0838859c564648c71ad1eddd778c36cf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0838859c564648c71ad1eddd778c36cf_JaffaCakes118
Size

344KB
MD5

0838859c564648c71ad1eddd778c36cf
SHA1

7aa4559aa6b424df7a597fa0ea64fb75c3c70fb4
SHA256

bc3b9a0c83aeee5cbea22cb073fe5cc866711cb8f42143500058e1949d93c4f9
SHA512

123c16ec7510c53238e22d0a5b226d41b52acd74024f177e39e4243e54d32a3c312c58f1333f074ba4f48b1c75c5774dedc3d03fdddd626509e5f7a91704d60d
SSDEEP

6144:LeDZ5nNScZ4NpXJAqLuBKzzfDdHNsRMB4T8HQ8Qb42FO6AuQFyO6yfseEG:Ly5NuT5yAzgRgsHtu/6yfsO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0838859c564648c71ad1eddd778c36cf_JaffaCakes118

Files

0838859c564648c71ad1eddd778c36cf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef893fe6ebdc4dbc60cc375e89b7a953

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cncs232

ord24
ord64
ord18
ord32
ord16
ord19
ord56
ord81
ord158
ord206
ord57
ord6
ord23
ord176
ord2
ord33
ord36
ord186
ord151
ord149
ord3
ord105
ord193
ord200
ord335
ord336
ord191
ord188
ord179
ord366
ord334
ord390
ord340
ord375
ord387
ord363
ord199
ord108
ord55
ord338
ord374
ord120
ord196
ord195
ord89
ord165
ord435
ord189
ord192
ord154
ord90
ord313
ord312
ord311
ord351
ord350
ord411
ord410
ord187
ord307
ord308
ord352
ord333
ord310
ord303
ord349
ord361
ord409
ord348
ord408
ord392
ord347
ord407
ord305
ord299
ord94
ord92
ord93
ord109
ord163
ord91
ord140
ord52
ord168
ord138
ord162
ord132
ord107
ord129
ord414
ord71
ord78
ord77
ord76
ord61
ord125
ord79
ord70
ord69
ord60
ord62
ord98
ord133
ord75
ord34
ord35
ord12
ord68
ord48
ord150
ord346
ord54
ord115
ord169
ord143
ord50
ord65
ord116
ord178
ord177
ord80
ord106
ord171
ord173
ord172
ord112
ord113
ord114
ord86
ord96
ord160
ord30
ord29
ord117
ord118
ord119
ord111
ord95
ord88
ord161
ord136
ord83
ord67
ord170
ord412
ord103
ord156
ord372
ord174
ord391
ord66
ord58

winmm

joyGetPos

kernel32

WriteFile
SetFilePointer
CreateFileA
_lread
_lwrite
GetTickCount
ReadFile
CloseHandle
GetLastError
LockResource
lstrlen
GetCommandLineA
_hread
_llseek
lstrcpyA
lstrcatA
lstrcmpA
lstrcpynA
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
GlobalReAlloc
GlobalAlloc
lstrlenA
GetExitCodeProcess
CreateProcessA
GetTempPathA
GetTempFileNameA
GlobalDeleteAtom
GetVersion
GlobalAddAtomA
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryA
_lopen
_lclose
SetErrorMode
GetProcAddress
FreeLibrary
RemoveDirectoryA
GetModuleFileNameA
WinExec
LocalAlloc
LocalFree
FindResourceA
SizeofResource
LoadResource
lstrcpy
FreeResource
lstrcmp
lstrcat
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStdHandle
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
RaiseException
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetCurrentProcess
TerminateProcess
ExitProcess
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
SetEnvironmentVariableA
DeleteFileA
HeapSize
HeapFree
HeapReAlloc
HeapCompact
HeapAlloc
RtlUnwind
CompareStringA
CompareStringW
SetEndOfFile

user32

CreateWindowExA
UnionRect
GetSysColor
SetScrollRange
DrawFocusRect
SetRect
InvertRect
OemToCharA
PtInRect
MessageBoxA
SetWindowTextA
GetDlgItem
wsprintfA
MapVirtualKeyA
GetInputState
PeekMessageA
SetTimer
LoadStringA
SetDlgItemTextA
KillTimer
SetFocus
DestroyWindow
SetScrollPos
GetDlgItemTextA
EndDialog
GetKeyState
PostMessageA
IsZoomed
GetWindowRect
GetMenu
DestroyMenu
LoadMenuA
LoadMenuIndirectA
GetMenuItemCount
DeleteMenu
SetWindowPlacement
IsWindowVisible
ShowWindow
GetWindowPlacement
SetWindowPos
GetMenuState
CheckMenuItem
InvalidateRect
SetCursorPos
GetCursorPos
ShowCursor
GetAsyncKeyState
ClientToScreen
GetActiveWindow
GetFocus
MapWindowPoints
SetPropA
RemovePropA
GetPropA
CallWindowProcA
DefWindowProcA
ReleaseCapture
SetCapture
IntersectRect
GetDesktopWindow
TranslateMessage
DispatchMessageA
UpdateWindow
WinHelpA
SetForegroundWindow
EnumThreadWindows
IsWindow
GetTopWindow
GetClassNameA
GetWindow
LoadIconA
LoadImageA
RegisterClassExA
RegisterClassA
OffsetRect
GetSystemMetrics
AdjustWindowRectEx
CopyRect
DestroyIcon
GetSubMenu
CreateIconIndirect
PostQuitMessage
GetUpdateRect
FillRect
SendMessageA
RedrawWindow
GetClientRect
IsIconic
EnableMenuItem
GetParent
GetDC
ScreenToClient
ReleaseDC
BeginPaint
EndPaint
SendDlgItemMessageA
SetWindowLongA
GetWindowLongA

gdi32

LineTo
SelectObject
MoveToEx
Rectangle
CreateHatchBrush
CreatePen
SelectPalette
RealizePalette
CreateSolidBrush
GetStockObject
SetDIBits
CreateCompatibleBitmap
CreateBitmap
CreatePalette
CreateFontIndirectA
GetObjectA
GetTextExtentPointA
GetCharWidthA
GetTextMetricsA
SetROP2
SetBkColor
SetTextColor
GetNearestPaletteIndex
SetBkMode
SetTextAlign
DPtoLP
TextOutA
Polygon
SetPolyFillMode
SelectClipRgn
CreateRectRgn
LPtoDP
DeleteObject

advapi32

RegQueryValueA
RegOpenKeyA
RegCloseKey

shell32

ShellExecuteA
DragAcceptFiles
DragQueryFileA

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT_1
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef893fe6ebdc4dbc60cc375e89b7a953

Headers

File Characteristics

Imports

cncs232

winmm

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 196KB - Virtual size: 196KB

TEXT_1 Size: 49KB - Virtual size: 49KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 16KB - Virtual size: 26KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 196KB - Virtual size: 196KB

TEXT_1
Size: 49KB - Virtual size: 49KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 16KB - Virtual size: 26KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 18KB - Virtual size: 17KB