ca7386254ddb4677b0bc0c4d6243ce56_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ca7386254ddb4677b0bc0c4d6243ce56_JaffaCakes118
Size

232KB
MD5

ca7386254ddb4677b0bc0c4d6243ce56
SHA1

7086abf9ed20c93c27b26a476a0a132cf2301134
SHA256

e558b4e7a525a3391028843a3bd9575b0a68f80cb9866953b7bc118c65084ca0
SHA512

4c6adb884474b5f4cdfb4ad69585857f6c91799a28f0c4981e07f70b1aa16cf48fe929f61d49a6e05a58f245a4189b40ead70364efcae51f62afc104c9ebb5cf
SSDEEP

6144:T6QfdKw+QLAbBpUrN+rjavWPqthjZb98cN:T6QfdSQLAsrNOGvXthjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca7386254ddb4677b0bc0c4d6243ce56_JaffaCakes118

Files

ca7386254ddb4677b0bc0c4d6243ce56_JaffaCakes118
.exe windows:5 windows x86 arch:x86

bb565c1b031f4fd1e13cddf75a7d91ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
SetThreadPriority
GetCurrentThread
GetVersionExA
GetLocaleInfoA
GlobalMemoryStatus
CreateFileA
SetFilePointer
WriteFile
GlobalFree
CopyFileA
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
ReadFile
GetShortPathNameA
SetCurrentDirectoryA
CreateProcessA
GetStartupInfoA
CreatePipe
PeekNamedPipe
GetExitCodeProcess
GetTickCount
DeleteFileA
FindNextFileA
FindClose
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetCurrentProcess
OpenProcess
CreateFileMappingA
SetLastError
WideCharToMultiByte
MultiByteToWideChar
CreateMutexA
lstrcatA
GetSystemTime
GetTimeZoneInformation
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcessHeap
lstrcmpA
lstrcpyA
lstrlenA
SetErrorMode
GetWindowsDirectoryA
GetTempPathA
GetCurrentProcessId
Sleep
GetProcAddress
LoadLibraryA
GetLastError
GetModuleFileNameA
CloseHandle
FindFirstFileA
FreeLibrary
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetModuleHandleA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
GetCommandLineA
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetConsoleCP
GetConsoleMode
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
ExitProcess
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate

user32

GetWindowTextA
GetWindowTextLengthA
EnumWindows
GetWindowLongA
wsprintfA

advapi32

LookupAccountSidA
GetTokenInformation
LookupPrivilegeValueA
OpenProcessToken
RegDisablePredefinedCache
ImpersonateLoggedOnUser
LookupAccountNameA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ConvertSidToStringSidA
GetUserNameA
CredFree
CredEnumerateA
RevertToSelf

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

wininet

InternetReadFile
InternetConnectW
InternetCloseHandle
HttpQueryInfoW
InternetOpenW
InternetSetOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
InternetSetOptionA
HttpQueryInfoA
HttpSendRequestW

ws2_32

gethostname
WSAStartup

oleaut32

GetErrorInfo

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb565c1b031f4fd1e13cddf75a7d91ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

wininet

ws2_32

oleaut32

Sections

.text Size: 157KB - Virtual size: 157KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 20KB - Virtual size: 20KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 1KB