bf9e0074d6a3c05680b8011adc51af5f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bf9e0074d6a3c05680b8011adc51af5f_JaffaCakes118
Size

100KB
MD5

bf9e0074d6a3c05680b8011adc51af5f
SHA1

293f006af5bffe44312101e7827877c8b2afff57
SHA256

62fd616e2a5f9288455f750be8da4bd4ce6bfe980505be281eca3833af8fd9f0
SHA512

9f3e77bee24fc94b39ec9b93f86e146dd1556264870bb2d06538a5dd04386a138b60933970754d2aeff63e493a0a48159ac2066c74e81c7ac3eb9386820bb54f
SSDEEP

3072:3LRcBm30A5TKHdhunQxra5UATYMhGlGPmQ0:7RQ408Su06UTMGh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf9e0074d6a3c05680b8011adc51af5f_JaffaCakes118

Files

bf9e0074d6a3c05680b8011adc51af5f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

66a73b59dbe6987f4f31894fda386674

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

SendDriverMessage
mixerSetControlDetails
waveInStart
mixerGetControlDetailsW
waveInStop
mixerGetLineControlsW
waveInAddBuffer
waveInPrepareHeader
mixerGetID
waveInOpen
waveInClose
waveInReset
CloseDriver
OpenDriver
waveInUnprepareHeader
mixerClose
waveInGetDevCapsW
mixerGetLineInfoW
mixerOpen

kernel32

MultiByteToWideChar
GetModuleFileNameA
ResetEvent
lstrcmpiW
GlobalFree
CreateFileW
GetLastError
QueryPerformanceCounter
CreateEventW
LoadLibraryW
OutputDebugStringA
GetSystemInfo
PostQueuedCompletionStatus
GetDiskFreeSpaceW
SetThreadPriority
GetPrivateProfileStringW
GlobalLock
GetProfileIntA
VirtualFree
IsBadWritePtr
CreateIoCompletionPort
InitializeCriticalSection
GlobalUnlock
GetCurrentThread
lstrcpyA
HeapFree
GetCPInfo
GetEnvironmentStringsW
InterlockedIncrement
WideCharToMultiByte
GlobalHandle
SetUnhandledExceptionFilter
GetFileAttributesW
SetFilePointer
CreateSemaphoreW
ReadFile
GetFileSize
CloseHandle
WaitForSingleObject
DeleteCriticalSection
GetCurrentProcess
GlobalAlloc
GetCurrentProcessId
IsBadCodePtr
GetQueuedCompletionStatus
LeaveCriticalSection
lstrcmpW
GetStartupInfoA
DeleteFileW
WaitForMultipleObjects
GlobalMemoryStatus
HeapAlloc
lstrcpynW
lstrcpyW
InterlockedExchange
GetSystemTimeAsFileTime
GetVersionExW
GetSystemDefaultLangID
ReleaseSemaphore
lstrlenA
InterlockedDecrement
GetTickCount
IsBadReadPtr
lstrlenW
GetThreadPriority
EnterCriticalSection
MulDiv
SetEndOfFile
FreeLibrary
GetProcessHeap
WriteFile
CreateThread
SetEvent
IsBadHugeReadPtr
GetFullPathNameW

ole32

CoTaskMemAlloc
CoInitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoUninitialize

msvcrt

_purecall
_except_handler3
wcslen
??3@YAXPAX@Z
_ftol
??2@YAPAXI@Z

advapi32

RegQueryValueExW
RegOpenKeyW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegSetValueExW
RegSetValueW
RegEnumKeyExW
RegOpenKeyExW
RegEnumKeyW

user32

IsWindow
GetClientRect
GetDlgItemInt
LoadStringW
CreateDialogParamW
GetDlgItem
CheckDlgButton
ShowWindow
GetDC
SetWindowLongW
ClientToScreen
MoveWindow
SetDlgItemInt
DefWindowProcW
GetAsyncKeyState
GetDesktopWindow
ReleaseDC
DispatchMessageW
SetDlgItemTextW
TranslateMessage
InvalidateRect
GetWindowRect
LoadCursorW
GetWindowLongW
CheckRadioButton
EnableWindow
IsWindowVisible
DestroyWindow
SendMessageW
wsprintfW
IsRectEmpty
PeekMessageW
SetCursor

gdi32

GetTextExtentPoint32W
GetPaletteEntries
GetStockObject
PatBlt
SelectObject
GetObjectW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

msvfw32

ICLocate
ICCompress
ICSendMessage
ICOpen
ICDecompress
ICGetInfo
ICClose

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66a73b59dbe6987f4f31894fda386674

Headers

File Characteristics

Imports

winmm

kernel32

ole32

msvcrt

advapi32

user32

gdi32

version

msvfw32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 17KB - Virtual size: 82KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 17KB - Virtual size: 82KB

.rsrc
Size: 23KB - Virtual size: 23KB