bea2fb5ad220c42a2474ba3b7ec43a60_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bea2fb5ad220c42a2474ba3b7ec43a60_JaffaCakes118
Size

172KB
MD5

bea2fb5ad220c42a2474ba3b7ec43a60
SHA1

e5d4c124b6199c9676a7625e52fe2ac59c1f877c
SHA256

a8e44160b34f29c2ee1602413912ebf5e1e77c02499754c7ebac73bd0997e3c0
SHA512

9e2f5fb8a7deba87b5cd5c549b273f1cfdd4abcde02deff3cb39e526239e8187980154031d5d5c98e69ef12f65e465dca8ae9a6afb20f748c4040c8be7cf8952
SSDEEP

3072:JaUjGu+5sA6zUG06S2phE5/VVG32JklKxS6OFB2Ad:1jp+L6QG06P8/VVGmJkoxLA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bea2fb5ad220c42a2474ba3b7ec43a60_JaffaCakes118

Files

bea2fb5ad220c42a2474ba3b7ec43a60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e2bd4be768f665786d21f724ada3364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strncpy
strlen
memcpy
longjmp
_setjmp3
fseek
ftell
fread
strcmp
sprintf
strncmp
strcat
strcpy
fmod
fabs
ceil
malloc
floor
free
fclose
exit
__p__iob
fprintf
getenv
sscanf

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetDiskFreeSpaceExA
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
Sleep
GetTickCount
GetVersionExA
MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
SetLastError
MulDiv
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
SetFileAttributesA
GetLastError
FindNextFileA
WriteFile
CloseHandle
CreateFileA
SetFilePointer
TlsAlloc
TlsSetValue
GlobalAlloc
GlobalFree

comctl32

InitCommonControls
InitCommonControlsEx

user32

SendMessageA
GetCursorPos
GetWindowRect
PtInRect
CharUpperA
MessageBoxA
GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
DestroyWindow
CreateWindowExA
ShowWindow
SetWindowPos
GetWindowLongA
CallWindowProcA
SetWindowLongA
GetParent
GetWindow
GetClientRect
FillRect
DefWindowProcA
RedrawWindow
LoadCursorA
RegisterClassExA
SetClassLongA
InvalidateRect
ScreenToClient
GetIconInfo
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateA
EndPaint
SetCapture
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetWindowTextLengthA
GetWindowTextA
SetPropA
GetPropA
RemovePropA
SetWindowTextA
GetDC
InflateRect
ReleaseDC
GetWindowDC
GetFocus
GetClassNameA
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
EnumPropsExA
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
RegisterClassA
AdjustWindowRectEx
GetActiveWindow
CreateAcceleratorTableA
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
EnumChildWindows
PostMessageA
DefFrameProcA
SetCursorPos
LoadImageA
SetCursor
MapWindowPoints
MoveWindow
SystemParametersInfoA
GetKeyState
IsChild
DrawIconEx
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource

gdi32

GetStockObject
GetObjectType
GetObjectA
DeleteObject
SetBkColor
SetTextColor
ExcludeClipRect
CreateSolidBrush
GetDeviceCaps
CreateDCA
CreateFontA
DeleteDC
SetTextAlign
SelectObject
CreatePen
SetPixelV
Rectangle
RoundRect
Ellipse
SetROP2
SetBkMode
SelectPalette
RealizePalette
GetDIBits
CreateCompatibleDC
SetStretchBltMode
StretchDIBits
BitBlt
StretchBlt
MoveToEx
TextOutA
CreateFontIndirectA
GetPixel
ExtFloodFill
LineTo
GetTextExtentPoint32A
GetTextMetricsA
CreateCompatibleBitmap
SetDIBits
CreateDIBSection
CreateBitmap
SetPixel

advapi32

RegCreateKeyExA
RegConnectRegistryA
RegCloseKey
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
RealDriveType

winmm

timeBeginPeriod
timeEndPeriod

imagehlp

MakeSureDirectoryPathExists

Sections

.code
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e2bd4be768f665786d21f724ada3364

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

advapi32

ole32

shell32

winmm

imagehlp

Sections

.code Size: 17KB - Virtual size: 16KB

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 73KB - Virtual size: 74KB

.rsrc Size: 4KB - Virtual size: 3KB

.code
Size: 17KB - Virtual size: 16KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 73KB - Virtual size: 74KB

.rsrc
Size: 4KB - Virtual size: 3KB