865fcb856c45a48086fe269ba80b3f1e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

865fcb856c45a48086fe269ba80b3f1e_JaffaCakes118
Size

540KB
MD5

865fcb856c45a48086fe269ba80b3f1e
SHA1

dc366b48cd808b90f009685a59ef9169d59a77d0
SHA256

ee450bf6bf71202acc81268108e7007632bd0c094878e88c0522cf9597264f99
SHA512

447da6a1ad56693f51c1ae0a035e1946c6901ac2596bf52eaff2107d23450c3c25c089b8544bf383f6a167932a942eeff05785d4633dbeb6af5043625290d28a
SSDEEP

12288:2IjtBaCzU4RxeL8jslaHZRPAtAlUzx1TeKWBEdSRe/FiHx:5jtBaCoeoQvHZRItA6zTJA3L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
865fcb856c45a48086fe269ba80b3f1e_JaffaCakes118

Files

865fcb856c45a48086fe269ba80b3f1e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81330747e57fcd8e28014a759812cc64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
SetCurrentDirectoryA
GlobalMemoryStatus
lstrcmpA
FreeLibrary
RemoveDirectoryA
IsDebuggerPresent
VirtualProtect
OutputDebugStringA
GetVersionExA
GetProcAddress
MultiByteToWideChar
GetModuleHandleA
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
GetCurrentDirectoryA
GetWindowsDirectoryA
FindClose
GetDriveTypeA
FindFirstFileA
FlushInstructionCache
GetModuleFileNameA
GetCurrentProcess
SetThreadPriority
lstrcmpiA
GetCurrentThread
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
DeleteFileA
MoveFileA
CreateProcessA
WaitForSingleObject
CreateEventA
GetStartupInfoA
CloseHandle
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
CreateFileA
FileTimeToSystemTime
LeaveCriticalSection
EnterCriticalSection
lstrlenA
WaitForMultipleObjects
lstrcpyA
CreateThread
lstrcatA
SetFilePointer
VirtualAlloc
VirtualFree
WriteFile
LoadLibraryA
GetFileAttributesA

user32

SetWindowsHookExA
SetWindowLongA
MessageBoxA
GetAsyncKeyState
GetKeyboardType
CallNextHookEx
GetForegroundWindow
GetWindowRect
InvalidateRect
EnumDisplaySettingsA
PtInRect
CharNextA
CharLowerA
CreateWindowExA
CreateCursor
DestroyCursor
ScreenToClient
GetCursorPos
SetCursorPos
GetSystemMetrics
ClientToScreen
UpdateWindow
IntersectRect
SetMenu
ChangeDisplaySettingsA
SetWindowPos
SetWindowPlacement
PostMessageA
GetDC
ReleaseDC
CharUpperA
wsprintfA
IsWindowVisible
EnumWindows
SetCursor
WaitMessage
LoadCursorA
DestroyMenu
GetFocus
SetFocus
DispatchMessageA
UnhookWindowsHookEx
SystemParametersInfoA
PeekMessageA
TranslateMessage
GetMessageA
LoadIconA
DestroyWindow
IsIconic
RegisterClassA
ShowWindow
BeginPaint
OpenIcon
CloseWindow
PostQuitMessage
EndPaint
DefWindowProcA
ScrollWindowEx
SetCapture
SetForegroundWindow
SetClassLongA
ValidateRect
SendMessageA
CheckMenuItem
GetClassLongA
FindWindowA
DrawMenuBar
RemoveMenu
EnableMenuItem
AppendMenuA
ReleaseCapture
TrackPopupMenu
GetWindowTextA
CreatePopupMenu
CreateMenu
MsgWaitForMultipleObjects
SetWindowTextA
wvsprintfA
SetTimer
FillRect
KillTimer
GetDlgItemTextA
CreateDialogParamA
IsDialogMessageA
AdjustWindowRectEx
SetDlgItemTextA
IsWindow
GetWindowPlacement
EqualRect
GetSysColor

gdi32

DeleteObject
SetDIBitsToDevice
RealizePalette
GetDeviceCaps
BitBlt
CreatePalette
SelectObject
CreateCompatibleDC
DeleteDC
SelectPalette
EnumFontFamiliesExA
CreateDIBSection
StretchBlt
CreateFontA
CreateSolidBrush
SetBkColor
SetBkMode
SetTextColor
GetTextMetricsA
GetGlyphOutlineA
TextOutA
GetStockObject
GetTextExtentPoint32A

advapi32

RegCloseKey
GetUserNameA
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

winmm

midiOutShortMsg
timeGetDevCaps
timeBeginPeriod
timeSetEvent
timeKillEvent
timeEndPeriod
midiOutLongMsg
midiOutClose
midiOutOpen
waveOutOpen
waveOutClose
timeGetTime
joyGetPosEx
mciSendCommandA
sndPlaySoundA

dsound

ord1

ddraw

DirectDrawCreate

imm32

ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmSetOpenStatus

dinput

DirectInputCreateA

msvcrt

_acmdln
_errno
frexp
ldexp
qsort
exit
memchr
calloc
strtod
free
realloc
_iob
fprintf
malloc
sprintf
abort
longjmp
strtok
strspn
_wcsicmp
strncpy
strncmp
strpbrk
strcspn
fwrite
strncat
fseek
fread
ftell
fputc
vfprintf
fputs
fgetc
fclose
fgets
srand
_beginthreadex
fopen
wcsstr
memmove
_endthreadex
_setjmp3
strchr
strstr
_CIasin
_CIacos
strrchr
rand
ceil
_CIpow
_ftol
_assert
floor
_except_handler3
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_exit
_controlfp
__getmainargs
_XcptFilter

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.riox
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81330747e57fcd8e28014a759812cc64

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

winmm

dsound

ddraw

imm32

dinput

msvcrt

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 156KB - Virtual size: 4.0MB

.rsrc Size: 4KB - Virtual size: 3KB

.riox Size: 4KB - Virtual size: 1KB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 156KB - Virtual size: 4.0MB

.rsrc
Size: 4KB - Virtual size: 3KB

.riox
Size: 4KB - Virtual size: 1KB