JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21
Size

864KB
MD5

f358a16d797e8c97127eddf5577576d6
SHA1

3d82fa86b61916a129bc571a12af16f4d0543acd
SHA256

bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21
SHA512

b230da7822403a7c83ac75d785b1584de77af70891da000c39e46204322befda9586ece6946746af2e1a71dd4307774352997f9f28a6a0b93c49430c37d63e1d
SSDEEP

24576:5V1hZH53bA7IXJIn7LsSTNoWcZwXwuqT16:A7i+sZwG16

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21

Files

JaffaCakes118_bc8ea8b8f7f55c1949c0e6e30a4c0688a1832414d48e0412921b724ab9d48a21
.exe windows:4 windows x86 arch:x86

72b7fe6a70be4bbdcf5c3057046c0ad3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord6383
ord6394
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord3350
ord2880
ord4153
ord2383
ord4437
ord4428
ord402
ord2494
ord2626
ord6000
ord2117
ord4457
ord975
ord5255
ord5284
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord5265
ord4998
ord2514
ord6052
ord1775
ord4835
ord4441
ord5261
ord4425
ord768
ord4710
ord2302
ord1200
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6117
ord2725
ord6626
ord641
ord4083
ord2528
ord1690
ord4715
ord1175
ord5283
ord4427
ord4995
ord5981
ord4458
ord1146
ord1168
ord1008
ord5949
ord5849
ord5254
ord1233
ord674
ord825
ord401
ord4627
ord4080
ord5440
ord5450
ord2107
ord5241
ord3797
ord2863
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2445
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4837
ord3798
ord1665
ord1816
ord326
ord324
ord4234
ord4853
ord4376
ord2639
ord5280
ord1907
ord491
ord489
ord4258
ord4854
ord4377
ord5287
ord1908
ord498
ord4259
ord2575
ord4396
ord6242
ord4202
ord5572
ord2915
ord5288
ord4431
ord2379
ord6197
ord3573
ord1641
ord2414
ord755
ord470
ord3626
ord1871
ord941
ord537
ord1133
ord1126
ord2997
ord1865
ord3495
ord1842
ord3692
ord3619
ord323
ord640
ord2405
ord3706
ord3571
ord1640
ord2452
ord5785
ord686
ord2096
ord384
ord2393
ord603
ord1969
ord2801
ord273
ord703
ord2454
ord5775
ord1643
ord403
ord816
ord562
ord5789
ord4317
ord2649
ord283
ord2754
ord5781
ord3920
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord6172
ord5873
ord2859
ord6194
ord4133
ord4297
ord5788
ord472
ord922
ord860
ord5710
ord2763
ord2860
ord5875
ord2380
ord2243
ord2753
ord3693
ord5787
ord6157
ord6605
ord4023
ord2714
ord1802
ord536
ord6299
ord4168
ord3612
ord348
ord663
ord6307
ord4167
ord521
ord5791
ord2614
ord6877
ord1949
ord5290
ord818
ord567
ord4275
ord6215
ord6380
ord613
ord289
ord6283
ord6282
ord2152
ord2546
ord291
ord4160
ord3084
ord4220
ord2584
ord3654
ord2438
ord1644
ord3874
ord2455
ord939
ord2867
ord3815
ord6442
ord535
ord3744
ord1266
ord3584
ord543
ord803
ord3402
ord3610
ord656
ord6199
ord2089
ord1864
ord1803
ord2088
ord5613
ord6154
ord4364
ord4056
ord5471
ord4121
ord2389
ord5234
ord2444
ord620
ord298
ord4230
ord2627
ord5869
ord3092
ord2155
ord5860
ord2902
ord299
ord4076
ord3089
ord1954
ord333
ord1259
ord2740
ord879
ord882
ord5805
ord6209
ord5103
ord5473
ord4151
ord5256
ord5600
ord5606
ord3986
ord2767
ord5607
ord1083
ord2762
ord1270
ord556
ord407
ord706
ord645
ord809
ord3103
ord1819
ord6369
ord3873
ord5053
ord6458
ord4514
ord1743
ord3220
ord1883
ord1904
ord2884
ord5041
ord5612
ord5871
ord3101
ord3100
ord1232
ord5248
ord5278
ord3813
ord5670
ord1176
ord1234
ord4677
ord6069
ord1930
ord1795
ord2642
ord6874
ord979
ord1711
ord6335
ord1716
ord5063
ord2381
ord2585
ord2530
ord4365
ord5085
ord1709
ord1714
ord4404
ord5279
ord5258
ord529
ord796
ord4265
ord3484
ord3482
ord3483
ord3294
ord6328
ord4454
ord2011
ord4497
ord773
ord501
ord3138
ord5683
ord2920
ord3289
ord2862
ord699
ord397
ord5593
ord3438
ord912
ord4188
ord5631
ord6876
ord940
ord3574
ord609
ord4123
ord1088
ord2122
ord2513
ord293
ord4236
ord3102
ord4057
ord5083
ord331
ord1246
ord3975
ord5042
ord6142
ord4247
ord2102
ord4816
ord4815
ord4814
ord3876
ord4795
ord5030
ord4414
ord4658
ord4787
ord4764
ord5282
ord3719
ord793
ord6241
ord3742
ord1829
ord3582
ord2411
ord2023
ord4218
ord2578
ord4398
ord616
ord4353
ord6374
ord5163
ord2382
ord5237
ord4407
ord1776
ord4077
ord6055
ord4152
ord2878
ord2879
ord3403
ord3522
ord858
ord6195
ord540
ord3870
ord2818
ord6403
ord6880
ord2882
ord2864
ord4299
ord2109
ord4284
ord4287
ord2841
ord800
ord771
ord3663
ord2446
ord2054
ord4439
ord2385
ord4129
ord4078
ord5472
ord976
ord5012
ord3351
ord4303
ord4467
ord5104
ord5100
ord3059

