143b04cdea910787cc3257356d6b027f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

143b04cdea910787cc3257356d6b027f_JaffaCakes118
Size

112KB
MD5

143b04cdea910787cc3257356d6b027f
SHA1

7ba0eca805e6a725da1f832e188b7c63c22b561e
SHA256

f6d36156ccd49bcfffb488979479f2a25838812a7a16c8a7fefba5f8751751c5
SHA512

13b0294af2f3f081825d9cee636f75c3a8b102cfc5f16b98d32ee41a5bf18ef785cdb912e25222195fd86f9432ab8fe72578550afdabc35220efb1e19f163896
SSDEEP

1536:GHRIVO+rJ504d0B2+baWowdtZJJtJ1oG3xle1b0gxjo2BPZsk6KxefNu+DEwSJ1g:C7+rf04d0BQwdtZJJt3xY9BPZw/uhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
143b04cdea910787cc3257356d6b027f_JaffaCakes118

Files

143b04cdea910787cc3257356d6b027f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1f845950f1d0b16c641101a75031c502

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GlobalWire
IsValidLocale
InterlockedDecrement
SetConsoleHardwareState
WriteConsoleOutputAttribute
GetTapePosition
SetConsoleScreenBufferSize
GetTickCount
InterlockedIncrement
WriteConsoleInputA
RegisterWowBaseHandlers
FindFirstChangeNotificationW
VirtualQueryEx
LockFile
SetConsoleInputExeNameW
SetLastError
GlobalReAlloc
SetConsoleCP
SetCurrentDirectoryW
GetCurrencyFormatW
GetProcessPriorityBoost
DebugBreak
UnregisterWait
GetVolumeNameForVolumeMountPointA
GetHandleInformation
GetCurrentThreadId
GetNumberOfConsoleFonts
GlobalLock
SearchPathA
lstrlenW
FreeLibrary
GetTapeParameters
LCMapStringA
GetSystemTime
GetModuleHandleA
OpenConsoleW
UnhandledExceptionFilter
GetPrivateProfileSectionNamesW
GetLocalTime
ReadConsoleOutputCharacterA
SetConsoleMaximumWindowSize
VirtualAlloc
GetProcAddress
GetUserDefaultLangID
LoadLibraryA

gdi32

SelectObject
GdiStartPageEMF
GetWinMetaFileBits
DeleteDC
CombineRgn
SetWorldTransform
SetPixelFormat
Chord
CreateFontIndirectExA
GetObjectA
CreateCompatibleBitmap
CreateICA
RemoveFontResourceExW
CopyEnhMetaFileW
GetStockObject
CreateCompatibleDC

shell32

ExtractAssociatedIconA
Shell_NotifyIconW
DoEnvironmentSubstW
SHGetSpecialFolderPathW
SHFileOperationA
SheSetCurDrive
ord179
InternalExtractIconListW
StrRStrW
SheGetDirA
SHAppBarMessage
StrNCmpIA
SHGetPathFromIDListA
SHUpdateRecycleBinIcon
StrNCmpA
SHQueryRecycleBinA
ExtractAssociatedIconExA
SHChangeNotify
ShellAboutA
SheChangeDirA
SHFormatDrive
StrRStrIA
FindExecutableW
StrCmpNIA
StrRChrA
DoEnvironmentSubstA
StrChrW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
StrChrIA
SHLoadInProc
ord180
SHBrowseForFolderW
DragQueryPoint
StrRChrW
SHInvokePrinterCommandW
CommandLineToArgvW
StrStrW
DragAcceptFiles
ExtractAssociatedIconW
ExtractAssociatedIconExW
ExtractIconA
WOWShellExecute
SHFreeNameMappings
StrCmpNIW
SHGetDiskFreeSpaceA
DuplicateIcon
SHFileOperationW
SheChangeDirExW
SHInvokePrinterCommandA
StrStrIW
StrRChrIA
ExtractIconExA
SHGetInstanceExplorer
ShellAboutW
DragQueryFileW
SHGetPathFromIDListW
InternalExtractIconListA

winmm

mmioRead
mmioStringToFOURCCA
sndPlaySoundW
mci32Message
mciDriverYield
midiOutGetErrorTextA
auxGetDevCapsW
midiStreamClose
waveOutGetErrorTextW
joyGetDevCapsW
waveOutRestart
auxOutMessage
midiInStop
NotifyCallbackData
waveOutWrite
midiInAddBuffer
waveInGetNumDevs
joyReleaseCapture
waveOutReset
mciGetCreatorTask
mciSendCommandW
midiOutOpen
waveInReset
waveInClose
SendDriverMessage
waveInAddBuffer
mmTaskYield
midiInMessage
waveInGetDevCapsA
mciGetDeviceIDA
timeKillEvent
waveInPrepareHeader
mmioSetInfo
mmioStringToFOURCCW
waveInGetErrorTextA
timeGetDevCaps
midiInGetErrorTextW
mmDrvInstall
waveOutClose
waveInStop
timeBeginPeriod
mciSendStringW
mciSetDriverData
joy32Message
joySetThreshold
midiOutCacheDrumPatches
mixerGetID
timeGetTime
mixerGetLineInfoA
mixerGetControlDetailsW
wod32Message
mixerOpen
mciGetDeviceIDFromElementIDA
mciSendCommandA
waveOutGetPosition
PlaySoundA

msvcrt

_mbsnbicmp
fopen
fwrite
tolower
memset
sprintf
fputc
_cgets
_futime
isalnum
fprintf
fwprintf
fsetpos
feof
_fcloseall
ferror
fclose
ftell
_wexeclp
_unlink
fputs
_ismbcspace
fread
fseek
vswprintf
_filelengthi64
printf

Exports

Exports

Abed
Eamfv
Kvkjkmp
Nukp
Vzlmku
Zftwribk

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f845950f1d0b16c641101a75031c502

Headers

File Characteristics

Imports

kernel32

gdi32

shell32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 48KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 48KB

.reloc
Size: 8KB - Virtual size: 5KB