b381461c2e2c87feec1141428dfdbae5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b381461c2e2c87feec1141428dfdbae5_JaffaCakes118
Size

332KB
MD5

b381461c2e2c87feec1141428dfdbae5
SHA1

3142fad60b3237cd5ff5fa51c8e645394768e771
SHA256

0c4b95d1301ae9f5be0add1cce7c92cf7041f7c6a7531222e922668714c09ee7
SHA512

907b8efb4b6b31e90646fd1baea48a7b4d0b571c88555ccabe61794935b0e7cb33164d43ead5379ef2164cb1a540cd60f8cd644eefe5307e229c783b9db958d3
SSDEEP

6144:o3KEwUBFlfvryauVcy+jJfCG6S36YcRsQV6y8n:ttUdua2236dKQVm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b381461c2e2c87feec1141428dfdbae5_JaffaCakes118

Files

b381461c2e2c87feec1141428dfdbae5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ba9a1d2fce2565afeda28d361c694de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
HeapSize
SetStdHandle
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
GetLocaleInfoA
SetFilePointer
InitializeCriticalSection
InterlockedExchange
RtlUnwind
LoadLibraryA
RaiseException
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
SetLastError
TlsAlloc
LCMapStringW
GetLastError
MultiByteToWideChar
LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetProcAddress
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitProcess
SetEnvironmentVariableA
FlushFileBuffers
MoveFileA
CreateThread
TerminateThread
GlobalLock
GlobalUnlock
GetFileTime
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
GetVolumeInformationA
GetVersionExA
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
GlobalAlloc
SetCurrentDirectoryA
FindResourceA
LoadResource
SizeofResource
LockResource
FreeResource
lstrcpynA
Sleep
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
GetModuleFileNameA

user32

LoadAcceleratorsA
GetMessageA
LoadStringA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
LoadIconA
TranslateAcceleratorA
SetTimer
MessageBoxA
SetDlgItemTextA
SendDlgItemMessageA
GetWindowRect
SetWindowPos
InsertMenuItemA
CreateWindowExA
ShowWindow
CharLowerA
EndPaint
OffsetRect
GetClientRect
InflateRect
GetSystemMetrics
BeginPaint
GetUpdateRect
SetLayeredWindowAttributes
SetWindowLongA
GetWindowLongA
RedrawWindow
GetWindowDC
SetWindowTextA
CreatePopupMenu
GetMenuItemCount
DestroyMenu
LoadCursorA
RegisterClassExA
PostQuitMessage
DefWindowProcA
GetMenuItemID
CheckMenuItem
FindWindowA
IsWindow
DialogBoxParamA
SystemParametersInfoA
ReleaseCapture
SetCapture
GetScrollInfo
GetDlgCtrlID
GetDlgItemInt
SetForegroundWindow
TrackPopupMenu
PostMessageA
EndDialog
SetFocus
SetScrollInfo
GetCursorPos
GetMenuItemRect
FrameRect
LoadBitmapA
CopyRect
MessageBeep
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
KillTimer
SendMessageA
GetWindowPlacement
PtInRect
InvalidateRect
UpdateWindow
FillRect
DestroyWindow
DrawTextA
GetDlgItem
EnableWindow

gdi32

EndPage
StartPage
CreatePen
Polygon
CreateDIBitmap
SetTextAlign
TextOutA
GetTextMetricsA
GetTextExtentPoint32A
CreateSolidBrush
GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
CreateFontA
SelectObject
DeleteObject
Rectangle
SetTextColor
GetCurrentObject
SetStretchBltMode
EndDoc
GetDeviceCaps
StretchBlt
SetBkMode
StartDocA

comdlg32

PrintDlgA
GetOpenFileNameA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteValueA
RegSetValueExA

shell32

SHGetFolderPathA
ShellExecuteA
Shell_NotifyIconA

ole32

CreateStreamOnHGlobal

ws2_32

htons
gethostbyname
closesocket
recv
send
setsockopt
connect
htonl
socket
WSAStartup
WSACleanup

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdiplusShutdown

winmm

PlaySoundA

comctl32

InitCommonControlsEx

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ba9a1d2fce2565afeda28d361c694de

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

ws2_32

gdiplus

winmm

comctl32

Sections

.text Size: 99KB - Virtual size: 99KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 22KB - Virtual size: 598KB

.rsrc Size: 181KB - Virtual size: 180KB

.text
Size: 99KB - Virtual size: 99KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 22KB - Virtual size: 598KB

.rsrc
Size: 181KB - Virtual size: 180KB