a3ec71d2b4450957fdb311856890e88e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a3ec71d2b4450957fdb311856890e88e_JaffaCakes118
Size

27KB
MD5

a3ec71d2b4450957fdb311856890e88e
SHA1

de169e7c3ce469c0e0ecdb3577cc160eba6ac102
SHA256

c87ae7087246b2b5f4680bee797bc9c90861f158304cea147531af04003ea94c
SHA512

fe381d7ead6c03a5a1ef0c1bb579390c69e39f8669915ac2230f61f9e2e4d0b452840239bc0c29977dc4ae9f032b3b8be9d4718041b13b90ed758b01a6b58cf5
SSDEEP

768:3TZo74Ojfr4VfhneTrwbIDQsBWQ4kbXX5:jmDfr4VpeTYQZbXp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3ec71d2b4450957fdb311856890e88e_JaffaCakes118

Files

a3ec71d2b4450957fdb311856890e88e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88956a0f27bff221be8aa24f45e1bc34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_rmdir
gmtime
_acmdln
_CIsqrt
_tell
strlen
_hypot
_spawnl
__p__winminor
wcstol
wcsspn
__p__fmode
_getch
_commit
_wcsrev
_ismbcalpha
isgraph
_wspawnlpe
_tempnam
sscanf
memcmp
_statusfp
fopen
vfwprintf
_abnormal_termination
_mbschr
_fcvt
_ismbbkalnum
_fstat
_mbsnbcpy
_toupper
fgetwc
_setsystime
_spawnvp
_mbscpy
_wexecvp
_fullpath
_wremove
_heapused
_spawnlp
wcscspn
_CIsinh
_mbspbrk

user32

InsertMenuItemW
IsWindowVisible
SetScrollRange
GetShellWindow
GetLastActivePopup
TabbedTextOutW
GetKeyboardLayoutNameW
SendIMEMessageExW
CheckMenuItem
DeferWindowPos
GetScrollPos
CreateDialogIndirectParamW
EndDeferWindowPos
DdeAddData
SendNotifyMessageA
EnumPropsW
SetCursorPos
WaitForInputIdle
EnumWindowStationsW
SetDebugErrorLevel
SetMenuDefaultItem
LockWindowUpdate
MonitorFromPoint
SendMessageA
ChildWindowFromPointEx
DdeUnaccessData
MapDialogRect
PackDDElParam
LoadAcceleratorsW
DdeQueryConvInfo
PostQuitMessage
SystemParametersInfoA
ExcludeUpdateRgn
GetClassInfoExA
GetMenuState
DdeSetUserHandle
GetForegroundWindow
GetDlgCtrlID
DefFrameProcW
CharNextW
DestroyWindow

advapi32

IsValidSid
SetSecurityDescriptorGroup
RegDeleteValueW
GetSecurityInfoExW
ClearEventLogA
ConvertSecurityDescriptorToAccessNamedW
InitializeSid
RegQueryInfoKeyW
BuildTrusteeWithSidW
InitializeAcl
OpenBackupEventLogA
LookupPrivilegeNameW
CryptDecrypt
RegEnumValueW
ObjectDeleteAuditAlarmW
GetSidLengthRequired
RegSaveKeyA

kernel32

BuildCommDCBAndTimeoutsW
lstrcmpiA
GetEnvironmentVariableA
GetProcessWorkingSetSize
SetLastError
GlobalGetAtomNameW
lstrcmpW
lstrlenA
GetProcessHeap
GetModuleHandleA
ReadFile
GetMailslotInfo
GetStartupInfoW
SetErrorMode
DeleteCriticalSection
GetVolumeInformationW
GetModuleHandleW
HeapUnlock
GetLastError
CallNamedPipeA
GetEnvironmentStringsA
ExitProcess
ReleaseSemaphore
GetLocalTime
SetFilePointer
ConvertDefaultLocale
lstrcmpiW
GetTickCount
VirtualFree
GetPrivateProfileSectionNamesA
SetConsoleCP
FindFirstFileW
VirtualAlloc
VirtualFreeEx
VerLanguageNameW
QueryPerformanceFrequency
EnumResourceLanguagesW
_lcreat
lstrcatA
GetStdHandle
GetThreadContext
lstrcmpA
GetCommandLineW
CreateMailslotA
lstrcpynA

gdi32

GetObjectA
GetViewportExtEx
SetLayout
GetObjectType
GetTextExtentPointA
SetTextAlign
GetCharWidth32W
GetROP2
GetArcDirection
GetTextMetricsA
EnumEnhMetaFile
CreateHalftonePalette
GetCharABCWidthsW
GetTextCharset
GdiGetBatchLimit
SelectClipRgn
GetDCOrgEx
GetCurrentPositionEx
GetPixel
DescribePixelFormat
SetLayout
CancelDC
GetMiterLimit
gdiPlaySpoolStream
CreateEnhMetaFileW
SetMagicColors
Rectangle
GetCharacterPlacementA
GetGlyphOutlineW
GetTransform
SetROP2

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sqhtl
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jzcmh
Size: 4KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88956a0f27bff221be8aa24f45e1bc34

Headers

File Characteristics

Imports

msvcrt

user32

advapi32

kernel32

gdi32

Sections

.text Size: 16KB - Virtual size: 16KB

.sqhtl Size: 5KB - Virtual size: 15KB

.jzcmh Size: 4KB - Virtual size: 27KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 16KB

.sqhtl
Size: 5KB - Virtual size: 15KB

.jzcmh
Size: 4KB - Virtual size: 27KB

.reloc
Size: 1024B - Virtual size: 1KB