b5579875affd803758ab2f8677cbb047_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b5579875affd803758ab2f8677cbb047_JaffaCakes118
Size

120KB
MD5

b5579875affd803758ab2f8677cbb047
SHA1

b48e3da8bfa57c8bb20c5d0928a275933197ee05
SHA256

b44018c200f5f80bdec06b904cef8edd3b751440fdcf5ee920dcdd514a727705
SHA512

5367e19b698c7686910abe8405fea17513f3fb5eea370a8cbb23e9e37fcc529393ba5393b12b49e8cf6ab0281c23b4cb98fa0e27204bd62015e5891c1c05e79e
SSDEEP

3072:8kbw7eUeH99KkKf9jkamJcuF8BGZCd8nl:8kbwJ090k0IawIGZCd4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5579875affd803758ab2f8677cbb047_JaffaCakes118

Files

b5579875affd803758ab2f8677cbb047_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67cacce98064a4dc5a9553da0aca60a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
UpdateWindow
TranslateMessage
ShowWindow
SetRect
SetClipboardData
ScreenToClient
ReleaseDC
RegisterClassA
PostThreadMessageA
PeekMessageA
OpenClipboard
MsgWaitForMultipleObjects
LoadCursorA
GetSystemMetrics
GetQueueStatus
GetForegroundWindow
GetDC
EmptyClipboard
DispatchMessageA
DestroyWindow
DefWindowProcA
DefDlgProcW
CreateWindowExA
CloseClipboard
ClientToScreen
CharToOemA
AdjustWindowRect

advapi32

SetSecurityDescriptorDacl
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
OpenProcessToken
InitializeSecurityDescriptor
InitializeAcl
GetSecurityDescriptorDacl
GetLengthSid
GetAce
EqualSid
ElfRegisterEventSourceA
CryptExportKey
CryptEnumProvidersW
AllocateAndInitializeSid
AddAce
AddAccessAllowedAce
StartServiceCtrlDispatcherA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

winmm

waveInReset
waveInOpen
waveInGetNumDevs
waveInStart
sndPlaySoundA
joyGetPosEx
WOW32ResolveMultiMediaHandle
waveOutPrepareHeader
waveOutUnprepareHeader
waveInGetDevCapsW
timeKillEvent

shell32

ShellExecuteA
SHFileOperationW
SHGetSpecialFolderPathW

ws2_32

socket
send
select
inet_addr
getservbyname
connect
WSAGetLastError
WSAAsyncGetHostByName
WSAAccept

kernel32

WritePrivateProfileSectionW
TlsGetValue
WideCharToMultiByte
WaitForSingleObject
UpdateResourceA
GetFileInformationByHandle
GetModuleHandleA
TlsFree
AddConsoleAliasW
BackupRead
BackupSeek
CloseHandle
CompareStringA
CreateDirectoryExA
CreateFileA
CreateSemaphoreA
DeleteCriticalSection
EnumLanguageGroupLocalesA
ExitProcess
GetCommandLineA
GetCompressedFileSizeW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcessId
WritePrivateProfileStructW
SetEnvironmentVariableA
RemoveDirectoryW
MulDiv
LeaveCriticalSection
IsBadHugeWritePtr
HeapFree
HeapCreate
HeapAlloc
GetSystemInfo
GlobalMemoryStatus
GlobalAlloc
GetWindowsDirectoryA
GetVersionExA
GetTempPathW
GetExitCodeProcess

dinput

DirectInputCreateW

ole32

IsEqualGUID
PropVariantClear
CoUninitialize

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67cacce98064a4dc5a9553da0aca60a2

Headers

File Characteristics

Imports

user32

advapi32

version

winmm

shell32

ws2_32

kernel32

dinput

ole32

Sections

.text Size: 84KB - Virtual size: 83KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 83KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB