f22169af222ac6eaabe6556c1e769d1d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f22169af222ac6eaabe6556c1e769d1d_JaffaCakes118
Size

556KB
MD5

f22169af222ac6eaabe6556c1e769d1d
SHA1

0cd80b6c6a50af41b326e0c2330a207f84b5b828
SHA256

5d5237bf4798cf516da2086643987aa767e2e16b9ed68240c20443b8bb02b1f8
SHA512

58fc4a7c40424acb8164d41d82bff868049b901f59efc9385e68d5c746dffb1565675cbc9ec4dfb529794f0059c858ec0688dfc708a6abcd9300986a263e9f69
SSDEEP

6144:tb3QWHSvFlpSagBda5VI1OkLvbRpOFyiRm/bOV+Lk8xVzL/c+MeDwslkyTpoHXEM:t7gFlYDmS1OIbbJuybbxO+MYj7oCs5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f22169af222ac6eaabe6556c1e769d1d_JaffaCakes118

Files

f22169af222ac6eaabe6556c1e769d1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9f3fbf42dbb287ad0644b373dc51f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGoOnline
HttpSendRequestW
IsUrlCacheEntryExpiredA
FtpGetFileEx
InternetCreateUrlW
InternetAttemptConnect
SetUrlCacheGroupAttributeW
FindFirstUrlCacheEntryA

advapi32

RegQueryValueExW
RegRestoreKeyA
GetUserNameA
RevertToSelf
RegEnumKeyW
RegCreateKeyExW
RegSetValueExW
CreateServiceW
CryptVerifySignatureA
CryptHashData
CryptDestroyHash
ReportEventA
RegQueryValueExA
LookupSecurityDescriptorPartsW
GetUserNameW
RegDeleteValueW
LookupPrivilegeValueA
LookupAccountNameW
CryptGetUserKey

gdi32

CreateMetaFileA
SetGraphicsMode
GdiPlayScript
GetDIBColorTable
GetBitmapDimensionEx
SetSystemPaletteUse
SetTextAlign
GetTextFaceW
DrawEscape
GetTextCharsetInfo
GetRgnBox
GetCharABCWidthsFloatA
CreateICW
DeviceCapabilitiesExW
GetEnhMetaFileDescriptionW
SetPolyFillMode
CopyEnhMetaFileW
GetStockObject
FillRgn
GetEnhMetaFileBits
ExtTextOutA

kernel32

GetModuleFileNameW
GetLocaleInfoA
FlushFileBuffers
LCMapStringW
GetCurrentProcess
ReadFile
MultiByteToWideChar
SetEnvironmentVariableA
GetModuleFileNameA
GetStartupInfoW
HeapReAlloc
EnterCriticalSection
EnumSystemLocalesA
LoadLibraryW
GetDateFormatA
HeapSize
SetLastError
WriteProfileSectionW
GetEnvironmentStringsW
LCMapStringA
GetTickCount
VirtualAlloc
VirtualQuery
GetCurrentThreadId
IsValidCodePage
GetCommandLineA
HeapDestroy
TlsSetValue
UnhandledExceptionFilter
InitializeCriticalSection
OpenWaitableTimerW
GetOEMCP
GetCurrentThread
GetCurrentProcessId
LeaveCriticalSection
TlsGetValue
SetFilePointer
WriteFile
DeleteCriticalSection
GetProcAddress
LoadLibraryA
GetStringTypeA
IsValidLocale
FreeEnvironmentStringsA
HeapCreate
GetLocaleInfoW
GetCPInfo
OpenMutexA
GetSystemInfo
GetStdHandle
GetSystemTimeAsFileTime
CompareStringW
RtlUnwind
InterlockedExchange
CloseHandle
GetPrivateProfileSectionW
VirtualProtect
GetFileType
WritePrivateProfileStringW
ReadConsoleOutputAttribute
SetHandleCount
LocalAlloc
WideCharToMultiByte
GetStartupInfoA
TerminateProcess
SetConsoleMode
GetTimeFormatA
SetFileTime
GetStringTypeW
GetTimeZoneInformation
GetEnvironmentStrings
GetUserDefaultLCID
IsBadWritePtr
SetStdHandle
FreeEnvironmentStringsW
GetSystemDirectoryW
TlsFree
GetModuleHandleA
CompareStringA
HeapAlloc
ExitProcess
GetCommandLineW
TlsAlloc
VirtualFree
GetLastError
GetVersionExA
GetACP
QueryPerformanceCounter
HeapFree
CreateMutexA

comdlg32

PageSetupDlgA
GetOpenFileNameW
PrintDlgW

user32

GetWindowTextLengthW
RegisterClassA
GetTabbedTextExtentW
RegisterHotKey
IsChild
DeferWindowPos
SetCursorPos
RegisterClipboardFormatA
RegisterClassExA
GetClipboardFormatNameA
GetOpenClipboardWindow
CopyImage
DefFrameProcW
GetMenuItemCount
GetDlgCtrlID
CharToOemBuffA
DdeCreateDataHandle
GetComboBoxInfo
GetKeyboardType
GetListBoxInfo

comctl32

ImageList_BeginDrag
CreateToolbar
CreateMappedBitmap
ImageList_DragEnter
ImageList_Duplicate
ImageList_Copy
ImageList_Create
ImageList_LoadImage
InitCommonControlsEx
ImageList_DragLeave
ImageList_Destroy

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9f3fbf42dbb287ad0644b373dc51f33

Headers

File Characteristics

Imports

wininet

advapi32

gdi32

kernel32

comdlg32

user32

comctl32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 126KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 126KB

.rsrc
Size: 16KB - Virtual size: 14KB