c2aa6030fac59cc986dcca9474eb97e9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c2aa6030fac59cc986dcca9474eb97e9_JaffaCakes118
Size

1.4MB
MD5

c2aa6030fac59cc986dcca9474eb97e9
SHA1

4c779e31b55996db3424b0bb060d474f84b67dc6
SHA256

ab2106a5c16b2e0e8aece8157a901bac7867e6583150f146a3ed7eb60715fbc0
SHA512

15415ed663398924bad886ee7da8baf4b4663cfd1b49aebb6597265274a2ea50ac9bdb07603a33cd8ddab23a008b6f061bda27ad7edef6091076663f13b4d65e
SSDEEP

12288:649pSnqtqc9j5zaf5jgQSEqqp5Ilg8n41YeJcN8JjtIupi:64TSq0Y1z26aqfz41YI68Jjtj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2aa6030fac59cc986dcca9474eb97e9_JaffaCakes118

Files

c2aa6030fac59cc986dcca9474eb97e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a384954184b5df15a1235d6d0a9a0af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
WriteFile
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
ReadFile
GetLocalTime
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
CompareStringW
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsSetValue
InterlockedIncrement
InterlockedDecrement
GetSystemTime
GetTimeZoneInformation
RaiseException
HeapFree
HeapAlloc
RtlUnwind
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetModuleFileNameA
CreateMutexA
GetLastError
ReleaseMutex
GetVersionExA
WritePrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStructA
GetPrivateProfileStringA
GetEnvironmentVariableA
GetPrivateProfileIntA
FindClose
GetUserDefaultLCID
QueryPerformanceFrequency
CreateFileA
GetFileInformationByHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
CreateEventA
ResetEvent
SetEvent
SetThreadPriority
lstrcmpiA
Sleep
CreateThread
ResumeThread
TerminateThread
CreateDirectoryA
WaitForSingleObject
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
GetTempPathA
lstrcpyA
DeleteFileA
lstrlenA
IsBadWritePtr
SetEnvironmentVariableA

user32

SendDlgItemMessageA
wsprintfA
OffsetRect
SetWindowsHookExA
IsDialogMessageA
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
DeleteMenu
InsertMenuA
GetDlgItem
SetWindowLongA
SendMessageA
LoadCursorA
UnhookWindowsHookEx
CallNextHookEx
LoadIconA
GetAsyncKeyState
DrawEdge
CheckRadioButton
InvertRect
FillRect
GetScrollInfo
SetScrollInfo
EnableMenuItem
GetMenuStringA
GetWindowLongA
DialogBoxParamA
ModifyMenuA
UpdateWindow
DrawTextA
GetDC
GetClientRect
IsWindow
SetCursor
PtInRect
CallWindowProcA
EndPaint
BeginPaint
EndDialog
LoadStringA
DefWindowProcA
GetWindowTextA
EnableWindow
SetWindowTextA
KillTimer
GetDlgItemTextA
SetDlgItemTextA
MessageBoxA
SetTimer
PostMessageA
CreateDialogParamA
DestroyWindow
GetWindowRect
SetWindowPlacement
RedrawWindow
IsWindowVisible
SetForegroundWindow
GetWindowPlacement
DrawMenuBar
PostQuitMessage
SetMenu
RegisterClassExA
CreateWindowExA
GetDlgItemInt
SetDlgItemInt
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetCursorPos
ClientToScreen
SetRect
ReleaseDC
GetParent
TrackPopupMenu
CheckDlgButton
GetSystemMetrics
LoadMenuA
GetSubMenu
IsDlgButtonChecked
InvalidateRect
DestroyMenu
SetFocus
MoveWindow
ScreenToClient
SetWindowPos
ShowWindow
GetFocus
MessageBeep
GetWindowTextLengthA

gdi32

TextOutA
StretchDIBits
AnimatePalette
SelectPalette
CreateFontIndirectA
GetObjectA
SelectObject
DeleteObject
SetTextColor
SetBkMode
GetStockObject
SetBkColor
ExtTextOutA
CreatePalette
GetSystemPaletteEntries
RealizePalette

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA

shell32

DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
DragAcceptFiles
DragQueryFileA
SHGetMalloc

ole32

CoInitialize
CoUninitialize
CoCreateInstance

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod

comctl32

ord17
ord6
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_LoadImageA

imm32

ImmAssociateContext

shlwapi

StrCmpNIA
StrStrIA
PathIsRelativeA
PathAppendA
PathCanonicalizeA
PathFindExtensionA
PathUnquoteSpacesA

avifil32

AVIStreamWrite
AVIStreamRelease
AVIFileRelease
AVIFileOpenA
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

ICCompressorChoose
ICCompressorFree

wsock32

sendto
recv
WSACancelAsyncRequest
shutdown
socket
setsockopt
closesocket
htonl
htons
recvfrom
inet_ntoa
WSAAsyncSelect
listen
connect
WSAGetLastError
ioctlsocket
WSAAsyncGetHostByName
WSAStartup
WSACleanup
accept
inet_addr
bind
send

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 64KB - Virtual size: 989KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a384954184b5df15a1235d6d0a9a0af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

winmm

comctl32

imm32

shlwapi

avifil32

msvfw32

wsock32

Sections

.text Size: 624KB - Virtual size: 623KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 64KB - Virtual size: 989KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 624KB - Virtual size: 623KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 64KB - Virtual size: 989KB

.rsrc
Size: 8KB - Virtual size: 4KB