43dbdc652821617427c5b302855ba382_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43dbdc652821617427c5b302855ba382_JaffaCakes118
Size

3.4MB
MD5

43dbdc652821617427c5b302855ba382
SHA1

9cc5a0c81b65df6c439c6a1beff0b371437a2569
SHA256

bdf87e921f34cf5a088739819edf33ceabea89f2988e4aafb6243efb1a6f7f1a
SHA512

714d5727bc26b9fd3e4c43026999a0cacd8d7bd4406ddfa3a079f0aaf1d4bed05d5ef7789887cd3a30995c61ff9f59caf0e8554285eec8f22e5f935bf01bdecf
SSDEEP

6144:kP3+g5asRawWCDNNDtW9pPBDkKPqiZCpfvcPgmxjVBkSYIkfJElmKx0b3cP20:KB6CDoPPqiIl6FkfJyqjcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43dbdc652821617427c5b302855ba382_JaffaCakes118

Files

43dbdc652821617427c5b302855ba382_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e624fb1490fab3a5c49e30014d5c5994

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
memcpy
realloc
free
printf
strcpy
strlen
strncpy
cos
sin
malloc
memcmp
strcat
fread
sprintf
abs
pow
longjmp
strtod
calloc
fopen
fseek
fclose
_stricmp
strncmp
localtime
mktime
_strnicmp
gmtime
memmove
floor
_iob
_setjmp
_isnan
_lseek
_close
_fstat
_open
_read
_write

user32

wsprintfA
SetWindowLongA
SetClassLongA
InvalidateRect
GetWindowLongA
SetLayeredWindowAttributes
ShowWindow
GetSystemMetrics
EnumDisplaySettingsA
GetDC
ReleaseDC
SendMessageA
GetAsyncKeyState
wvsprintfA
SetWindowPos
GetDesktopWindow
FillRect
ShowCursor
GetWindowRect
OffsetRect
SetRect
CallWindowProcA
GetClientRect
ClientToScreen
GetPropA
SetPropA
TranslateMessage
DispatchMessageA
PeekMessageA
SetWindowTextA
MoveWindow
EnableWindow
ScreenToClient
BeginPaint
EndPaint
DefWindowProcA
LoadIconA
RegisterClassExA
CreateWindowExA
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
GetIconInfo
DestroyWindow
GetWindow
GetParent
GetClassNameA
ValidateRect
LoadCursorA
RegisterClassA
GetSysColor
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
GetMenu
AdjustWindowRect
GetActiveWindow
GetMessageA
TranslateAcceleratorA
PostMessageA
SetFocus
IsWindowEnabled
IsWindowVisible
GetFocus
IsChild
EnumChildWindows
GetKeyState
CreateAcceleratorTableA
SetCursorPos
LoadImageA
SetCursor
SystemParametersInfoA
SetCapture
GetCursorPos
MapWindowPoints
ReleaseCapture
DrawIconEx

gdi32

StretchBlt
CreatePatternBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteObject
DeleteDC
GetDeviceCaps
CreateCompatibleBitmap
GetStockObject
GetObjectA
GetDIBits
Rectangle
GetPixel
GetObjectType
SetDIBits
SetStretchBltMode
SetBrushOrgEx
CreateDCA
CreateBrushIndirect
CreateSolidBrush
CreatePen
SetTextAlign
SetTextColor
SelectPalette
RealizePalette
StretchDIBits
SetPixelV
MoveToEx
LineTo
SetBkColor
TextOutA
SetROP2
SetBkMode
Ellipse

winmm

timeGetTime

oleaut32

OleLoadPicture

ole32

CoTaskMemFree
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetModuleFileNameA
GetTempPathA
HeapDestroy
HeapReAlloc
FreeLibrary
GetProcAddress
HeapAlloc
LoadLibraryA
IsBadReadPtr
HeapFree
GetCurrentProcess
WriteProcessMemory
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GlobalReAlloc
VirtualAlloc
VirtualFree
VirtualProtect
GetProcessHeap
CloseHandle
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
GetSystemInfo
CreateFileA
GetFileSize
ReadFile
WriteFile
QueryPerformanceFrequency
QueryPerformanceCounter
MultiByteToWideChar
GetTickCount
WaitForSingleObject
Sleep
GetDriveTypeA
FindFirstFileA
FindClose
CreateDirectoryA
DeleteFileA
SetFilePointer
GetLocalTime

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3.2MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e624fb1490fab3a5c49e30014d5c5994

Headers

File Characteristics

Imports

crtdll

user32

gdi32

winmm

oleaut32

ole32

comctl32

kernel32

shell32

Sections

.text Size: 236KB - Virtual size: 235KB

.data Size: 3.2MB - Virtual size: 3.5MB

.rsrc Size: 2KB - Virtual size: 1KB

.flat Size: 1KB - Virtual size: 1KB

.text
Size: 236KB - Virtual size: 235KB

.data
Size: 3.2MB - Virtual size: 3.5MB

.rsrc
Size: 2KB - Virtual size: 1KB

.flat
Size: 1KB - Virtual size: 1KB