87abf1ce64509506c177f23ff7a27ae5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87abf1ce64509506c177f23ff7a27ae5_JaffaCakes118
Size

120KB
MD5

87abf1ce64509506c177f23ff7a27ae5
SHA1

3dfe8356947fde5c7944325ba91978ef483a5a29
SHA256

eb99b5520a777927b3f7ee2ea37b9943f348d1230f84f0942595cb4d3bf19dd4
SHA512

36834d18168555b7cc1c3307393b55bd5efccb085f36d1011a278efe03dc64775ac59d258d8ab1715e557b47117884e5c282773d43eb05bfeeb88ce914b5a80a
SSDEEP

1536:zwkt5BaKqjFExnclMR8Ohrh2G1j3z42SjOA3LrA7so4/6/qWcTfBzbjrcVCuFo2v:8w5HnclXvW49SO1aYfFjyBYVceLcVf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87abf1ce64509506c177f23ff7a27ae5_JaffaCakes118

Files

87abf1ce64509506c177f23ff7a27ae5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

431cbb905ad08d40b66aa145acbad00a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetCurrentDirectoryW
ReadFile
RaiseException
GetCurrentProcessId
CreateEventW
GlobalUnlock
VirtualAlloc
CreateThread
CreateProcessW
lstrcpyW
GetTempPathW
lstrcatW
GetVersionExA
WriteConsoleA
QueryPerformanceCounter
GetTimeFormatW
GetLocaleInfoW
GetDriveTypeW
CreateDirectoryW
GetTimeFormatA
GetStartupInfoA
CreateFileW
GetConsoleMode
DeleteFileW
GetEnvironmentStrings
SizeofResource
CloseHandle
CreateMutexW
EnumSystemLocalesA
GlobalSize
GetProcAddress
LoadLibraryA
GetSystemInfo
FindClose
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
HeapSize
MultiByteToWideChar
GetLocaleInfoA
VirtualProtect
VirtualQuery
InterlockedExchange
RtlUnwind
IsBadWritePtr
HeapReAlloc
HeapAlloc
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapFree
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
LCMapStringW
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetModuleHandleA

user32

CallWindowProcW
InflateRect
CreateAcceleratorTableW
GetScrollPos
GetScrollRange
DeleteMenu
DrawTextW
DestroyCursor
GetDlgItemInt
LoadImageW
ToAscii
TrackPopupMenu
AppendMenuW
GetMenuStringW
UnhookWindowsHookEx
GetActiveWindow
MonitorFromWindow
DispatchMessageW
ShowScrollBar
LoadStringW
IsChild
SendMessageW
EmptyClipboard
CreateWindowExW
PeekMessageW
LoadCursorW
InvalidateRect
DestroyIcon
mouse_event
CharUpperW
GetMenuItemID
SetWindowLongA
GetFocus
IsWindowVisible
CloseClipboard
GetClipboardData
SetClipboardData
SetWindowLongW
DestroyCaret
GetSysColor
SetScrollRange
SetDlgItemInt
ModifyMenuW
RegisterClassExW
ReleaseDC
CallNextHookEx
GetDC

comdlg32

PageSetupDlgA
PrintDlgA
ReplaceTextW
PageSetupDlgW
GetSaveFileNameA
ChooseColorW
FindTextW
FindTextA
GetOpenFileNameW
GetFileTitleW
ChooseFontW
ChooseColorA

ole32

StgIsStorageILockBytes

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

431cbb905ad08d40b66aa145acbad00a

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 83KB - Virtual size: 127KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 83KB - Virtual size: 127KB

.rsrc
Size: 4KB - Virtual size: 4KB