896a2c7d6eeebca9a4565546c5e1bbeb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

896a2c7d6eeebca9a4565546c5e1bbeb_JaffaCakes118
Size

150KB
MD5

896a2c7d6eeebca9a4565546c5e1bbeb
SHA1

8f30f167118a79f00dd5d1fb3918ea365b4940e6
SHA256

727a69eaa4591b277b1d6371cd25eecbd6f7dfee78c645653939fce8e4af22a5
SHA512

887677742ba9a7e2d26740404a3a7e7c345ecbae4d93f2c7dfd2e35e345696d8e16405b8b954ad96f083d2795484d6affc7a63a71957d9db1be0bd87cf391a60
SSDEEP

1536:0SomduqK6mhRQVH699iwTCrW7Sh45ekJdh1LB5pegkLiA32bsAF3dW1w2PwCo+OX:voBf6maaHibfhKekPpecNFtgLo7+rPBu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
896a2c7d6eeebca9a4565546c5e1bbeb_JaffaCakes118

Files

896a2c7d6eeebca9a4565546c5e1bbeb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdc5571a85d5aff9298c90e989fffd3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateEventW
SetEvent
ResetEvent
UnmapViewOfFile
MapViewOfFile
GetPrivateProfileStringA
GetUserDefaultLangID
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
lstrcpynA
CreateThread
GetCurrentThreadId
ResumeThread
ExitThread
TerminateThread
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FindFirstFileW
FindNextFileW
FindClose
OpenProcess
FindFirstFileA
FindNextFileA
LoadLibraryA
LoadLibraryW
LoadLibraryExA
GetProcAddress
ExitProcess
GetStringTypeA
DeleteFileA
WaitForSingleObject
FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
DeleteFileW
GlobalLock
lstrlenA
SetEnvironmentVariableA
GetDriveTypeA
CreateFileMappingA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateFileW
ReadFile
WriteFile
CloseHandle
FlushFileBuffers
InterlockedDecrement
FileTimeToLocalFileTime
GetTempFileNameA
GetCurrentDirectoryA
GetSystemTime
IsBadWritePtr
GetFileSize
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetSystemDirectoryA
GetUserDefaultLCID
SetEndOfFile
InterlockedCompareExchange
FormatMessageA
GetOEMCP
GetVersion
GetCommandLineW
GetCPInfo
EnumCalendarInfoA
IsDBCSLeadByte
SystemTimeToFileTime
GetModuleFileNameW
GetDiskFreeSpaceA
WideCharToMultiByte
GetCurrentThread
VirtualFree
LocalFileTimeToFileTime
CreateFileA
GetStringTypeW
SetFileTime
WritePrivateProfileStringA
VirtualQuery
GlobalFree
CreateMutexA
ReleaseMutex
Sleep
lstrcmpiA
GlobalHandle
GlobalUnlock
TerminateProcess
MultiByteToWideChar
LocalFree
GetCurrentProcessId
OutputDebugStringA
GlobalReAlloc
CompareStringW
OpenMutexA
GetThreadLocale
MoveFileA
SetHandleCount
GlobalAlloc
SetStdHandle
GetLocaleInfoW
GetLocaleInfoA
GetEnvironmentStringsW
FileTimeToSystemTime
GetFileTime
GetACP
QueryPerformanceCounter
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTempPathW
WaitForMultipleObjects
GetFileAttributesA
CompareStringA
InterlockedExchange
RemoveDirectoryA
VirtualAlloc

