be26ff06159309ade2ec1c8ad6a032d6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

be26ff06159309ade2ec1c8ad6a032d6_JaffaCakes118
Size

392KB
MD5

be26ff06159309ade2ec1c8ad6a032d6
SHA1

310742b9d93a3e1dbd8a46a2eaca4847c38666ef
SHA256

d8c5a5f6e42acbe8fff0aed2c145bd48d13d1fb71dcaea1d2a1d68ed8eb6d0a9
SHA512

461508d745fc1c71c92dd821da59d488fb254a0d97703956d9183c0cdb267d472ec7c42f1e14face1b5a917ce18b26b2781c1a80e1b805527fd4f1042cff0755
SSDEEP

6144:Y2BCmQnWvrvDEZwktZzg6cYYVSUnL5XrwO/2nsu5fZDlPIO:buWvrvDJkzzpcYYVdlsO/2nsuDxPIO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be26ff06159309ade2ec1c8ad6a032d6_JaffaCakes118

Files

be26ff06159309ade2ec1c8ad6a032d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f6c77a15d709f5ebf000741486cc3462

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
LocalAlloc
GlobalAlloc
GlobalReAlloc
LocalUnlock
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
IsBadReadPtr
ReadFile
WriteFile
CloseHandle
SetFilePointer
GetFileSize
CreateFileA
CreateDirectoryA
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetTempPathA
GetCommandLineA
GetVersion
DeleteFileA
LoadResource
LockResource
InterlockedIncrement
WideCharToMultiByte
GetFileAttributesA
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetTempFileNameA
LocalFree
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetProcAddress
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
OutputDebugStringA
FreeResource
CopyFileA
WaitForSingleObject
CreateProcessA
GlobalFree
GlobalLock
GlobalUnlock
SetLastError
GetTickCount
TlsGetValue
WinExec
SizeofResource
FindResourceA
MulDiv
GetModuleFileNameA
GetLastError
HeapReAlloc
InterlockedDecrement
GetStartupInfoA
ReleaseMutex
CreateMutexA
QueryPerformanceFrequency
QueryPerformanceCounter
FreeLibrary
CreateThread
ExitThread
GetSystemTime
GetLocalTime

user32

LoadImageA
SetWindowTextA
ReleaseCapture
GetCapture
GetCursor
GetAsyncKeyState
SetCapture
RedrawWindow
SetWindowRgn
LoadCursorFromFileA
CallWindowProcA
GetWindowTextA
GetWindowTextLengthA
SetFocus
GetNextDlgTabItem
PostQuitMessage
DestroyWindow
ScreenToClient
GetForegroundWindow
GetWindowRect
UnregisterClassA
DispatchMessageA
CreateWindowExA
SetClassWord
SetWindowLongA
SetForegroundWindow
RegisterClassA
SetTimer
KillTimer
IntersectRect
SystemParametersInfoA
GetSystemMetrics
SendMessageA
GetMessageA
GetWindowLongA
GetCursorPos
GetWindow
TranslateMessage
SetRectEmpty
SetRect
PostMessageA
GetDesktopWindow
MessageBoxA
SetCursor
OffsetRect
InvalidateRect
GetDC
GetFocus
ShowWindow
PtInRect
EnumWindows
BeginPaint
EndPaint
IsWindowVisible
MoveWindow
GetUpdateRect
LoadIconA
GetClientRect
IsRectEmpty
UpdateWindow
UnionRect
EqualRect
LoadCursorA
SetWindowPos
FindWindowA
GetParent
DefWindowProcA
CopyRect
ReleaseDC

gdi32

GetDIBits
GetStockObject
SetBkColor
CreateDIBSection
GetMapMode
CreateBitmap
SetMapMode
GetPixel
SetBitmapBits
SetDIBColorTable
GetDIBColorTable
GetObjectA
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
RealizePalette
SelectPalette
CreateDIBitmap
GetDeviceCaps
CreatePalette
DeleteObject
SetTextColor
SetBkMode
TextOutA
GetTextExtentPoint32A
CreateFontIndirectA
CreateEllipticRgn
CreatePolygonRgn
SelectClipRgn
SetRectRgn
Rectangle
CreateSolidBrush
CreateRectRgnIndirect
CreateCompatibleBitmap

shell32

ShellExecuteA

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA

winmm

mixerGetLineControlsA
mixerSetControlDetails
mixerGetLineInfoA
mixerGetNumDevs
mixerOpen
mciSendCommandA
sndPlaySoundA
mixerClose

rpcrt4

RpcStringFreeA
UuidToStringA

ole32

CoCreateGuid

wsock32

gethostbyname
htons
socket
WSAStartup
WSACleanup
closesocket
WSAGetLastError
connect
select
send
recv

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f6c77a15d709f5ebf000741486cc3462

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

winmm

rpcrt4

ole32

wsock32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 24KB - Virtual size: 27KB

.rsrc Size: 144KB - Virtual size: 142KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 24KB - Virtual size: 27KB

.rsrc
Size: 144KB - Virtual size: 142KB