
StartPage
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
SelectObject
Rectangle

winspool.drv

SetFormA
ScheduleJob
ResetPrinterA
OpenPrinterA
GetPrintProcessorDirectoryA
GetJobA
EnumPrinterDriversA
EnumPrinterDataA
EnumPrinterDataExA
DeletePrinter
DeletePrintProvidorA
DeletePrintProcessorA
DeletePortA

mprapi

MprAdminInterfaceConnect
MprInfoCreate
MprInfoBlockSet
MprInfoBlockRemove
MprInfoBlockQuerySize
MprInfoBlockFind
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminMIBEntryCreate
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceTransportAdd
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials

odbc32

ord154
ord58
ord59
ord72
ord24
ord26
ord28
ord135
ord136
ord37
ord138
ord139
ord173
ord74

kernel32

SetConsoleCtrlHandler
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
QueryPerformanceCounter
IsBadReadPtr
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
VerLanguageNameA
SetTapePosition
RemoveDirectoryA
GetCurrentThreadId
SetFileAttributesA
CreateProcessA
GetProcAddress

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

winspool.drv

mprapi

odbc32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 64KB - Virtual size: 721KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 64KB - Virtual size: 721KB

.reloc
Size: 8KB - Virtual size: 5KB