msvcrt

_wcsicmp
_mkdir
_pctype
sprintf
_read
_unlock
iswctype
log
wcsncpy
cos
calloc
strrchr
atof
_mktemp
_fileno
__initenv
_amsg_exit
printf
signal
strncpy
_getcwd
_lseeki64
strstr
strpbrk
floor
rewind
strlen
_snwprintf
__p__fmode
wcscat
getenv
_dup
bsearch
__pioinfo
memchr
_utime
isdigit
fputs
qsort
fputc
sscanf
abort
exit
ceil
strspn
atoi
_cexit
wcscspn
_fstat
atexit
_adjust_fdiv
localtime
towlower
fopen
atol
_pipe
sqrt
_snprintf
pow
towupper
wcschr
rename
_strcmpi
wcstol
wcstombs
iswdigit
_ftol
_fdopen
ungetc
longjmp
strncmp
vsprintf
memcmp
strcspn
_isatty
__dllonexit
strncat
fgetpos
wcscmp
wcstoul
_stricmp
malloc
strtok
_flsbuf
_osver
__p__commode
realloc
__getmainargs
localeconv
__p___initenv
sin
memmove
putchar
_ultoa
_chmod
_mbsrchr
__badioinfo
_wcslwr
fsetpos
fclose
strchr
_wtoi
_acmdln
strtoul
clearerr
fwrite
strerror
_CIpow
isxdigit
strcmp
strcat
srand
_except_handler3
__lc_codepage
_wtol
_exit
_initterm
_open_osfhandle
swscanf
wcsstr
_getch
_purecall
_setmode
_beginthreadex
clock
_setjmp3
wctomb
_fullpath
_umask
isleadbyte
wcslen
_controlfp
perror
fprintf
fread
_strnicmp
remove
_wfopen
_write
_CIsqrt
__setusermatherr
_vsnprintf
setlocale
_setjmp
memcpy
free
_wcsnicmp
_onexit
__CxxFrameHandler
_mbsicmp
_stat
fflush
fseek
_dup2
strtol
_mbscmp
memset
toupper
_assert
_c_exit
__mb_cur_max
_getpid
_strlwr
_vsnwprintf
_strdup
_putenv
_itow
_itoa
puts
isspace
strcpy
_unlink
__p__environ
wcsncmp
_lseek
gmtime
_filelengthi64
_filbuf
iswspace
_lock
time
_open
_wcsupr
swprintf
_get_osfhandle
_XcptFilter
_iob
ftell
_close
_errno
fgets
_kbhit
ctime
rand
__set_app_type

user32

SetFocus
SetClassLongA
IsWindowEnabled
UnhookWindowsHookEx
GetActiveWindow
DrawMenuBar
FrameRect
SetWindowTextA
LoadCursorA
DestroyCursor
CreatePopupMenu
SendDlgItemMessageA
OemToCharA
GetMessageA
SetForegroundWindow
EndPaint
EndDialog
SetWindowLongA
GetWindowTextA
InsertMenuA
SetActiveWindow
CloseClipboard
IsChild
DestroyIcon
GetForegroundWindow
WaitMessage
GetScrollInfo
GetSubMenu
ClientToScreen
DispatchMessageA
SendMessageA
InvalidateRect
SetScrollPos
ReleaseDC
IsWindowVisible
GetSystemMetrics
AdjustWindowRectEx
MessageBoxA
DrawIcon
SetRect
GetMenuItemID
WindowFromPoint
DialogBoxParamA
GetSystemMenu
GetDCEx
GetCapture
CharLowerA
IsIconic
UpdateWindow
WinHelpA
DrawIconEx
IsDialogMessageA
DeleteMenu
DestroyMenu
GetDesktopWindow
GetKeyState
GetClassNameA
InflateRect
GetTopWindow
RegisterClassA
PtInRect
GetDlgItem
LoadStringA
LoadIconA
SetClipboardData
IntersectRect
GetLastActivePopup
GetClassInfoA
GetCursorPos
InsertMenuItemA
CallWindowProcA
OpenClipboard
GetFocus
SetTimer
GetClientRect
GetSysColor
SetPropA
GetSysColorBrush
DefWindowProcA
GetPropA
FillRect
ShowWindow
RemoveMenu
CharNextA
DrawFrameControl
ShowOwnedPopups
RegisterClipboardFormatA
GetWindowThreadProcessId
GetScrollPos
CreateWindowExA
GetMenuState
SystemParametersInfoA
PostQuitMessage
EqualRect
CheckMenuItem
ScreenToClient
SetCursor
GetParent
GetWindow
DrawEdge
KillTimer
TrackPopupMenu
CallNextHookEx
SetScrollRange
GetDC
EnumWindows
GetWindowRect
GetMenu
wsprintfA
DestroyWindow
GetMenuStringA
TranslateMessage
IsRectEmpty
EnumThreadWindows
GetIconInfo
RemovePropA
RegisterWindowMessageA
PeekMessageA
ScrollWindow
GetMessagePos
SetWindowPos
UnregisterClassA
LoadBitmapA
MapWindowPoints
PostMessageA
SetWindowPlacement
GetKeyboardType
CreateMenu
GetMenuItemCount
EnableWindow
SetMenu
RedrawWindow
GetWindowDC
EnableMenuItem
GetWindowLongA
FindWindowA
BeginPaint
IsWindow
ReleaseCapture
SetCapture

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.irdata
Size: 3KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fdc5571a85d5aff9298c90e989fffd3f

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 1KB - Virtual size: 4KB

.irdata Size: 3KB - Virtual size: 23KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 1KB - Virtual size: 4KB

.irdata
Size: 3KB - Virtual size: 23KB