1008196a88dca8198758a8e432057eb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1008196a88dca8198758a8e432057eb0_JaffaCakes118
Size

130KB
MD5

1008196a88dca8198758a8e432057eb0
SHA1

6dd44f1ce40274f138707d12561b1a28cc37a3ea
SHA256

02b64b2d34394d214fa2a9eac9f28c273ba17845078a4cb07e5b585ab44beffc
SHA512

ed16e78694ca5dffe56c02483f651a7b8eb3f19fcd94e2b3fca066e185e566454e25325f1a9e50fa6989d354aadf72ce6e3822a3bfeb230ced220e6a2b1764f8
SSDEEP

3072:fSZAHksK0vDW+Qe23PrjvgVM3cuGIj98cmElwaCJHv:fSFsKADW5/rjvgV3uZK5aC1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1008196a88dca8198758a8e432057eb0_JaffaCakes118

Files

1008196a88dca8198758a8e432057eb0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e2aa1d882b2bc56b9b72a52fdb0256a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
LocalAlloc
GlobalAlloc
GetVersionExA
GetCurrentThreadId
GetDiskFreeSpaceA
lstrlenW
MultiByteToWideChar
SetFileTime
GetTempPathA
GetModuleHandleA
GetStartupInfoA
lstrcpyA
EnterCriticalSection
GetComputerNameA
GetTickCount
GetFileSize
GetSystemTime
GetLocaleInfoA
GlobalFree
WriteFile
GetVolumeInformationA
LoadResource
DeleteCriticalSection
InterlockedIncrement
LockResource
UnmapViewOfFile
FindResourceA
CreateMutexA
SetEndOfFile
FreeLibrary
ReadFile
HeapDestroy
GetSystemInfo
GetFileAttributesA
InitializeCriticalSection
Sleep
ResumeThread
lstrcmpA
GetPrivateProfileStringA
SystemTimeToFileTime
lstrlenA
GlobalUnlock
CreateFileA
GetFileTime
InterlockedExchange
CloseHandle
GetVersion
IsBadReadPtr
LoadLibraryA
LocalFree
InterlockedDecrement
RemoveDirectoryA
WaitForSingleObject
SetFileAttributesA
CreateFileMappingA
GetModuleFileNameA
GlobalMemoryStatus
CreateProcessA
FormatMessageA
MoveFileA
ExitProcess
HeapAlloc
HeapCreate
LoadLibraryExA
GetProcAddress
SetThreadPriority
GetCurrentThread
FileTimeToSystemTime
GetThreadPriority
GetLastError
WritePrivateProfileStringA
SetFilePointer
lstrcatA

user32

SetWindowPos
wvsprintfA
GetClientRect
SetMenuDefaultItem
RegisterClipboardFormatA
InsertMenuA
SetParent
GetMenuItemInfoA
CreateWindowExA
GetParent
SetWindowContextHelpId
ShowCaret
GetWindow
CreatePopupMenu
DrawEdge
CheckMenuItem
EnableMenuItem
WindowFromPoint
PostMessageA
UnhookWindowsHookEx
GetMessagePos
RemoveMenu
ReleaseCapture
IsWindowVisible
SetTimer
IsRectEmpty
EndDeferWindowPos
FlashWindow
SendMessageA
GetSystemMenu
SetCursor
OffsetRect
GetDesktopWindow
PostThreadMessageA
SetCapture
CopyRect
WaitMessage
RedrawWindow
DeferWindowPos
BeginDeferWindowPos
ReleaseDC
DispatchMessageA
ScreenToClient
DrawIconEx
MessageBoxA
GetDC
AdjustWindowRectEx
DestroyCaret
GetDCEx
LoadCursorA
GetMenu
EnableWindow
AppendMenuA
LoadMenuA
DeleteMenu
SetRectEmpty
IsMenu
PostQuitMessage
GetWindowLongA
GetCapture
IntersectRect
GetKeyState
PeekMessageA
GetSubMenu
GetActiveWindow
DrawFrameControl
BringWindowToTop
DestroyMenu
CallNextHookEx
SetCaretPos
HideCaret
GetDlgCtrlID
PtInRect
IsIconic
InflateRect
FillRect
GetSystemMetrics
GetWindowRect
GetMenuItemCount
GetTopWindow
GetMenuState
LockWindowUpdate
GetMenuStringA
UnionRect
GetClassLongA
GetNextDlgTabItem
MapDialogRect
SetForegroundWindow
RegisterWindowMessageA
GetCursorPos
EqualRect
GetMenuItemID
ClientToScreen
InvalidateRect
SetMenuItemInfoA
SystemParametersInfoA
MapWindowPoints
GetSysColor
IsWindow
SetWindowsHookExA
LoadBitmapA
SetRect
ModifyMenuA
LoadImageA
DrawTextA
KillTimer
CreateCaret
GetMessageA
IsZoomed
UpdateWindow
TrackPopupMenu

shell32

ShellExecuteA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetMalloc
SHFileOperationA
SHGetSpecialFolderLocation

ole32

CoTaskMemFree
CoGetClassObject
StringFromGUID2
StringFromCLSID
CLSIDFromString
OleCreateEmbeddingHelper
CoCreateGuid

oleaut32

SysFreeString
VariantClear
SysAllocStringLen

comctl32

ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_AddMasked
ImageList_SetBkColor
ord8
ImageList_GetImageCount
ImageList_BeginDrag

winmm

PlaySoundA

wsock32

closesocket
socket
getsockname
listen
gethostbyname
connect
getpeername
WSAAsyncSelect
ntohs
bind
recv
send
WSASetLastError
WSAGetLastError
htons
inet_addr
shutdown
ioctlsocket
accept

msvcrt

_adjust_fdiv
??1type_info@@UAE@XZ
??8type_info@@QBEHABV0@@Z
_ftol
_open
?terminate@@YAXXZ
_purecall
longjmp
_close
wcslen
_chdir
_setjmp3
_XcptFilter
_acmdln
isdigit
exit
_CxxThrowException
gmtime
__set_app_type
sprintf
__setusermatherr
__RTDynamicCast
__getmainargs
_onexit
fgets
fclose
floor
ctime
_itoa
__p__fmode
_CIpow
qsort
_mbsinc
__dllonexit
atoi
isalpha
atof
isalnum
free
vsprintf
_chdrive
fseek
wcscpy
time
_mbschr
fprintf
fopen
_strdup
_mbctoupper
_endthread
_except_handler3
strncat
_exit
_fstat
_setmbcp
__CxxFrameHandler
clock
_initterm

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2aa1d882b2bc56b9b72a52fdb0256a3

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

oleaut32

comctl32

winmm

wsock32

msvcrt

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 24KB - Virtual size: 47KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 24KB - Virtual size: 47KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB