bef89022b8592fd18d4e1cbdfce21a94_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bef89022b8592fd18d4e1cbdfce21a94_JaffaCakes118
Size

372KB
MD5

bef89022b8592fd18d4e1cbdfce21a94
SHA1

1e3614a8aec09524b8c3cdad54ea5a2142a40de6
SHA256

d5bd00f155e8327ec486d5d28a23d7ac7ed2324de62d6b56d2e264dcee5c9f1c
SHA512

2367d1f2dcd3ae7196e08c99a7a1362c832174483bdced0767ba456516287e588cfcfd7f8d4f3565f52928601b693ffb5aa9d88c5eb1514dc911f9efdf6c71ad
SSDEEP

6144:Z03B5AgjSDZ2jEeNXj3tme9u+FpS077TbU4VPXJdPdPmWSeSq+UWXgnil6lyhM2c:Z03IgjY2jEeNXj3tme37zVPXYLEtWBZ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bef89022b8592fd18d4e1cbdfce21a94_JaffaCakes118

Files

bef89022b8592fd18d4e1cbdfce21a94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7e117b642969118d9d6d4cddaf0826c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA

comctl32

ord14
ord15
ord17
ord13

comdlg32

ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA

gdi32

SetBkMode
SetTextAlign
CreatePalette
DeleteDC
GetTextExtentPoint32A
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
TextOutA
SetBkColor
SetTextColor
Rectangle
CreateSolidBrush
GetStockObject
SelectObject
GetTextExtentExPointA
SetMapMode
GetDeviceCaps
SetPaletteEntries
CreateBitmap
RealizePalette
SelectPalette
UnrealizeObject
GetPixel
ExtTextOutA
CreatePen
LineTo
CreateCompatibleBitmap
TranslateCharsetInfo
GetTextMetricsA
CreateFontA
UpdateColors
ExcludeClipRect
IntersectClipRect
Polyline
MoveToEx
ExtTextOutW
SetPixel
GetCharWidthA
GetCharWidthW
GetCharWidth32W
GetCharWidth32A

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext
ImmSetCompositionFontA
ImmGetCompositionStringW

shell32

ShellExecuteA

user32

LoadIconA
SetScrollInfo
CreateCaret
LoadCursorA
DeleteMenu
InsertMenuA
SetCursor
PostQuitMessage
IsZoomed
GetKeyboardState
TrackPopupMenu
PostMessageA
EnableMenuItem
GetSystemMenu
DestroyCaret
GetMessageTime
ShowCursor
SetCaretPos
ToAsciiEx
SetKeyboardState
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
RegisterClipboardFormatA
GetClipboardData
FlashWindow
CheckMenuItem
DefDlgProcA
CreatePopupMenu
AppendMenuA
CreateMenu
GetMenuItemCount
GetKeyboardLayout
SetForegroundWindow
UpdateWindow
GetMessageA
SetTimer
KillTimer
IsWindow
DispatchMessageA
PeekMessageA
HideCaret
ShowCaret
WaitMessage
IsIconic
GetParent
GetWindowLongA
ReleaseCapture
GetDoubleClickTime
GetDesktopWindow
MoveWindow
CreateDialogParamA
EndDialog
EnableWindow
DialogBoxParamA
SetActiveWindow
GetWindowPlacement
SetWindowPlacement
MessageBoxA
SetFocus
GetDlgItem
CheckDlgButton
CheckRadioButton
WinHelpA
RegisterWindowMessageA
DrawEdge
GetDlgItemTextA
SetDlgItemTextA
SetCapture
IsDlgButtonChecked
SendDlgItemMessageA
SetWindowLongA
MessageBeep
GetDC
ReleaseDC
MapDialogRect
GetCaretBlinkTime
DestroyWindow
BeginPaint
GetClientRect
GetWindowTextLengthA
GetWindowTextA
EndPaint
SetWindowPos
InvalidateRect
DefWindowProcA
RegisterClassA
GetSysColor
SystemParametersInfoA
GetWindowRect
CreateWindowExA
ShowWindow
SetWindowTextA
SendMessageA
FindWindowA
GetForegroundWindow
GetCapture
GetClipboardOwner
GetQueueStatus
GetCursorPos
TranslateMessage
GetSystemMetrics
IsDialogMessageA

winmm

PlaySoundA

winspool.drv

OpenPrinterA
WritePrinter
EndPagePrinter
StartDocPrinterA
EndDocPrinter
ClosePrinter
StartPagePrinter
EnumPrintersA

kernel32

CompareStringA
SetEndOfFile
CompareStringW
SetEnvironmentVariableA
HeapCreate
GetProcAddress
LCMapStringA
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
GetStringTypeW
GetStringTypeA
GetVersion
GetCommandLineA
GetStartupInfoA
DeleteFileA
GetLastError
TerminateProcess
ExitProcess
HeapFree
HeapReAlloc
HeapAlloc
GetLocalTime
GetTimeZoneInformation
WriteFile
GetEnvironmentVariableA
CreateFileA
ReadFile
FreeLibrary
LoadLibraryA
GetVersionExA
Beep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateProcessA
GetLocaleInfoA
GetModuleFileNameA
lstrcpyA
GetModuleHandleA
LCMapStringW
MulDiv
IsDBCSLeadByteEx
MultiByteToWideChar
WideCharToMultiByte
GetCPInfo
GetOEMCP
GetACP
GetCurrentThreadId
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetTickCount
QueryPerformanceCounter
GlobalMemoryStatus
GetCurrentThread
GetThreadTimes
HeapDestroy
GetCurrentProcess
GetProcessTimes
GetSystemTime
GetSystemTimeAdjustment
GetWindowsDirectoryA
FindFirstFileA
FindNextFileA
FindClose
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetFilePointer
SetStdHandle

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e117b642969118d9d6d4cddaf0826c3

Headers

File Characteristics

Imports

advapi32

comctl32

comdlg32

gdi32

imm32

shell32

user32

winmm

winspool.drv

kernel32

Sections

.text Size: 272KB - Virtual size: 272KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 44KB - Virtual size: 64KB

.rsrc Size: 12KB - Virtual size: 32KB

.text
Size: 272KB - Virtual size: 272KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 44KB - Virtual size: 64KB

.rsrc
Size: 12KB - Virtual size: 32KB