87171e20552a59afb5fc6e36b3c8b9c9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87171e20552a59afb5fc6e36b3c8b9c9_JaffaCakes118
Size

200KB
MD5

87171e20552a59afb5fc6e36b3c8b9c9
SHA1

09c6872b37f731b6cb29e74881181acf0f3eac03
SHA256

67d307cc09ac7b7cd019fce69258ec78a5825655d85f73024dd129bd8ed36ed1
SHA512

dba37afc7a058725f2f2a5cbb5aa60a2221628521c9cf860c174aab482abcd0c072d22c8b0460badd7a86f4a9cd89661c238da6ba8d2e6596632902860d6c569
SSDEEP

6144:KRmPtnMnW2NbwFZ9B1akKtUDBhu/kndh:lnMh4Z9WkQUNh3h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87171e20552a59afb5fc6e36b3c8b9c9_JaffaCakes118

Files

87171e20552a59afb5fc6e36b3c8b9c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c707be9f61e3a92cc3fd9351214db0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutReset
waveOutClose

avifil32

AVIStreamGetFrameClose
AVIStreamRelease
AVIFileRelease
AVIStreamReadFormat
AVIStreamInfoA
AVIFileGetStream
AVIStreamGetFrameOpen
AVIFileInfoA
AVIFileOpenA
AVIFileInit
AVIFileExit
AVIStreamGetFrame

msvfw32

ICClose
ICLocate
DrawDibClose
DrawDibDraw
DrawDibOpen
ICImageDecompress

kernel32

GetSystemDirectoryA
UnhandledExceptionFilter
GetVersionExA
GetProcAddress
FreeLibrary
LoadLibraryA
ExitProcess
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
CopyFileA
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetLastError
LCMapStringW
WideCharToMultiByte
LCMapStringA
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCurrentProcess
TerminateProcess
RaiseException
GetVersion
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetStringTypeA
GetShortPathNameA
MultiByteToWideChar
VirtualAlloc
lstrcpyA
GlobalAlloc
ReadFile
GetTickCount
CreateFileA
CloseHandle
GetStringTypeW
SetStdHandle
CompareStringA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
GetCurrentDirectoryA
GetCommandLineA
GetProfileStringA
SetCurrentDirectoryA
Sleep
HeapDestroy
HeapCreate
VirtualFree
WriteFile
SetUnhandledExceptionFilter
SetFilePointer
FlushFileBuffers
SetEnvironmentVariableA
GetEnvironmentStringsW
SetEndOfFile
CompareStringW

user32

GetParent
PostQuitMessage
DispatchMessageA
TranslateMessage
IsWindow
SetCursor
GetCursorPos
SystemParametersInfoA
GetForegroundWindow
ShowWindow
SendDlgItemMessageA
EndDialog
MessageBoxA
GetDlgItem
SendMessageA
LoadBitmapA
SetForegroundWindow
CreateWindowExA
SetCapture
GetSystemMetrics
SetTimer
DestroyWindow
MoveWindow
InvalidateRect
UpdateWindow
GetClientRect
DrawTextA
GetWindowLongA
DefWindowProcA
KillTimer
PostMessageA
SetWindowTextA
GetWindowTextA
GetDC
ReleaseDC
FindWindowA
LoadIconA
DialogBoxParamA
PeekMessageA
CharNextA
RegisterClassA
GetMessageA

gdi32

GetDIBits
SetStretchBltMode
StretchDIBits
GetTextMetricsA
CreateFontA
SetBkMode
SetTextColor
SetBkColor
DeleteObject
GetStockObject
SelectObject
RoundRect
MoveToEx
LineTo
DeleteDC
BitBlt
StretchBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
SetPixel
GetPixel

comdlg32

GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

advapi32

RegQueryValueExA
RegCreateKeyA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c707be9f61e3a92cc3fd9351214db0d

Headers

File Characteristics

Imports

winmm

avifil32

msvfw32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 14KB - Virtual size: 44KB

.idata Size: 5KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 14KB - Virtual size: 44KB

.idata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 8KB - Virtual size: 7KB