d9e7720a3abea060504211f7af50b0c5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9e7720a3abea060504211f7af50b0c5_JaffaCakes118
Size

860KB
MD5

d9e7720a3abea060504211f7af50b0c5
SHA1

40bf17471817fb8da0b3e8485c750d63f798504b
SHA256

1e047dd044db9e718a70b667c234dc3d7fc68f059d00581f65b03898a2dfa1ac
SHA512

69d672e7a98b2406ae4f3597ca1e68a18a6d8328b5c7250ee0f460155cb830e25cdc3f1f1f0f852cf632dc4c846a8c5804cf127bbb09e2cd913c9848c3b8974f
SSDEEP

6144:i3tTy00QdeNKHlwZMZ3vwl5buGXwQ/mc0lzGYJYi/FE:i9eedZlwZzaGXwzc0lzX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9e7720a3abea060504211f7af50b0c5_JaffaCakes118

Files

d9e7720a3abea060504211f7af50b0c5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e50775bb7897220cc55d24703fb4b42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

kernel32

RaiseException
HeapFree
HeapAlloc
TerminateProcess
HeapSize
HeapReAlloc
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
ExitProcess
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetStartupInfoA
RtlUnwind
SetErrorMode
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetLastError
CloseHandle
GlobalAlloc
lstrcmpA
GetCurrentThread
GlobalFree
LocalFree
GetProfileStringA
GetModuleFileNameA
lstrcpynA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
SetLastError
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetProcAddress
CopyFileA
GetCommandLineA
SetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
VirtualFree

user32

GrayStringA
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
IsWindowEnabled
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
CreateDialogIndirectParamA
EndDialog
LoadStringA
PostQuitMessage
ValidateRect
TranslateMessage
GetMessageA
WaitMessage
DestroyMenu
GetClassNameA
GetSysColorBrush
PostMessageA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
CopyRect
GetScrollInfo
GetScrollPos
DrawTextA
GetTopWindow
MessageBoxA
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
ShowScrollBar
GetCursorPos
WindowFromPoint
GetAsyncKeyState
LoadBitmapA
GetActiveWindow
IsWindowVisible
SetWindowRgn
IsIconic
GetSystemMetrics
DrawIcon
GetSystemMenu
AppendMenuA
RedrawWindow
LoadIconA
EnableWindow
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
IsWindow
GetSysColor
SetCursor
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessagePos
ScreenToClient
PtInRect
InvalidateRect
SetTimer
MessageBeep
SetWindowLongA
GetClientRect
SendMessageA
KillTimer
GetDlgItem

gdi32

SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
PatBlt
SelectObject
RestoreDC
SaveDC
DeleteDC
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
GetPixel
CreateRectRgn
CombineRgn
BitBlt
GetTextExtentPoint32A
GetStockObject
GetObjectA
GetTextExtentPointA
CreateDIBitmap
CreateFontIndirectA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

comctl32

ord17
ImageList_Destroy
ImageList_LoadImageA

wsock32

WSASetLastError
WSAGetLastError
accept
bind
htonl
WSAStartup
recv
send
inet_ntoa
socket
recvfrom
sendto
connect
inet_addr
WSACleanup
htons
WSAAsyncSelect
ioctlsocket
closesocket
gethostbyname

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e50775bb7897220cc55d24703fb4b42

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 24KB - Virtual size: 39KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 24KB - Virtual size: 39KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB