5581905f2eed0bae544ac9f0bf008365_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5581905f2eed0bae544ac9f0bf008365_JaffaCakes118
Size

148KB
MD5

5581905f2eed0bae544ac9f0bf008365
SHA1

798e35d1330f72e430c2572774477f1d93307314
SHA256

e0693b5ac2d5b3350757f2f811bcbc839809382c77a8d27ff94d9ca46d50da97
SHA512

d3c57e74957a2901829fcfc4bba7be739d75eca68ac4c8be777b5614f2c4ffe492529f42c5ae2d69edd57beea0df0e1a94390a09c1d94e835b5b0e0635c18bfc
SSDEEP

3072:3A6pnaRM1tlNfd9ZQTiEC0dMPI9OU+Z4HHZAEO9uRzKlB:3dtbM/zMPPZQ5AEOWzM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5581905f2eed0bae544ac9f0bf008365_JaffaCakes118

Files

5581905f2eed0bae544ac9f0bf008365_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6f9b381afe217f471500f738f7afd96b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
FindFirstFileA
FindNextFileA
FindClose
GetEnvironmentStringsW
GetStartupInfoW
IsDebuggerPresent
FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateFileW
ReadFile
WriteFile
CloseHandle
GetSystemDirectoryA
RaiseException
OutputDebugStringA
FindFirstFileW
FindNextFileW
CreateMutexA
ReleaseMutex
OpenMutexA
DeleteFileA
CreateFileA
GetFileSize
GlobalFree
WideCharToMultiByte
WritePrivateProfileStringA
IsDBCSLeadByte
InterlockedCompareExchange
GetLastError
VirtualProtect
SetThreadLocale
CreateThread
GetCurrentThreadId
ResumeThread
ExitThread
TerminateThread
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
DeviceIoControl
IsValidCodePage
GetCurrentThread
SetThreadPriority
GetExitCodeThread
FlushFileBuffers
GetConsoleOutputCP
DuplicateHandle
GlobalLock
SetFileTime
LoadLibraryA
LoadLibraryW
LoadLibraryExA
GetProcAddress
GetTimeZoneInformation
GetVersionExW
GetPrivateProfileStringA
CompareFileTime
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetDriveTypeA
SetEndOfFile
GetSystemTimeAsFileTime
CreateDirectoryA
CreateEventA
CreateEventW
SetEvent
ResetEvent
InterlockedDecrement
GetStringTypeW
GetFileAttributesA
lstrcatA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetSystemDefaultLCID
GetStdHandle
GetModuleFileNameA
SetFileAttributesW
SetFilePointer
MultiByteToWideChar
ExitProcess
LocalFree
GetOEMCP
lstrcmpiA
GetCurrentDirectoryA
GetCommandLineW
VirtualAlloc

msvcrt

_strcmpi
sscanf
sin
__dllonexit
memchr
_wcsnicmp
fgetpos
_open
ceil
towlower
fputc
getenv
realloc
_c_exit
_pctype
strpbrk
swscanf
_snwprintf
_acmdln
_snprintf
strncat
__mb_cur_max
_vsnprintf
_amsg_exit
_beginthreadex
abort
fprintf
_CIpow
atol
malloc
strcpy
isxdigit
_isctype
__p___initenv
gmtime
pow
sqrt
cos
_iob
fopen
localtime
_kbhit
isleadbyte
longjmp
__lc_codepage
_utime
clock
_open_osfhandle
_lock
fseek
_filbuf
strtok
wctomb
strcspn
_get_osfhandle
toupper
strtol
wcsrchr
floor
_unlock
log
_putenv
_wtoi
strchr
fgets
__p__fmode
rand
fgetc
_osver
_fdopen
setlocale
ctime
rewind
__p__commode
perror
bsearch
wcsncmp
_strlwr
memset
tolower
fputs
_exit
iswdigit
strcmp
srand
localeconv
fclose
_wfopen
_read
_errno
_itoa
_write
wcstol
qsort
_chmod
_wcslwr
_setjmp
__CxxFrameHandler
__set_app_type
strrchr
isdigit
_setmode
fflush
atof
signal
_purecall
_setjmp3
free
_CIsqrt
_ismbblead
calloc
atexit
ftell
putchar
swprintf
__badioinfo
_stat
exit
_wcsicmp
_fullpath
memmove
_lseeki64
_getpid
iswspace
_itow
_getcwd
_assert
_vsnwprintf
_dup
vsprintf
_onexit
strcat
time
_mbsicmp
printf
puts
_lseek
_filelengthi64
__p__environ
_XcptFilter
_fileno
strstr
wcsstr
atoi
_close
_wtol
_dup2
__initenv
_flsbuf
__setusermatherr
_adjust_fdiv
wcscmp
fread
__pioinfo
sprintf
_ftol
_cexit
_strnicmp
_wcsupr
_fstat
wcscspn
remove
wcsncpy
clearerr
strlen
wcslen
strerror
_ultoa
_mkdir
_mbscmp
_mbsrchr
_except_handler3
iswctype
wcscat
rename
_pipe
_initterm
_mktemp
memcpy
_umask
strspn
towupper
strtoul
ungetc
fsetpos
wcstoul
_controlfp
_stricmp
isspace
__getmainargs
wcstombs
strncpy

