43854af9b720319b94f9a2de88f4fe36_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

43854af9b720319b94f9a2de88f4fe36_JaffaCakes118
Size

320KB
MD5

43854af9b720319b94f9a2de88f4fe36
SHA1

3d656069ad2e1daa6dac14141b814afb0dcf5559
SHA256

c8bd29d0427801512a5b37c19e7d0a631b39e34eb20cb35d07d530c265e6387e
SHA512

1c8d77e6806966e161e2fca76f49c87899e2dbc32ca6da92fa7f0f5da2db99836e163d544231247da8dfdda0e38295e1cad72dbe02b2dca4c9fd535b518ca534
SSDEEP

6144:pzM+949gGXnSgCgECde+LXo3jdfxrhsZhBSsQLH5Add:yBZhECdezTZ1SZhBSsPdd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43854af9b720319b94f9a2de88f4fe36_JaffaCakes118

Files

43854af9b720319b94f9a2de88f4fe36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6f1fd98d7945531a1e3a8fe4df547a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

comctl32

ord17

gdi32

SetDIBColorTable
GetStockObject
RestoreDC
GetObjectA
GetDIBColorTable
ExtTextOutA
GetDeviceCaps
DeleteObject
CreateRectRgnIndirect
CreateCompatibleDC
DeleteDC
SelectObject
CreateFontA
SaveDC
RealizePalette
CreatePalette
SelectPalette
SetSystemPaletteUse
GetSystemPaletteEntries
CreateFontIndirectA
SetBkColor
Rectangle
StretchBlt
OffsetClipRgn
CreateDIBSection
GetClipRgn
ExcludeClipRect
BitBlt
SelectClipRgn
TextOutA
SetTextColor
SetBkMode

shell32

ShellExecuteA

user32

SystemParametersInfoA
KillTimer
PostQuitMessage
GetWindowLongA
CreateDialogParamA
GetMessageA
GetSysColor
GetWindowTextA
DrawFrameControl
DrawIconEx
IsWindowVisible
OffsetRect
GetWindowDC
FillRect
GetCursorPos
MapWindowPoints
WindowFromPoint
PtInRect
HideCaret
LoadImageA
PeekMessageA
TranslateMessage
DispatchMessageA
UnhookWindowsHookEx
SendMessageA
DestroyWindow
DestroyMenu
RedrawWindow
GetClientRect
IsIconic
LockWindowUpdate
BeginPaint
EndPaint
GetDC
CallNextHookEx
GetAsyncKeyState
DeleteMenu
InsertMenuItemA
RemoveMenu
DrawMenuBar
SetMenu
SetWindowPos
IsZoomed
MoveWindow
UpdateWindow
InvalidateRect
CreateMenu
LoadIconA
RegisterClassA
ShowWindow
MessageBoxA
ReleaseDC
SetWindowsHookExA
GetSystemMetrics
CreateWindowExA
EndDialog
SendDlgItemMessageA
SetTimer
SetWindowLongA
SetForegroundWindow
ShowCursor
GetWindowRect
DefWindowProcA
LoadCursorA
SetCursor
DialogBoxParamA
SetWindowTextA
GetActiveWindow
GetDesktopWindow
GetDlgItem
DrawTextA
PostMessageA

winmm

timeBeginPeriod
timeSetEvent
waveOutPrepareHeader
waveOutWrite
waveOutReset
timeKillEvent
waveOutOpen
waveOutUnprepareHeader
waveOutGetPosition
timeGetTime
timeEndPeriod
waveOutClose
waveOutGetDevCapsA

wsock32

closesocket
recv
accept
recvfrom
sendto
send
WSAStartup
WSACleanup
gethostname
socket
WSAGetLastError
WSAAsyncSelect
setsockopt
bind
getsockname
ntohs
ntohl

kernel32

HeapAlloc
CompareStringW
GetVersion
GetCommandLineA
GetStartupInfoA
SetEnvironmentVariableA
SuspendThread
GetSystemTime
FreeEnvironmentStringsW
ExitProcess
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
DuplicateHandle
QueryPerformanceFrequency
GetModuleFileNameA
SetUnhandledExceptionFilter
GetVersionExA
GlobalMemoryStatus
LocalFree
LocalAlloc
QueryPerformanceCounter
CreateMutexA
WaitForSingleObject
ReleaseMutex
SetFilePointer
CloseHandle
SetEndOfFile
FlushFileBuffers
ReadFile
WriteFile
GetLastError
FormatMessageA
CreateFileA
TerminateProcess
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
GlobalAlloc
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
CreateFileMappingA
Sleep
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
LoadLibraryA
HeapFree
FreeLibrary
GetProcAddress
SetThreadPriority
CreateThread
CreateEventA
SetEvent
GetDriveTypeA
VirtualQuery
VirtualProtect
GetSystemInfo
GetModuleHandleA
GetLocalTime
GlobalLock
GetTimeZoneInformation
GlobalUnlock
GlobalFree

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6f1fd98d7945531a1e3a8fe4df547a3

Headers

File Characteristics

Imports

dsound

version

advapi32

comctl32

gdi32

shell32

user32

winmm

wsock32

kernel32

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 60KB - Virtual size: 236KB

.rsrc Size: 84KB - Virtual size: 81KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 60KB - Virtual size: 236KB

.rsrc
Size: 84KB - Virtual size: 81KB