f2ebe44f492cb6221f29793470d47eea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f2ebe44f492cb6221f29793470d47eea_JaffaCakes118
Size

926KB
MD5

f2ebe44f492cb6221f29793470d47eea
SHA1

c12f69bf236fc4d7afc8a5616c7cc187130e5bb5
SHA256

e9b99c7a01c75e389e50525afb8072a7ff3d05f5e835c6cb63621e46c2634259
SHA512

c169dfe16f0c9274d91e2e5341c5d19873f2279c1088a8f47cd332113e9c79321652a751acf8264ffea1f97ea7d9eab4e1436c06a0821a77de92590b32ae70a4
SSDEEP

12288:rVGiFK1lunPL32wfAkS4/upTsRD+SdYEJNB+f/kdVIj479Z7SvS3KnaV:xGiyuhP+EYfeIj4v7S2V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2ebe44f492cb6221f29793470d47eea_JaffaCakes118

Files

f2ebe44f492cb6221f29793470d47eea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

a5ea1909f811a9ecc62cb1736be99fb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
ReadFile
FormatMessageA
FormatMessageW
CreateFileMappingA
GetFileTime
WriteFile
SetFilePointer
CreateFileA
CreateFileW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalAlloc
GlobalFree
FindNextFileA
FindFirstFileA
lstrcpynA
lstrcpyA
Module32FirstW
Thread32Next
TerminateThread
OpenThread
Thread32First
CreateProcessW
Process32Next
Process32First
TerminateProcess
OpenProcess
VirtualAllocEx
GetCurrentProcess
VirtualFreeEx
lstrlenA
FileTimeToDosDateTime
FileTimeToLocalFileTime
VirtualQuery
GetSystemInfo
GlobalMemoryStatus
VirtualFree
OutputDebugStringA
GetVersionExA
GetVolumeInformationA
GlobalUnlock
GlobalLock
FreeLibrary
GetTempPathW
DeleteFileA
RemoveDirectoryA
CreateThread
SetLastError
CreateDirectoryA
MultiByteToWideChar
CreateDirectoryW
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
GetProcAddress
CopyFileW
SetFileAttributesW
MoveFileExW
GetFileAttributesW
DeleteCriticalSection
CreateMutexA
Sleep
GetLocalTime
GetComputerNameA
GetModuleHandleA
GetCommandLineW
ExitProcess
FindFirstFileW
FindNextFileW
FindClose
CreateFileMappingW
CloseHandle
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
GetCurrentProcessId
GetModuleFileNameW
WriteConsoleA
SetStdHandle
FlushFileBuffers
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetConsoleMode
GetConsoleCP
CopyFileA
GetFileAttributesA
CreateEventA
GetLogicalDriveStringsA
GetDriveTypeA
Beep
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetEvent
ResetEvent
WaitForSingleObject
GetModuleHandleW
SetDllDirectoryW
ExitThread
GetSystemTimeAsFileTime
LoadLibraryW
GetLocaleInfoA
GetConsoleOutputCP
InitializeCriticalSectionAndSpinCount
GetTickCount
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineA
HeapReAlloc
GetStdHandle
GetFileType
WriteConsoleW
GetCPInfo
InterlockedDecrement
WideCharToMultiByte
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
HeapFree
RtlUnwind
GetLastError
DeleteFileW
GetFileSize

advapi32

RegCreateKeyExA
RegFlushKey
RegSetValueExA
RegQueryValueExA
RegQueryValueExW
RegDeleteKeyA
RegCloseKey
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ControlService
StartServiceA
ChangeServiceConfigA
QueryServiceConfigA
QueryServiceStatusEx
DeleteService
OpenServiceW
OpenServiceA
CreateServiceW
CloseServiceHandle
OpenSCManagerA
RegOpenKeyExA

comctl32

ImageList_ReplaceIcon
ImageList_Add
ImageList_Create
InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationW
CommandLineToArgvW
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHChangeNotify
ShellExecuteA

gdi32

SetStretchBltMode
StretchBlt
CreateCompatibleBitmap
GetPixel
ExtFloodFill
SetBkColor
DeleteDC
CreateCompatibleDC
BitBlt
CreateSolidBrush
SetTextColor
SetBkMode
SelectObject
CreateFontIndirectA
DeleteObject
Ellipse

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

user32

ModifyMenuA
GetMenuItemInfoA
EnableMenuItem
GetSubMenu
LoadMenuA
DispatchMessageA
TranslateMessage
GetMessageA
GetAsyncKeyState
GetSystemMetrics
GetForegroundWindow
RegisterClassExA
SendDlgItemMessageA
wvsprintfA
TrackPopupMenu
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
CheckDlgButton
GetDlgItemInt
FindWindowA
UnregisterClassA
LoadCursorA
SetCursor
DrawEdge
CallWindowProcA
CreateWindowExA
GetSysColor
ReleaseCapture
GetParent
SetCapture
GetWindowLongA
GetSysColorBrush
FrameRect
SetFocus
DestroyWindow
MessageBoxA
DialogBoxParamA
MessageBoxW
wsprintfA
SendMessageTimeoutA
SendNotifyMessageA
EnumWindows
SendMessageA
GetWindowRect
GetCursorPos
InvalidateRect
EnableWindow
GetDlgItem
ShowWindow
SetForegroundWindow
DefWindowProcA
GetWindowTextLengthA
SetWindowLongA
BeginPaint
GetClientRect
FillRect
DrawTextA
DrawIcon
EndPaint
GetDlgItemTextA
SetWindowTextW
GetWindowPlacement
SetTimer
KillTimer
GetWindowTextA
SendMessageW
IsWindowVisible
UpdateWindow
GetMenu
LoadBitmapA
LoadIconA
GetDesktopWindow
SetWindowTextA
CreateDialogParamA
PostQuitMessage
EndDialog
SetDlgItemTextW
ExitWindowsEx
GetDlgItemTextW
SetWindowPos
IsDlgButtonChecked
SetDlgItemTextA

mpr

WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

wininet

InternetOpenA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState
InternetOpenUrlA
InternetSetOptionA

wsock32

connect
gethostbyname
htons
WSACleanup
WSAStartup
socket
send
recv
WSAGetLastError

comdlg32

GetSaveFileNameA
GetOpenFileNameW

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5ea1909f811a9ecc62cb1736be99fb6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

comctl32

shell32

gdi32

ole32

user32

mpr

wininet

wsock32

comdlg32

version

Sections

.text Size: 280KB - Virtual size: 280KB

.rdata Size: 73KB - Virtual size: 72KB

.data Size: 15KB - Virtual size: 47KB

.rsrc Size: 557KB - Virtual size: 556KB

.text
Size: 280KB - Virtual size: 280KB

.rdata
Size: 73KB - Virtual size: 72KB

.data
Size: 15KB - Virtual size: 47KB

.rsrc
Size: 557KB - Virtual size: 556KB