f4f9683b61eadcab31d8950322b106cd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f4f9683b61eadcab31d8950322b106cd_JaffaCakes118
Size

192KB
MD5

f4f9683b61eadcab31d8950322b106cd
SHA1

208069cde2ed2cf9f5a8dcae8e05941a54d4cbc8
SHA256

47a912451a28d93d6b2f07f03b07093da3af41015c0d588c38d6f27f53caeaf8
SHA512

20f118f11c71821ac7b5f8673d248cfef3947eb802b50efd7b2efd1f4c85855df13cf66c2a13e0e91ffe8370c8a5011c4ec02e0bbdd24dcab4f10faabd31e5c9
SSDEEP

3072:N2HJlkH4Q8w+1sO5pdWTheXr5cUvVQyKwU4eic5+NnjtTBffnxf:NKJA4Q5UsgkoXFpvVHKknjtTBHxf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4f9683b61eadcab31d8950322b106cd_JaffaCakes118

Files

f4f9683b61eadcab31d8950322b106cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8dcc73228d1aa36647a6353554709345

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
CreateEventA
TerminateThread
WaitForSingleObject
GetModuleFileNameA
CreateThread
WriteFile
ResetEvent
FindFirstFileA
SetFilePointer
GetShortPathNameA
TerminateProcess
OpenProcess
CreateDirectoryA
GetFileSize
GetTickCount
SetFileAttributesA
GetFileAttributesA
FindClose
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
CreateFileA
ReadFile
DeleteFileA
SetEvent
OpenEventA
CloseHandle
CompareStringW
MultiByteToWideChar
CompareStringA
GetCPInfo
SetErrorMode
WaitForMultipleObjects
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
GlobalFree
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
HeapLock
HeapWalk
HeapUnlock
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GetExitCodeProcess
CreatePipe
GetCurrentProcess
DuplicateHandle
CreateProcessA
GetDriveTypeA
GetVolumeInformationA
GetLongPathNameA
GetCurrentProcessId
FindNextFileA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetExitCodeThread
Sleep

user32

MessageBeep
CreateCursor
OpenIcon
IsWindow
PostThreadMessageA
GetMessageA
GetWindowTextA
GetWindowLongA
GetWindowThreadProcessId
GetWindow
GetDesktopWindow
PostMessageA
FindWindowA
GetSystemMetrics
DestroyWindow
SendMessageA

gdi32

FillPath
CreateCompatibleBitmap
CreateDCA
GetObjectA
BitBlt
CreateCompatibleDC
GetDIBits

advapi32

RegEnumValueA
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHFileOperationA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipAlloc
GdipFree
GdipLoadImageFromFile
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipDisposeImage

mfc42

ord3626
ord640
ord665
ord1979
ord5186
ord354
ord5785
ord1641
ord1640
ord323
ord800
ord1601
ord537
ord3663
ord3571
ord2414

msvcrt

_strupr
strstr
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
wcscmp
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_strset
free
pow
strcmp
__CxxFrameHandler
sprintf
malloc
_purecall
_ftol
rand
srand
memcmp
strchr
memcpy
strlen
strrchr
_CxxThrowException
memset
__p__commode
strcpy

psapi

EnumProcessModules
GetModuleFileNameExA

ole32

StringFromGUID2
CoInitialize
CoUninitialize
CoCreateGuid

ws2_32

send
connect
recv
shutdown
getsockname
recvfrom
WSACleanup
WSAStartup
gethostbyname
gethostname
closesocket
WSAIoctl
socket
bind
htons
sendto
ntohs
WSAGetLastError

winmm

timeSetEvent
timeKillEvent

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

Sections

.text
Size: 144KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dcc73228d1aa36647a6353554709345

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

gdiplus

mfc42

msvcrt

psapi

ole32

ws2_32

winmm

avicap32

Sections

.text Size: 144KB - Virtual size: 141KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 144KB - Virtual size: 141KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB