d485f23050df05e072581a133a6b107d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d485f23050df05e072581a133a6b107d_JaffaCakes118
Size

151KB
MD5

d485f23050df05e072581a133a6b107d
SHA1

9ff31033b4ae86093452f3291a48b7d67ad9a0d0
SHA256

a9d1ee44b924ed3498a80a1217d18f6cf7bd5a9d835305751f6d13ee05eab96d
SHA512

7caa0b429226ad73b38db50c7d7942b6482b1cddc7dca9763b025ed6eb2395d4daaeb42adfed5210c552793d562496f5487af3a54efcd7f5267dccb713c18b98
SSDEEP

3072:R06qcJPCwFioPKlnvFLv0eSAjqHgwjCADVSlsJ:0cgEqvfS2qRDME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d485f23050df05e072581a133a6b107d_JaffaCakes118

Files

d485f23050df05e072581a133a6b107d_JaffaCakes118
.exe windows:1 windows x86 arch:x86

3dbdd12a6f7c0e4e1c41bffcaa96e623

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

mblen
_except_handler3
_getws
_stricmp
_searchenv
_dup2
_outp
_resetstkoflw
_fstat64
_ismbblead
_fgetwchar
_getche
_initterm
_mbbtombc
__p__commode
strspn
feof
_fullpath
_wcsdup
strcmp
__p__fmode
_ismbcl1
_ungetwch
_locking
exit
_ltow
__setusermatherr
_spawnv
_pctype
_pgmptr
_telli64
strrchr
_ismbbprint
_exit
putchar
_adjust_fdiv
towlower
_mbsdup
__set_app_type
_beep
iswpunct
_getw
_time64
fwprintf
iscntrl
_fstat
_wtempnam
_wfindfirst64
getc
ungetwc
iswctype
_global_unwind2
isalpha
acos
_wsplitpath
_cgetws
_tempnam
_XcptFilter
_spawnlpe
__getmainargs
_wunlink
_controlfp
_wfsopen
_getmbcp
_mbsnbicmp
_wfopen
getenv
_acmdln
_safe_fdivr
memcpy
_ismbcprint
_getdcwd
_mbsupr
_mbsrchr
_splitpath
_wcslwr
_ismbcpunct

user32

InvalidateRect
wsprintfA
GetMenuItemCount
CreateWindowExA
RegisterClassExA
CheckMenuRadioItem
MsgWaitForMultipleObjects
DrawTextA
PostMessageA
DefWindowProcA
GetWindow
GetSysColorBrush
GetUserObjectSecurity
GetWindowPlacement
DeferWindowPos
GetMessageA
ExitWindowsEx
SetClipboardData
FrameRect
GetWindowLongA
SetCursor
GetWindowTextA
SendMessageTimeoutA
GetFocus
EndPaint
CallWindowProcA
CreateDialogParamA
DialogBoxParamA
ReleaseDC
DefDlgProcA
RemoveMenu
DefFrameProcA
SetClassLongA
EnumChildWindows
LoadImageA
DestroyWindow
GetSysColor
CheckDlgButton
SetCapture
LoadIconA
SetWindowLongA
SetForegroundWindow
TrackPopupMenuEx
GetWindowRect
LoadAcceleratorsA
GetCursorPos
SetWindowTextA
PtInRect
IsZoomed
WindowFromPoint
SetUserObjectSecurity
IsWindowVisible
DispatchMessageA
LoadStringA
SetScrollInfo
TrackPopupMenu
GetSubMenu
ClientToScreen
ShowWindowAsync
SetPropA
IsIconic
ChildWindowFromPoint
SetWindowPlacement

kernel32

Module32First
UnmapViewOfFile
GetCurrentDirectoryA
VirtualFree
MultiByteToWideChar
GetStringTypeA
FindResourceA
RtlUnwind
GetSystemDirectoryA
MapViewOfFile
InterlockedDecrement
GetModuleHandleW
InterlockedIncrement
IsBadReadPtr
WaitForMultipleObjects
ExpandEnvironmentStringsA
SetEndOfFile
lstrcmpiA
CreateThread
GetLastError
GetVersion
GlobalLock
GetModuleHandleA
LoadLibraryA
TlsAlloc
LCMapStringW
GetFileAttributesA
ReadFile
HeapReAlloc
Module32Next
ExitProcess
GetCommandLineW
SetEnvironmentVariableA
GetSystemInfo
WriteConsoleA
GetStartupInfoA
HeapAlloc
GetNumberFormatA
LocalAlloc
GetProcessWorkingSetSize
WaitForSingleObject
CreateFileA
lstrcatA
GetConsoleMode
TerminateThread
GetConsoleOutputCP
FormatMessageA
SetFilePointer
DuplicateHandle
MulDiv
PulseEvent
SetUnhandledExceptionFilter
SetProcessWorkingSetSize
GetCurrentThread
GetCommandLineA
HeapFree
QueryPerformanceFrequency
TlsGetValue
lstrcpyA
ReadProcessMemory
SetStdHandle
IsDebuggerPresent
GetACP
SetEvent
QueryPerformanceCounter
LCMapStringA
GetTimeFormatA
GlobalMemoryStatus
FlushFileBuffers
GetLocaleInfoA
VirtualQueryEx
GetSystemTimeAsFileTime

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dbdd12a6f7c0e4e1c41bffcaa96e623

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 512B - Virtual size: 109B

.rsrc Size: 512B - Virtual size: 4B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 512B - Virtual size: 109B

.rsrc
Size: 512B - Virtual size: 4B