8fc72cccc60276a44915d700ab7f9840_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8fc72cccc60276a44915d700ab7f9840_JaffaCakes118
Size

99KB
MD5

8fc72cccc60276a44915d700ab7f9840
SHA1

6afdf58921f5fb8a25efa3fd4ae8ee5048652325
SHA256

e864d05edb290c89bd37c3a1e111adef18c2af35180736d91456c89edf139a15
SHA512

504b727a0e24c669a9b266091f881e98ed855cd8887f0faec1717e7e9153a6e96add27247d5952b9d46adacf3f5de842eceecf33e5764199929f32a978914a91
SSDEEP

1536:78K9wl0uOoXi+XF47YRP08VTtuTTN1ZsGWpaNbity8PT7zIPX2sI:7dDoXb2qP0vTTN/cp4bitF7zIPX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
8fc72cccc60276a44915d700ab7f9840_JaffaCakes118

Files

8fc72cccc60276a44915d700ab7f9840_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ea1aeb4913166525fc710cb5ab3aedbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GlobalFree
IsBadCodePtr
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
CloseHandle
GetSystemTimeAsFileTime
lstrcpyA
VirtualFree
DeleteCriticalSection
FreeLibrary
InterlockedIncrement
EnterCriticalSection
DeleteFileW
GetThreadPriority
GetModuleFileNameA
GetDiskFreeSpaceW
SetEvent
GetEnvironmentStringsW
SetEndOfFile
GetSystemInfo
ReleaseSemaphore
GetFullPathNameW
GetCurrentProcessId
MulDiv
lstrcmpW
CreateSemaphoreW
CreateIoCompletionPort
GetVersionExW
GetStartupInfoA
WaitForMultipleObjects
GetSystemDefaultLangID
HeapFree
ResetEvent
lstrcmpiW
MultiByteToWideChar
WaitForSingleObject
GlobalLock
CreateThread
ReadFile
GetProfileIntA
GlobalMemoryStatus
PostQueuedCompletionStatus
GlobalUnlock
WideCharToMultiByte
GetProcessHeap
lstrlenA
GetPrivateProfileStringW
GetCurrentThread
IsBadWritePtr
GetLastError
InitializeCriticalSection
SetThreadPriority
GlobalHandle
GetFileAttributesW
GlobalAlloc
HeapAlloc
lstrcpyW
QueryPerformanceCounter
GetCurrentProcess
CreateEventW
InterlockedExchange
InterlockedDecrement
LoadLibraryW
GetFileSize
CreateFileW
lstrcpynW
GetTickCount
lstrlenW
SetFilePointer
LeaveCriticalSection
IsBadReadPtr

ole32

CoTaskMemAlloc
CoUninitialize
CoCreateInstance
CoFreeUnusedLibraries
StringFromGUID2
CoTaskMemFree
CoInitialize

winmm

waveInClose
waveInStart
OpenDriver
waveInGetDevCapsW
waveInAddBuffer
mixerClose
waveInUnprepareHeader
waveInPrepareHeader
mixerGetID
waveInReset
waveInOpen
waveInStop
mixerGetLineInfoW
SendDriverMessage
CloseDriver
mixerOpen
mixerGetLineControlsW
mixerSetControlDetails
mixerGetControlDetailsW

msvfw32

ICDecompress
ICCompress
ICOpen
ICGetInfo
ICSendMessage
ICLocate
ICClose

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegEnumKeyExW
RegOpenKeyW
RegEnumKeyW

user32

ShowWindow
TranslateMessage
GetDesktopWindow
SetDlgItemTextW
SetDlgItemInt
PeekMessageW
DefWindowProcW
ReleaseDC
InvalidateRect
EnableWindow
IsWindowVisible
SetWindowLongW
GetAsyncKeyState
CreateDialogParamW
ClientToScreen
IsWindow
IsRectEmpty
MoveWindow
wsprintfW
GetClientRect
LoadStringW
SetCursor
CheckDlgButton
GetDlgItemInt
DispatchMessageW
DestroyWindow
GetDC
GetWindowLongW
CheckRadioButton
LoadCursorW
SendMessageW
GetDlgItem
GetWindowRect

gdi32

GetStockObject
GetObjectW
GetPaletteEntries
PatBlt
SelectObject
GetTextExtentPoint32W

msvcrt

_purecall
wcslen
_except_handler3
??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea1aeb4913166525fc710cb5ab3aedbc

Headers

File Characteristics

Imports

kernel32

ole32

winmm

msvfw32

version

advapi32

user32

gdi32

msvcrt

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 87KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 87KB

.rsrc
Size: 23KB - Virtual size: 23KB