3be3524264d65282a01d50dee746519c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3be3524264d65282a01d50dee746519c_JaffaCakes118
Size

917KB
MD5

3be3524264d65282a01d50dee746519c
SHA1

8d73e89511967bc071e7155fa3e25060bc7243d3
SHA256

b251dfc6ee8710bc50caa4b7b6a149d60f3f536cfae750ff26015c65a0eeab1f
SHA512

7c58aa0c149aefccaf2263c14102ba6f63954d5e98aa33875aec39331e7f7b269b19dbdca98b6f2f28dd88254d512f646dc68b35c00ab740c84bfb1a33dfa2b7
SSDEEP

24576:+cf7U4TE5zMPPLwmwcmCaTXDIh04d29PuKb/WL91MXr+CTpN0MmTZeuix:+i7IiOuix

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be3524264d65282a01d50dee746519c_JaffaCakes118

Files

3be3524264d65282a01d50dee746519c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2bd89c302f87868c22230b28009526b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegFlushKey
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA

comctl32

ord17

gdi32

DeleteObject
CreateRectRgnIndirect
GetDeviceCaps
CreateCompatibleDC
DeleteDC
SelectObject
CreateFontA
SetDIBColorTable
RealizePalette
CreatePalette
SelectPalette
SetSystemPaletteUse
GetSystemPaletteEntries
GetStockObject
RestoreDC
Rectangle
StretchBlt
SaveDC
CreateDIBSection
GetClipRgn
ExcludeClipRect
BitBlt
OffsetClipRgn
SelectClipRgn
TextOutA
SetTextColor
SetBkMode
CreateFontIndirectA
ExtTextOutA
SetBkColor
GetDIBColorTable
GetObjectA

shell32

ShellExecuteA

user32

GetKeyState
KillTimer
PostQuitMessage
GetWindowLongA
GetSysColor
GetWindowTextA
DrawFrameControl
DrawIconEx
PostMessageA
IsWindowVisible
OffsetRect
GetWindowDC
GetMessageA
FillRect
HideCaret
LoadImageA
DrawTextA
GetDlgItem
PeekMessageA
TranslateMessage
DispatchMessageA
UnhookWindowsHookEx
SendMessageA
DestroyWindow
DestroyMenu
RedrawWindow
CallNextHookEx
SetWindowsHookExA
GetClientRect
IsIconic
GetAsyncKeyState
LockWindowUpdate
BeginPaint
EndPaint
SystemParametersInfoA
DeleteMenu
InsertMenuItemA
RemoveMenu
DrawMenuBar
SetMenu
GetSystemMetrics
SetWindowPos
IsZoomed
MoveWindow
UpdateWindow
GetDesktopWindow
InvalidateRect
CreateMenu
LoadIconA
RegisterClassA
ShowWindow
MessageBoxA
GetDC
ReleaseDC
CreateWindowExA
EndDialog
SendDlgItemMessageA
SetTimer
SetWindowLongA
SetForegroundWindow
ShowCursor
GetWindowRect
GetActiveWindow
DefWindowProcA
LoadCursorA
SetCursor
DialogBoxParamA
SetWindowTextA
CreateDialogParamA

winmm

timeKillEvent
timeEndPeriod
waveOutUnprepareHeader
waveOutOpen
timeBeginPeriod
timeSetEvent
waveOutPrepareHeader
waveOutReset
waveOutClose
waveOutGetDevCapsA
waveOutGetPosition
joyGetPosEx
joyGetPos
timeGetTime
waveOutWrite

wsock32

WSASetLastError
connect
ntohl
recv
accept
recvfrom
ioctlsocket
WSAAsyncGetHostByName
WSACancelAsyncRequest
sendto
send
ntohs
gethostname
getpeername
listen
closesocket
WSAStartup
WSACleanup
socket
WSAGetLastError
WSAAsyncSelect
setsockopt
bind
getsockname

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

SetFilePointer
GetLocalTime
GetSystemTime
MultiByteToWideChar
WriteFile
FormatMessageA
CreateFileA
GetProcAddress
FreeLibrary
LoadLibraryA
WaitForSingleObject
ReleaseMutex
Sleep
CloseHandle
SuspendThread
CreateFileMappingA
ExitProcess
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
DuplicateHandle
QueryPerformanceFrequency
CreateMutexA
SetUnhandledExceptionFilter
GetVersionExA
LocalReAlloc
GetLastError
GlobalMemoryStatus
LocalFree
LocalAlloc
QueryPerformanceCounter
GetModuleFileNameA
SetCurrentDirectoryA
TerminateProcess
HeapReAlloc
UnhandledExceptionFilter
GetFileAttributesA
CreateDirectoryA
RaiseException
GetCPInfo
GetACP
GetOEMCP
SetEvent
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
FindClose
FindNextFileA
GetVersion
FindFirstFileA
SetThreadPriority
CreateThread
CreateEventA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
ReadFile
FlushFileBuffers
GetTimeZoneInformation
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock

Sections

.text
Size: 740KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oli
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2bd89c302f87868c22230b28009526b8

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

shell32

user32

winmm

wsock32

version

kernel32

Sections

.text Size: 740KB - Virtual size: 739KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 67KB - Virtual size: 1.2MB

.rsrc Size: 100KB - Virtual size: 116KB

.oli Size: - Virtual size: 1B

.text
Size: 740KB - Virtual size: 739KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 67KB - Virtual size: 1.2MB

.rsrc
Size: 100KB - Virtual size: 116KB

.oli
Size: - Virtual size: 1B