a9d83caf457eff16e9842f1c53cf8d49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9d83caf457eff16e9842f1c53cf8d49_JaffaCakes118
Size

1.6MB
MD5

a9d83caf457eff16e9842f1c53cf8d49
SHA1

8c815d76125d665688a16d39c6be02f438367d0e
SHA256

3eaa183ac09a38b7df6da53f585dced038f70a5a01b88e911d305cabf7f3bd47
SHA512

241e9c93f57f2949c517a8183a99bf7d5442bc36ba1873e214b3e9f72ec2b166841b1cd81cd0ad7cef0f99fc15aa6b597012ec2d8ce6cbe8e25c127445900e7a
SSDEEP

49152:Qu5JJczA/iDbyu+eNzlGxhx96S7k1coM/d0G:Qkcz9hg4M/+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9d83caf457eff16e9842f1c53cf8d49_JaffaCakes118

Files

a9d83caf457eff16e9842f1c53cf8d49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ded791f98f829675bd8e6fdb889e2bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
CreateFileA
GetProcAddress
LeaveCriticalSection
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
MulDiv
GetTickCount
GetFileTime
EnterCriticalSection
CloseHandle
GlobalUnlock
FindClose
GlobalAlloc
CreateMutexA
GetCurrentThreadId
FindFirstFileA
OutputDebugStringA
GetCommandLineA
MultiByteToWideChar
GetLastError
SetThreadPriority
Sleep
GetVersionExA
GlobalLock
GetCurrentThread
GetModuleFileNameA
GlobalFree
FindNextFileA
GetModuleHandleA
DeleteFileA
GetCurrentProcess
VirtualProtect
QueryPerformanceCounter
InitializeCriticalSection
QueryPerformanceFrequency
IsBadWritePtr
DeleteCriticalSection
GetThreadPriority
VirtualQuery
SetErrorMode
SetUnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
InterlockedExchange
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetLocalTime
GetSystemTimeAsFileTime
ExitThread
ResumeThread
CreateThread
ExitProcess
GetDriveTypeA
GetFullPathNameA
CreateDirectoryA
HeapReAlloc
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetStdHandle
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
GetCurrentDirectoryA
SetCurrentDirectoryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateFileW
SetEndOfFile
GetCurrentProcessId
CreateFileMappingA
GetFileSize
MapViewOfFile
RemoveDirectoryA

shell32

ShellExecuteA
SHGetFolderPathA

winmm

timeGetTime
timeBeginPeriod
mixerGetControlDetailsA
mixerOpen
mixerGetLineControlsA
mixerClose
mixerGetLineInfoA
mixerGetDevCapsA
mixerSetControlDetails
PlaySoundA
timeEndPeriod

wsock32

send
socket
WSACleanup
__WSAFDIsSet
closesocket
inet_ntoa
gethostbyname
WSAGetLastError
connect
ioctlsocket
WSAStartup
select
htons
recv

user32

EmptyClipboard
ReleaseCapture
SystemParametersInfoA
RegisterClassA
PeekMessageA
SetCursor
LoadCursorA
MessageBoxW
CreateWindowExA
MessageBoxA
GetActiveWindow
GetWindowRect
LoadIconA
ScreenToClient
OpenClipboard
EnumWindows
CreateCursor
SetWindowLongA
WindowFromPoint
SetTimer
DialogBoxIndirectParamA
BeginPaint
DestroyCursor
AdjustWindowRect
DestroyWindow
SetClipboardData
TranslateMessage
DispatchMessageA
ShowWindow
DefWindowProcA
GetCursorPos
RegisterWindowMessageA
ChangeDisplaySettingsA
EndDialog
GetWindowTextA
GetClipboardData
EnumDisplaySettingsA
EndPaint
GetDlgItem
GetWindowLongA
SendMessageA
SetWindowTextA
SetForegroundWindow
CloseClipboard
GetMessageA
CreateWindowExW
GetSysColorBrush
SetCaretPos
HideCaret
DestroyCaret
CreateCaret
ShowCaret
GetClientRect
AdjustWindowRectEx
DrawTextExA
OffsetRect
GetSystemMetrics
IsWindowVisible
IsIconic
PostMessageA
DefWindowProcW
SetFocus
GetWindowPlacement
GetDC
FillRect
ReleaseDC
ClientToScreen
GetWindowInfo
SetCapture
MoveWindow

gdi32

CreateCompatibleDC
DeleteObject
TextOutA
SelectObject
DeleteDC
GetTextExtentPoint32A
CreateDIBSection
CreateFontA
GetDeviceCaps
CreateFontIndirectA
GetTextMetricsA
IntersectClipRect
GetObjectA
GetStockObject
SetTextColor
SetBkMode

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegOpenKeyExA

ole32

CoInitialize

oleaut32

VariantClear

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 236KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0ded791f98f829675bd8e6fdb889e2bb

Headers

File Characteristics

Imports

kernel32

shell32

winmm

wsock32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 236KB - Virtual size: 234KB

.data Size: 28KB - Virtual size: 253KB

.rsrc Size: 36KB - Virtual size: 35KB

.srdata Size: 76KB - Virtual size: 76KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 236KB - Virtual size: 234KB

.data
Size: 28KB - Virtual size: 253KB

.rsrc
Size: 36KB - Virtual size: 35KB

.srdata
Size: 76KB - Virtual size: 76KB