b0b433b3f1da1336c80dfc9d74954f2f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0b433b3f1da1336c80dfc9d74954f2f_JaffaCakes118
Size

252KB
MD5

b0b433b3f1da1336c80dfc9d74954f2f
SHA1

852cc852f833255398843a299bca5bc16a209f3b
SHA256

c38d8005c7fc025c2a20e3e0eff4449c4dda257174a3401a3d13c1fb3bca78e8
SHA512

45777a13fe23e2b1f0bd35f1a5e79ad72ca3e028d9823267645e32d3b805365ce149e0e2ab9db487e637ca142b7d19234982e1c2ea9684ed11faff413761ffdf
SSDEEP

3072:Wxhz/JeacABqlGhuIkV49koDvjvGPhNjlPIoz2z6wSb43rknmLr1i1JGZjYR9YRL:NacAbZoIvzRXGQOJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0b433b3f1da1336c80dfc9d74954f2f_JaffaCakes118

Files

b0b433b3f1da1336c80dfc9d74954f2f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96f128b3d29cca476d1ad9ff1262cfd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
WaitForSingleObject
CreateEventA
GetPrivateProfileStringA
GetLastError
SetEvent
WinExec
FreeResource
WriteFile
SizeofResource
LockResource
GetVersionExA
CopyFileA
CreateDirectoryA
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
LoadResource
FindResourceA
lstrcpyA
InterlockedIncrement
lstrcmpiA
DebugBreak
OutputDebugStringA
CompareStringA
FlushInstructionCache
WritePrivateProfileStringA
Process32Next
Module32Next
Module32First
Process32First
CreateToolhelp32Snapshot
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
LoadLibraryW
LocalFree
LocalAlloc
CreateFileW
MultiByteToWideChar
GetFileAttributesA
GetDriveTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetStdHandle
LCMapStringW
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
HeapCreate
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapSize
TlsGetValue
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetCPInfo
GetVersion
RaiseException
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
ExitProcess
RtlUnwind
GetFileAttributesExA
CreateThread
GetCurrentThreadId
GetTickCount
InterlockedDecrement
SetLastError
DeleteFileA
lstrlenA
TerminateProcess
HeapFree
GetTempPathA
GetTempFileNameA
MoveFileExA
SetFilePointer
GetWindowsDirectoryA
HeapAlloc
FreeLibrary
GetCurrentProcess
GetModuleFileNameA
LoadLibraryA
GetProcAddress
CreateFileA
ReadFile
CloseHandle

user32

DrawFocusRect
GetFocus
GetDlgCtrlID
GetCursorPos
ScreenToClient
SetCursor
SetWindowPos
EndDialog
GetParent
GetSysColor
IsWindowEnabled
CallWindowProcA
FillRect
MapWindowPoints
GetClientRect
SystemParametersInfoA
GetWindowRect
GetWindow
EndPaint
BeginPaint
CreateDialogParamA
PtInRect
SetFocus
SetCapture
ReleaseCapture
InvalidateRect
UpdateWindow
DestroyCursor
SetRectEmpty
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
ShowWindow
CreateWindowExA
LoadStringA
ReleaseDC
GetDC
DrawTextA
OffsetRect
CharNextA
wvsprintfA
GetClassNameA
SetWindowLongA
CreateCursor
IsWindow
MessageBoxA
EnableWindow
DestroyWindow
PostQuitMessage
GetActiveWindow
DialogBoxParamA
GetSystemMetrics
LoadImageA
SendMessageA
GetDlgItem
IsDialogMessageA
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
GetCapture

gdi32

GetStockObject
SelectObject
DeleteDC
DeleteObject
SetTextColor
CreateFontIndirectA
GetObjectA
SetBkMode

advapi32

RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

avleach

AVLeachGetError
AVLeachCreate
AVLeachFree

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

SHGetValueA
PathFileExistsA
SHDeleteKeyA

wsock32

WSAStartup
ioctlsocket
gethostbyaddr
WSACleanup

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96f128b3d29cca476d1ad9ff1262cfd1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

avleach

comctl32

shlwapi

wsock32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 160KB - Virtual size: 159KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 160KB - Virtual size: 159KB