c8905767f16ec69ff0d1289f80b539aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c8905767f16ec69ff0d1289f80b539aa_JaffaCakes118
Size

198KB
MD5

c8905767f16ec69ff0d1289f80b539aa
SHA1

1a268b8c8fb9ccedcc34d39569bb57b89ca801d3
SHA256

c2fd64cc95c0cb64fc6cb90d7adc9ad33c722676cfbd560bb826c0d26cb0b95f
SHA512

ff99590a98d4548549ac0245db5ac037e5cc344986157c54bb1a1b3d71b28b87eb1c8da9365bc94fb9bc2ecf34aeb8723a5f98adf9de124c519858b04b0866b3
SSDEEP

3072:qoX/zJ/nRujnirc9SMngAd1CSVlAOJBAOJRDQJHPcyWzplizgxsE:Nz6jp9qAISVlAOXAOz8Pcyukgv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8905767f16ec69ff0d1289f80b539aa_JaffaCakes118

Files

c8905767f16ec69ff0d1289f80b539aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

92cb4bc57a6127475ebedbe75fa88274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
memmove
strncpy
strlen
strcpy
strcat
memcmp
_stricmp
longjmp
_setjmp3
fseek
ftell
fread
sprintf
strcmp
strncmp
fclose
fabs
ceil
malloc
floor
free
exit
__p__iob
fprintf
getenv
sscanf

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
HeapAlloc
HeapFree
FreeLibrary
MultiByteToWideChar
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
CreateFileA
SetFilePointer
SetEndOfFile
WriteFile
GetFileSize
ReadFile
GetTickCount
MulDiv
DeleteFileA
FindClose
FindFirstFileA
GetLastError
FindNextFileA
HeapReAlloc
SetLastError
TlsAlloc
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
GetVersionExA

comctl32

InitCommonControls
InitCommonControlsEx
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

user32

CharUpperA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
SendMessageA
CreateWindowExA
DestroyWindow
GetWindowTextLengthA
GetWindowTextA
ShowWindow
SetWindowTextA
GetWindowLongA
GetClientRect
FillRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
RedrawWindow
LoadCursorA
RegisterClassExA
SetClassLongA
InvalidateRect
GetWindowRect
ScreenToClient
GetIconInfo
SetWindowPos
UpdateWindow
ReleaseCapture
BeginPaint
DrawStateA
EndPaint
SetCapture
GetSystemMetrics
GetSysColor
GetSysColorBrush
GetWindow
RemovePropA
SetPropA
GetParent
GetPropA
MapWindowPoints
MoveWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
PeekMessageA
MsgWaitForMultipleObjects
GetMessageA
GetActiveWindow
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
RegisterClassA
AdjustWindowRectEx
CreateAcceleratorTableA
SetFocus
GetFocus
EnumChildWindows
PostMessageA
DefFrameProcA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
GetKeyState
GetCursorPos
IsChild
GetClassNameA
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource

gdi32

DeleteObject
CreateDCA
GetDeviceCaps
CreateFontA
DeleteDC
GetObjectType
GetStockObject
GetObjectA
SetBkColor
SetTextColor
CreateSolidBrush
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
StretchBlt
SetDIBits
CreateDIBSection
GetDIBits
BitBlt
CreateBitmap
SetPixel

advapi32

RegOpenKeyA
RegConnectRegistryA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA

ole32

CoInitialize
RevokeDragDrop

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

wsock32

closesocket
WSACleanup
WSAStartup

Sections

.code
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92cb4bc57a6127475ebedbe75fa88274

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

advapi32

ole32

shell32

wsock32

Sections

.code Size: 9KB - Virtual size: 8KB

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 108KB - Virtual size: 109KB

.rsrc Size: 1024B - Virtual size: 964B

.code
Size: 9KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 108KB - Virtual size: 109KB

.rsrc
Size: 1024B - Virtual size: 964B