ff23b4c01031f91482e8c24010ed3fbd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ff23b4c01031f91482e8c24010ed3fbd_JaffaCakes118
Size

159KB
MD5

ff23b4c01031f91482e8c24010ed3fbd
SHA1

954d3ab422896510ef45b4262cf069d538830155
SHA256

70f1fe886e2b379dbd2bbeeb9c43a1d4bfdc6e82d329ac6e3d7ab5051f5b2034
SHA512

54524fdcae3de63da041d6610d312d18969b62a1385f613cd60d1fe50d425b6590f5354af2d0f1583313e6da3967b8c5fbd510fbbf0fdb296c6d589fff8ca2a7
SSDEEP

3072:9de40kGxaZdYAsTPwvgVEzSedKIEwk5eSpp0qexV0W8/5CrJFOjn3Zof6:9deRwddsTovMEz5EwUVpsxqWIIYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff23b4c01031f91482e8c24010ed3fbd_JaffaCakes118

Files

ff23b4c01031f91482e8c24010ed3fbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4781e3c2360640781e3f7942d37a75e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
DeleteCriticalSection
lstrcpynW
GetOverlappedResult
LocalFree
lstrcmpW
GlobalSize
MultiByteToWideChar
ReadFile
lstrcpyW
GetCurrentProcessId
WriteFile
CreateFileW
GlobalAlloc
WideCharToMultiByte
GetModuleHandleA
GetLastError
lstrlenA
LocalAlloc
MulDiv
QueryPerformanceCounter
LoadLibraryW
GetFileSize
IsBadReadPtr
InitializeCriticalSection
GetACP
lstrcpyA
GetSystemTimeAsFileTime
SetErrorMode
EnterCriticalSection
GetDiskFreeSpaceW
GlobalReAlloc
lstrcatA
GetFullPathNameW
GetTickCount
GlobalFree
SetUnhandledExceptionFilter
LeaveCriticalSection
GlobalUnlock
CloseHandle

ole32

OleFlushClipboard
CoMarshalInterface
OleInitialize
CoGetMarshalSizeMax
CoCreateInstance
CoGetMalloc
ReleaseStgMedium
OleSetClipboard
CoUnmarshalInterface
OleUninitialize
CreateStreamOnHGlobal
OleGetClipboard

msacm32

acmGetVersion
acmFormatSuggest
acmStreamPrepareHeader
acmStreamClose
acmStreamUnprepareHeader
acmFormatDetailsW
acmStreamOpen
acmMetrics
acmFormatChooseW
acmStreamSize
acmStreamConvert
acmFormatTagDetailsW

user32

PeekMessageW
MessageBoxW
MessageBeep
SetDlgItemInt
EnableWindow
EndDialog
IsRectEmpty
CharPrevW
SetRectEmpty
GetDC
SendMessageW
SetRect
TranslateMessage
DialogBoxParamW
wsprintfW
LoadStringW
SetDlgItemTextW
DestroyWindow
SendDlgItemMessageW
IsDlgButtonChecked
ReleaseDC
GetDlgItem
CheckDlgButton

winmm

mmioOpenW
mmioClose
mmioWrite
mmioRead
mmioSeek

msvcrt

??2@YAPAXI@Z
_adjust_fdiv
__set_app_type
_vsnwprintf
__getmainargs
__p__commode
_ftol
memmove
_purecall
malloc
atoi
exit
free
_initterm
??3@YAXPAX@Z
mbstowcs

msvfw32

ICCompressorFree
ICClose
ICCompressorChoose
ICGetInfo
ICOpen
ICCompress
ICGetDisplayFormat
ICDecompress
ICSendMessage

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegQueryValueW
RegEnumKeyW
RegOpenKeyW

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4781e3c2360640781e3f7942d37a75e6

Headers

File Characteristics

Imports

kernel32

ole32

msacm32

user32

winmm

msvcrt

msvfw32

advapi32

Sections

.text Size: 95KB - Virtual size: 94KB

.idata Size: 40KB - Virtual size: 39KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 95KB - Virtual size: 94KB

.idata
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 23KB - Virtual size: 23KB