89458a34d5e374f4121c7f5e128299dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89458a34d5e374f4121c7f5e128299dc_JaffaCakes118
Size

2.4MB
MD5

89458a34d5e374f4121c7f5e128299dc
SHA1

582b63c460b3d3cf9f706695e19b5befb7800d93
SHA256

d88dc863071533cc517beb0f82b1b8aec115f6b67dcf6269a4bf67c7b19b0e68
SHA512

0f9eea1c052dfbcfe0a1f045991a7b10ed9bc1ac699ebb463ebf3aa891859bd1cb22a0a6ef2c009ed107526a74170218945700230ddf0ab4cf96f46a0342824e
SSDEEP

49152:0urDLrX76/eATG28Ymr2xS5Cdcrk4XU3emecLPbl/hx96S7kriMSx:0UrXugreS5OcDrQZZMSx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89458a34d5e374f4121c7f5e128299dc_JaffaCakes118

Files

89458a34d5e374f4121c7f5e128299dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

158bdb5bbeda51dd1c9ed3c12a8ad6f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA
timeEndPeriod
timeGetTime
timeBeginPeriod
mixerOpen
mixerGetLineControlsA
mixerGetLineInfoA
mixerGetControlDetailsA
mixerSetControlDetails
mixerGetDevCapsA
mixerClose

wsock32

select
WSAGetLastError
htons
WSACleanup
recv
socket
__WSAFDIsSet
closesocket
gethostbyname
send
WSAStartup
connect
inet_ntoa
ioctlsocket

gdi32

GetTextExtentPoint32W
SetTextColor
DeleteDC
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
SetBkMode
SelectObject
CreateCompatibleDC
DeleteObject
GetStockObject
TextOutW
GetObjectA
IntersectClipRect
GetTextMetricsA

advapi32

RegOpenKeyA
RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shell32

ShellExecuteA

kernel32

GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
LocalFree
GetLocalTime
ExitProcess
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeA
RemoveDirectoryA
GetSystemTimeAsFileTime
HeapReAlloc
DeleteFileA
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
Sleep
IsDBCSLeadByteEx
GetLastError
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
CreateFileA
GetFileSize
WriteFile
CreateFileW
SetFilePointer
ReadFile
FreeLibrary
GetTickCount
LeaveCriticalSection
MulDiv
FileTimeToSystemTime
GetSystemDirectoryA
GetProcAddress
EnterCriticalSection
LoadLibraryA
GetFileTime
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThread
InitializeCriticalSection
IsBadWritePtr
SetThreadPriority
FindFirstFileA
FindClose
GetModuleFileNameA
FindNextFileA
GetThreadPriority
VirtualProtect
QueryPerformanceFrequency
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
CreateMutexW
GlobalLock
GetCommandLineA
GlobalAlloc
GlobalUnlock
GlobalFree
GetModuleHandleA
InterlockedDecrement
InterlockedIncrement
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
GetStartupInfoA
GetProcessHeap
GetStringTypeW
HeapAlloc
CreateThread
ResumeThread
ExitThread
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
InterlockedCompareExchange
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation

user32

BeginPaint
WindowFromPoint
EnumDisplaySettingsA
CreateCursor
SetForegroundWindow
SetCapture
IsIconic
RegisterWindowMessageW
GetWindowRect
ScreenToClient
CloseClipboard
EndPaint
SetCaretPos
CreateCaret
DestroyCaret
ShowCaret
HideCaret
GetActiveWindow
PostMessageA
OpenClipboard
SystemParametersInfoA
SetWindowLongA
GetWindowLongA
GetClipboardData
ReleaseCapture
RegisterClassW
IsWindowVisible
PeekMessageA
EnumWindows
ChangeDisplaySettingsA
DefWindowProcW
DestroyWindow
SetCursor
GetMessageA
SetTimer
LoadIconA
SetFocus
SendMessageA
TranslateMessage
GetWindowTextA
MessageBoxA
CreateWindowExA
DefWindowProcA
ShowWindow
GetSysColorBrush
CreateWindowExW
DispatchMessageA
SetWindowTextA
AdjustWindowRect
LoadCursorA
RegisterClassA
ClientToScreen
FillRect
GetWindowInfo
GetClientRect
DrawTextExW
GetDC
ReleaseDC
AdjustWindowRectEx
GetSystemMetrics
MoveWindow
MessageBoxW
DialogBoxIndirectParamA
GetWindowPlacement
EmptyClipboard
GetDlgItem
EndDialog
DestroyCursor
SetClipboardData
GetCursorPos
OffsetRect

ole32

CoInitialize
CoCreateGuid

oleaut32

VariantClear

wininet

InternetCloseHandle
HttpAddRequestHeadersA
HttpSendRequestA
InternetReadFile
InternetOpenA
InternetSetOptionA
HttpQueryInfoA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 2.1MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 321KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

158bdb5bbeda51dd1c9ed3c12a8ad6f9

Headers

File Characteristics

Imports

winmm

wsock32

gdi32

advapi32

shell32

kernel32

user32

ole32

oleaut32

wininet

Sections

.text Size: 2.1MB - Virtual size: 2.0MB

.rdata Size: 321KB - Virtual size: 321KB

.data Size: 36KB - Virtual size: 335KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 2.1MB - Virtual size: 2.0MB

.rdata
Size: 321KB - Virtual size: 321KB

.data
Size: 36KB - Virtual size: 335KB

.rsrc
Size: 2KB - Virtual size: 2KB