8a1ec32afd803194db749a14f49e658c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a1ec32afd803194db749a14f49e658c_JaffaCakes118
Size

156KB
MD5

8a1ec32afd803194db749a14f49e658c
SHA1

847e6ee4fb50ac6c6dfd95b43e9b8f4d3344609a
SHA256

bf8d696ec7e1d4474a5e0c479ec54dc78e12f317bf658b07caabb8b5793f05f6
SHA512

7580ddb1f8d894fd38bdb59527fa26fc6699f59d20dbd63efb487e6c599792a55f78389cfe36905019bf70692fa0a7c51dd87c9a93664ed73fab344cfb5ddacc
SSDEEP

3072:I137Rriyqip4+S5j9w7QXdJNlhKFeAuwLeu+rSfva4SX6JE/olx/:IjFq04+69w7QXdJYDKu6WpSX6y0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a1ec32afd803194db749a14f49e658c_JaffaCakes118

Files

8a1ec32afd803194db749a14f49e658c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Program Files\Beqire.pdb

Imports

user32

AppendMenuA
FrameRect
ClientToScreen
RegisterClassExA
GetWindowTextLengthA
SetForegroundWindow
CheckRadioButton
SendDlgItemMessageA
IsClipboardFormatAvailable
SendMessageA
DestroyWindow
SetClipboardData
GetClientRect
GetWindowThreadProcessId
FillRect
TrackPopupMenu
DrawFrameControl
PostMessageA
IsDialogMessageA
GetActiveWindow
SystemParametersInfoA
GetWindowRect
DialogBoxIndirectParamA
CreatePopupMenu
GetSysColorBrush
DispatchMessageA
GetForegroundWindow
CreateDialogIndirectParamA

gdi32

RestoreDC
SaveDC
ExtTextOutA
CreateFontIndirectA
StartDocA
StartPage
PatBlt
GetTextExtentPoint32A
SetPixel
StretchBlt
SelectObject
Rectangle

winspool.drv

SetFormA
ScheduleJob
ResetPrinterA
OpenPrinterA
GetPrintProcessorDirectoryA
GetJobA
EnumPrinterDriversA
EnumPrinterDataA
EnumPrinterDataExA
DeletePrinter
DeletePrintProvidorA
DeletePrintProcessorA
DeletePortA

mprapi

MprAdminInterfaceConnect
MprInfoCreate
MprInfoBlockSet
MprInfoBlockRemove
MprInfoBlockQuerySize
MprInfoBlockFind
MprAdminPortGetInfo
MprAdminPortEnum
MprAdminPortDisconnect
MprAdminPortClearStats
MprAdminMIBEntryGet
MprAdminMIBEntryDelete
MprAdminMIBEntryCreate
MprAdminInterfaceTransportGetInfo
MprAdminInterfaceTransportAdd
MprAdminInterfaceDeviceGetInfo
MprAdminInterfaceGetCredentialsEx
MprAdminInterfaceSetCredentials

odbc32

ord154
ord58
ord59
ord72
ord24
ord26
ord28
ord135
ord136
ord37
ord138
ord139
ord173
ord74

kernel32

SetConsoleCtrlHandler
VirtualQuery
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
LoadLibraryA
QueryPerformanceCounter
IsBadReadPtr
HeapSize
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
IsBadCodePtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RaiseException
RtlUnwind
VerLanguageNameA
SetTapePosition
RemoveDirectoryA
GetCurrentThreadId
SetFileAttributesA
CreateProcessA
GetProcAddress

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 721KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5f5bb5b024d2d9f41cc12fdff723890

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

winspool.drv

mprapi

odbc32

kernel32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 64KB - Virtual size: 721KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 64KB - Virtual size: 721KB

.reloc
Size: 8KB - Virtual size: 5KB