8e11221fe2f13faa81f2ada417c05114_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e11221fe2f13faa81f2ada417c05114_JaffaCakes118
Size

208KB
MD5

8e11221fe2f13faa81f2ada417c05114
SHA1

b5b47a1b89c7194d8a2a552e19b84fb3622f52b3
SHA256

676159510924720eaa4fae876fca0c7f236e896b27a7b922e102c4016d774413
SHA512

4ffdac9975604fa69d87952c58c64e82eef89d826d56e3d141ba79a7fca261dbb6a117bb05b48ef713e8fd5266b251acb04db832b5557fe05724efbdcba3b2db
SSDEEP

3072:F19ZB4qLddHXzTx1hUAgij1xe4M24SqqoscrWCdoLs5LLTo0:FTx4AgE1s44douT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e11221fe2f13faa81f2ada417c05114_JaffaCakes118

Files

8e11221fe2f13faa81f2ada417c05114_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1231cc347879b454a40cd3a41ac67c56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowExA
UpdateWindow
GetDoubleClickTime
SetClassLongA
IsDlgButtonChecked
InsertMenuA
LoadStringA
CreatePopupMenu
ClientToScreen
GetClassLongA
DrawEdge
RegisterClassA
ShowWindow
LoadMenuA
OffsetRect
MessageBoxA
IntersectRect
SetPropA
DestroyWindow
MsgWaitForMultipleObjects
MoveWindow
BeginPaint
GetPropA
CreateWindowExA
ExitWindowsEx
SetWindowTextA
LoadImageA
PtInRect
FindWindowA
LoadAcceleratorsA
GetUpdateRgn
GetDlgItem
AppendMenuA
DeleteMenu
GetParent
GetWindowTextA
SystemParametersInfoA
InvalidateRgn
IsIconic
PeekMessageA
EmptyClipboard
DialogBoxParamA
CreateDialogParamA
EnumChildWindows
IsZoomed
GetClassNameA
DrawMenuBar
SetFocus
ChildWindowFromPoint
InvalidateRect
GetWindowRect
SetUserObjectSecurity
DrawFrameControl
LoadIconA
SetTimer
IsDialogMessageA
SetCursor
EnableWindow
GetWindowLongA
OpenClipboard
SetClipboardData
CallWindowProcA
GetDlgCtrlID
DrawTextA
GetScrollInfo
GetWindowDC
CloseClipboard
GetWindowThreadProcessId
SendMessageTimeoutA
CreateIconIndirect
GetMenuItemID
GetSysColor
GetUserObjectSecurity
GetMessageA

kernel32

SetUnhandledExceptionFilter
lstrcpynA
GetEnvironmentVariableA
QueryPerformanceCounter
FindResourceA
DeleteFileA
CreateEventA
FindFirstFileA
GetACP
InterlockedDecrement
GetVersionExA
Module32Next
GetDriveTypeA
FormatMessageA
LoadResource
LCMapStringA
FileTimeToLocalFileTime
TlsSetValue
GetCurrentProcess
GetSystemTimeAsFileTime
GetVersion
GetStartupInfoA
GetThreadContext
GetCurrentThreadId
VirtualQueryEx
DuplicateHandle
GetComputerNameW
SetEndOfFile
SetThreadAffinityMask
TerminateThread
GetTickCount
SizeofResource
HeapReAlloc
CreateProcessA
GlobalMemoryStatus
MapViewOfFile
GlobalUnlock
InterlockedIncrement
ReadFile
GetOEMCP
SetPriorityClass
GetConsoleCP
FindClose
GetStdHandle
PulseEvent
LockResource
GetProcessHeap
GetTimeFormatA
GetModuleHandleA
lstrlenA
TerminateProcess
SetLastError
LoadLibraryW
VirtualAlloc
WaitForSingleObject
IsDebuggerPresent
WaitForMultipleObjects
IsValidCodePage
GetLocaleInfoA
GetCPInfo
CreateToolhelp32Snapshot

gdi32

GetObjectA
CreateCompatibleBitmap
ExtTextOutA
DeleteDC
GetBkColor
CreateSolidBrush
SaveDC
StartPage
SelectObject
CreateRectRgn
EndDoc
MoveToEx
DeleteObject
CreateDIBSection
CreateRectRgnIndirect
SetROP2
RestoreDC
CreateCompatibleDC
SetTextAlign
GetTextExtentPoint32A
GetDeviceCaps
CreateFontIndirectA
EndPage
SetTextColor
StartDocA
SetBkMode
GetStockObject
SelectClipRgn
SetBkColor
GetTextMetricsA
BitBlt
Rectangle
Polyline
SetMapMode
GetBkMode
RectInRegion

msvcrt

_wctime64
_onexit
_flsbuf
_spawnvp
time
fgets
strcspn
_dup
wcsspn
_setsystime
_mbsnbicmp
_wpopen
exit
_findnext
_execlp
_putws
_toupper
isprint
_ismbclower
_fpreset
wcsstr
_endthreadex
_cgets
__getmainargs
wcsncpy
mbtowc
freopen
_isatty
_tempnam
_fpieee_flt
iswdigit
_stat64
_wpgmptr
_mbccpy
_wfdopen
_copysign
_wcsicoll
_rotr
_lsearch
gmtime
_filelength
_getwch
_wrename
_strerror
vprintf
_itoa
_initterm
memcpy
tan
getenv
_mbslen
_lfind
__setusermatherr
_mbsset
isxdigit
_wcserror
_wcsnicmp
_XcptFilter
_wcsnset
_fgetchar
__p__commode
_fstat64
__p__fmode
_findclose
_mbbtombc
_except_handler3
_resetstkoflw
__set_app_type
_exit
_putenv
_ctype
fgetwc
_wsearchenv
_controlfp
_cscanf
_adjust_fdiv
_ismbbkprint
_sleep
_time64
tolower
_acmdln
modf
_execve
_snprintf
_cprintf
_endthread
iswalpha
_mbsinc
_mbsnbicoll
free
_ismbslead

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1231cc347879b454a40cd3a41ac67c56

Headers

File Characteristics

Imports

user32

kernel32

gdi32

msvcrt

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 183KB - Virtual size: 182KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 183KB - Virtual size: 182KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4B