b0733b515cd994fe648c91908a3c5465_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b0733b515cd994fe648c91908a3c5465_JaffaCakes118
Size

102KB
MD5

b0733b515cd994fe648c91908a3c5465
SHA1

1dabe23f96a4bf8f96f2b872b9ed63a91ff63b04
SHA256

f6c3976875a9b94408b0057fe5973ec29098b499f0ac78ff054dc993c2094be4
SHA512

8ae2674f5c63beba084ff432fcec94d768bb02fd1d007ec938675c9a7216705db582ad0375cf5ae74ca8901117ec2690c356cbb2f14a352b4e5686cf4abfff8d
SSDEEP

1536:We7SdH2u0FLvHuJQ0MDcdQTKr4wltL/dTXuLilV4cWOkLSGZyYjDIhnWBdilY:W9dH2u0Vg9HQTE3kSKVOkLSG/DIhWBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0733b515cd994fe648c91908a3c5465_JaffaCakes118

Files

b0733b515cd994fe648c91908a3c5465_JaffaCakes118
.exe windows:5 windows x86 arch:x86

76d4c4b28542e9a354ec8b954a6684bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
ReleaseDC
CheckRadioButton
GetDlgItem
GetDC
GetAsyncKeyState
DefWindowProcW
DestroyWindow
IsRectEmpty
LoadStringW
SendMessageW
InvalidateRect
LoadCursorW
GetDesktopWindow
CreateDialogParamW
ShowWindow
SetCursor
PeekMessageW
wsprintfW
SetWindowLongW
IsWindow
GetClientRect
GetDlgItemInt
DispatchMessageW
GetWindowLongW
SetDlgItemTextW
SetDlgItemInt
GetWindowRect
ClientToScreen
IsWindowVisible
TranslateMessage
EnableWindow
CheckDlgButton

kernel32

GlobalLock
LoadLibraryW
HeapAlloc
GetThreadPriority
ReadFile
ResetEvent
WriteFile
DeleteCriticalSection
GetFullPathNameW
GetDiskFreeSpaceW
CreateFileW
CreateIoCompletionPort
ReleaseSemaphore
GetCurrentProcess
SetEndOfFile
GetFileAttributesW
InitializeCriticalSection
GetSystemInfo
GetModuleFileNameA
EnterCriticalSection
PostQueuedCompletionStatus
GetPrivateProfileStringW
GetCurrentThread
GetTickCount
lstrlenW
GetSystemTimeAsFileTime
GlobalAlloc
CreateThread
GlobalMemoryStatus
InterlockedDecrement
IsBadReadPtr
GetStartupInfoA
LeaveCriticalSection
WaitForMultipleObjects
IsBadWritePtr
GetLastError
CloseHandle
GetFileSize
GetProfileIntA
InterlockedExchange
DeleteFileW
lstrcpyW
GetSystemDefaultLangID
HeapFree
WaitForSingleObject
WideCharToMultiByte
CreateSemaphoreW
MultiByteToWideChar
lstrcpynW
VirtualFree
GetQueuedCompletionStatus
SetUnhandledExceptionFilter
FreeLibrary
lstrlenA
lstrcmpiW
SetThreadPriority
InterlockedIncrement
GlobalUnlock
GetEnvironmentStringsW
MulDiv
lstrcpyA
GlobalHandle
SetFilePointer
CreateEventW
GetVersionExW
GlobalFree
SetEvent
QueryPerformanceCounter
lstrcmpW
IsBadCodePtr
GetCurrentProcessId
GetProcessHeap

winmm

waveInStart
CloseDriver
waveInReset
waveInClose
waveInOpen
waveInStop
waveInPrepareHeader
SendDriverMessage
mixerGetID
mixerGetControlDetailsW
mixerSetControlDetails
waveInUnprepareHeader
mixerGetLineInfoW
mixerOpen
mixerClose
waveInGetDevCapsW
OpenDriver
mixerGetLineControlsW
waveInAddBuffer

gdi32

GetObjectW
GetTextExtentPoint32W
SelectObject
GetPaletteEntries
GetStockObject
PatBlt

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
_ftol
_purecall
_except_handler3
wcslen

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoFreeUnusedLibraries

advapi32

RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegEnumKeyExW
RegQueryValueExW
RegDeleteKeyW
RegEnumKeyW
RegCreateKeyW
RegSetValueW
RegSetValueExW

msvfw32

ICLocate
ICClose
ICCompress
ICDecompress
ICOpen
ICGetInfo
ICSendMessage

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76d4c4b28542e9a354ec8b954a6684bf

Headers

File Characteristics

Imports

user32

kernel32

winmm

gdi32

msvcrt

version

ole32

advapi32

msvfw32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 86KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 86KB

.rsrc
Size: 23KB - Virtual size: 23KB