user32

GetLastActivePopup
EnableMenuItem
GetClassNameA
GetParent
RemovePropA
EnableWindow
SetPropA
IsDialogMessageA
SystemParametersInfoA
SetClipboardData
GetWindowDC
GetTopWindow
BeginPaint
SetWindowPlacement
CreatePopupMenu
GetWindow
WinHelpA
GetWindowThreadProcessId
GetActiveWindow
RegisterClassA
SendDlgItemMessageA
EmptyClipboard
UnhookWindowsHookEx
CallWindowProcA
IsIconic
GetMessageA
CloseClipboard
GetSysColorBrush
GetMenuState
MapWindowPoints
GetSubMenu
LoadIconA
KillTimer
OpenClipboard
DestroyMenu
DrawIconEx
SetCursor
DrawTextA
GetWindowTextA
ShowCursor
EndPaint
ShowWindow
SetScrollPos
GetMenuItemID
ShowOwnedPopups
GetWindowPlacement
ReleaseDC
PeekMessageA
SetForegroundWindow
TranslateMessage
SetScrollRange
UpdateWindow
GetCursorPos
GetMenuStringA
PtInRect
GetDC
MessageBeep
GetClientRect
CallNextHookEx
SetClassLongA
GetCapture
DestroyCursor
IntersectRect
SetTimer
GetScrollPos
InsertMenuA
GetScrollRange
SendMessageA
SetCapture
GetSystemMetrics
GetMenuItemCount
CharNextA
GetDCEx
DialogBoxParamA
IsWindowEnabled
SetFocus
GetClassInfoA
WaitMessage
DrawFrameControl
SetWindowTextA
DestroyIcon
InflateRect
OffsetRect
FrameRect
IsChild
SetRect
CreateMenu
GetIconInfo
EndDialog
LoadBitmapA
GetKeyboardType
GetFocus
GetMenu
RedrawWindow
IsZoomed
GetSystemMenu
DrawIcon
GetKeyState
IsRectEmpty
ClientToScreen
MessageBoxA
DeleteMenu
GetMessagePos
ScreenToClient
CharLowerA
EnumWindows
FillRect
GetSysColor
PostQuitMessage
PostMessageA
TrackPopupMenu
CheckMenuItem
wsprintfA
RegisterWindowMessageA
IsWindow
LoadCursorA
SetScrollInfo
GetDlgItem
UnregisterClassA
EqualRect
DestroyWindow
EnumThreadWindows
GetForegroundWindow
OemToCharA
DispatchMessageA
GetPropA
InvalidateRect
WindowFromPoint
AdjustWindowRectEx
RemoveMenu
GetWindowLongA
InsertMenuItemA
GetDesktopWindow
GetWindowRect
SetActiveWindow
FindWindowA
ScrollWindow
DefWindowProcA
RegisterClipboardFormatA
SetWindowPos

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f9b381afe217f471500f738f7afd96b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 4KB