msvcrt

_strdup
free
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sscanf
__CxxFrameHandler
memmove
_ftol
_stricoll
strncpy
clock
rand
calloc
atol
_purecall
_setmbcp
?terminate@@YAXXZ
??1type_info@@UAE@XZ
malloc

kernel32

LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentDirectoryA
GetCurrentThreadId
CreateThread
SetThreadPriority
ResumeThread
CloseHandle
WaitForSingleObject
SetEvent
FindResourceA
LoadResource
LockResource
SizeofResource
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalFree
LoadLibraryA
GetVersionExA
lstrcpyA
GetProcAddress
EnterCriticalSection
GetStartupInfoA
GetModuleHandleA
GetCurrentProcess
LoadLibraryW
MulDiv

user32

ReleaseDC
GetDC
LoadCursorA
IsWindowEnabled
GetSubMenu
GetMenuItemID
GetMenuItemCount
DestroyMenu
IsMenu
AppendMenuA
CreatePopupMenu
WaitMessage
ReleaseCapture
GetCapture
PostQuitMessage
ClientToScreen
UnionRect
ToAsciiEx
GetKeyboardLayout
MapVirtualKeyA
GetKeyboardState
GetAsyncKeyState
EqualRect
SetParent
BringWindowToTop
SetFocus
GetDCEx
GetCursor
GetClassLongA
DefWindowProcA
GetClassInfoA
GetDlgCtrlID
GetTopWindow
SetCapture
DestroyWindow
GetMenu
SetMenu
DestroyCursor
CallWindowProcA
SetWindowRgn
DrawIcon
SystemParametersInfoA
IsIconic
GetWindowPlacement
IsRectEmpty
ScreenToClient
PtInRect
IsZoomed
KillTimer
GetCursorPos
GetKeyState
SetWindowPos
GetWindow
GetClassNameA
OffsetRect
CopyRect
PostMessageA
GetActiveWindow
GetIconInfo
GetWindowRgn
DrawIconEx
DestroyIcon
SetCursor
UpdateWindow
GetMenuItemInfoA
CharUpperA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
WindowFromPoint
RegisterWindowMessageA
CreateIconIndirect
SetRect
LoadMenuA
LoadAcceleratorsA
GetDlgItem
EnableWindow
GetSystemMenu
GetSystemMetrics
GetFocus
SetTimer
InvalidateRect
BeginDeferWindowPos
MoveWindow
RedrawWindow
DeferWindowPos
EndDeferWindowPos
IsChild
GetWindowRect
IsWindow
GetClientRect
LoadImageA
LoadIconA
SendMessageA
DrawStateA
DrawFocusRect
GetSysColorBrush
GrayStringA
DrawTextA
TabbedTextOutA
SetRectEmpty
IsWindowVisible
InflateRect
GetWindowLongA
GetParent
GetSysColor
FillRect
GetMessageA
PeekMessageA
DispatchMessageA
GetDesktopWindow
SetWindowLongA
IntersectRect

advapi32

RegCreateKeyExA
RegOpenKeyExW
RegQueryInfoKeyA
RegEnumKeyA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

winmm

PlaySoundA

gdi32

CreateDIBSection
GetDIBits
RealizePalette
SelectPalette
CreateRectRgnIndirect
GetDeviceCaps
GetTextMetricsA
SetPixel
FillRgn
OffsetRgn
CombineRgn
CreateRectRgn
CreateRoundRectRgn
GetStockObject
ExcludeClipRect
SetTextColor
DeleteObject
DeleteDC
SetBkColor
StretchBlt
GetBkColor
DPtoLP
GetObjectA
CreateBitmap
LPtoDP
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreatePatternBrush
CreateFontIndirectA
EnumFontFamiliesA
GetTextCharset
CreatePen
GetTextColor
Ellipse
GetNearestColor
SetBrushOrgEx
ExtCreatePen
PatBlt
Rectangle
FrameRgn
GetViewportOrgEx
GetPixel
Polygon
PtInRegion
SetPixelV
CreateEllipticRgn
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreatePolygonRgn
SelectObject
CreatePalette
SetBkMode
GetMapMode
CreateSolidBrush

comctl32

ImageList_GetIcon
ImageList_AddMasked

Sections

.text
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72b7fe6a70be4bbdcf5c3057046c0ad3

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

winmm

gdi32

comctl32

Sections

.text Size: 524KB - Virtual size: 523KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 8KB - Virtual size: 11KB

.idata Size: 12KB - Virtual size: 9KB

.rsrc Size: 216KB - Virtual size: 213KB

.reloc Size: 40KB - Virtual size: 36KB

.text
Size: 524KB - Virtual size: 523KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 8KB - Virtual size: 11KB

.idata
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 216KB - Virtual size: 213KB

.reloc
Size: 40KB - Virtual size: 36KB