fa2f93f717b081401e1ffbd2e3f1cce2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fa2f93f717b081401e1ffbd2e3f1cce2_JaffaCakes118
Size

254KB
MD5

fa2f93f717b081401e1ffbd2e3f1cce2
SHA1

8e5a4d0d0627e2e031b341b96244b141ddc6c4c9
SHA256

ac6b81732b0934244dc97eb3380ea0eabe6c5e7c6c67453b1711e21bbeba21de
SHA512

c932963d99637d61e0b461b18988d30d7cf542e5fc0ce980e33e4b31b51332bbd5a1f19201dc2975de68ce28966b22fd4400576a085d7566ec9fb2df413c4609
SSDEEP

6144:wsdGv7/2Nj+vlDQXaNelI5yDB74jQ+/zrva:wsIv7uNjIVQKN4I560f/Pa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa2f93f717b081401e1ffbd2e3f1cce2_JaffaCakes118

Files

fa2f93f717b081401e1ffbd2e3f1cce2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

17e109e08353f710fea9e78b1b30e5c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
WriteFileGather
GlobalGetAtomNameW
FillConsoleOutputAttribute
DeleteAtom
GetProfileIntA
GlobalFindAtomW
GetFullPathNameA
GetNumberFormatW
GetThreadTimes
CreateMutexA
lstrcpynW
TlsSetValue
CreateDirectoryW
GetHandleInformation
SetPriorityClass
LocalFileTimeToFileTime
GetCurrentThread
CreateMutexW
OpenSemaphoreA
GetCalendarInfoA
CreateMailslotW
LockFileEx
CreateFileW
lstrcat
GlobalHandle
MapViewOfFile
LocalShrink
FreeLibraryAndExitThread
GetProcessHeaps
lstrlen
GlobalReAlloc
CommConfigDialogA
CreateTapePartition
GlobalAlloc
GetEnvironmentVariableA
WaitNamedPipeW
EnumDateFormatsExW
GetDiskFreeSpaceA
FindFirstFileW
InterlockedDecrement
WriteProfileStringA
GetProfileStringW
MultiByteToWideChar
lstrcmpiW
EnumDateFormatsExA
GetNamedPipeInfo
WriteProfileStringW
SetFileAttributesA
GlobalLock
GetTimeFormatW
GetThreadPriority
ResumeThread
SetConsoleOutputCP
GetStringTypeExW
WriteFileEx
GetShortPathNameA
EnumResourceLanguagesW
CompareStringA
MoveFileExA
GetProfileIntW
EnumResourceLanguagesA
CreateMailslotA
EnumSystemCodePagesA
lstrcpynA
WaitForDebugEvent
CreateProcessA
FileTimeToSystemTime
InterlockedCompareExchange
CreateFileMappingA
SetFileTime
GetProfileSectionW
ReadConsoleOutputCharacterW
SetSystemTime
lstrcpyW
GetProcessTimes
EnumCalendarInfoW
CopyFileExA
ResetWriteWatch
GetWindowsDirectoryW
EnumResourceNamesA
GetShortPathNameW
SetFileAttributesW
EnumCalendarInfoExA
CreateDirectoryExW
Heap32Next
SetFilePointer
GetSystemDefaultLangID
UpdateResourceA
OpenSemaphoreW
GetStringTypeExA
CreateFileMappingW
UnhandledExceptionFilter
CreateConsoleScreenBuffer
GetPrivateProfileStructA
DisableThreadLibraryCalls
GlobalFindAtomA
SetEnvironmentVariableW
ReadFile
EnumCalendarInfoExW
GetCurrencyFormatW
ContinueDebugEvent
CreateSemaphoreW
GetPrivateProfileSectionA
GetLocalTime
GetLongPathNameA
WaitCommEvent
FreeEnvironmentStringsA
FillConsoleOutputCharacterW
GetACP
OpenWaitableTimerA
FreeConsole
DeleteFileA
WriteConsoleOutputW
ReadConsoleInputW
GetCompressedFileSizeW
SetWaitableTimer
TlsFree
DeviceIoControl
ReleaseSemaphore
FindNextFileW
GetNamedPipeHandleStateW
BeginUpdateResourceW
HeapSize
InterlockedIncrement
lstrcmpiA
VirtualFreeEx
FreeEnvironmentStringsW
GlobalUnWire
OutputDebugStringA
GetNamedPipeHandleStateA
FindFirstFileExA
GetLocaleInfoW
WritePrivateProfileStructW
WriteConsoleOutputA
WriteConsoleOutputCharacterA
FreeLibrary
GetSystemDirectoryA
WritePrivateProfileStringW
WriteConsoleOutputCharacterW
UpdateResourceW
FreeResource
GetFileAttributesA
SetConsoleTitleA
GetTempPathA
GlobalUnlock
SetConsoleCP

wininet

FtpCommandW
CreateUrlCacheContainerA
InternetCombineUrlA
GopherGetLocatorTypeA
CreateUrlCacheGroup
FindFirstUrlCacheContainerW
InternetCombineUrlW
InternetDialW
HttpCheckDavCompliance
InternetCloseHandle
RetrieveUrlCacheEntryFileA
HttpAddRequestHeadersA
FtpGetFileW
FindNextUrlCacheEntryExA
SetUrlCacheConfigInfoA
ResumeSuspendedDownload
FtpOpenFileA
FindNextUrlCacheEntryExW
InternetQueryFortezzaStatus
InternetHangUp
InternetAttemptConnect
InternetGoOnlineW
InternetUnlockRequestFile
InternetSetOptionA
SetUrlCacheEntryInfoA
GopherGetAttributeA
InternetTimeToSystemTimeA
DeleteUrlCacheEntryA
InternetConnectW
InternetSetDialStateW
InternetWriteFileExW
FtpGetCurrentDirectoryA
InternetTimeFromSystemTime
GetUrlCacheEntryInfoA
GopherFindFirstFileW
FtpPutFileEx
InternetCheckConnectionA
FindNextUrlCacheContainerW
HttpSendRequestExW
InternetGetConnectedStateExA
InternetSetOptionExW
InternetCheckConnectionW
InternetSetCookieA
HttpQueryInfoA
InternetConfirmZoneCrossing
RetrieveUrlCacheEntryFileW
HttpQueryInfoW
InternetOpenA
ShowX509EncodedCertificate
HttpOpenRequestW
GopherOpenFileW
UpdateUrlCacheContentPath
FindNextUrlCacheContainerA
GetUrlCacheEntryInfoW
IsHostInProxyBypassList
DeleteIE3Cache
FindFirstUrlCacheEntryExA
FtpPutFileW
InternetTimeToSystemTime
InternetTimeFromSystemTimeW
InternetLockRequestFile
FindFirstUrlCacheContainerA
InternetCanonicalizeUrlW
GetUrlCacheEntryInfoExA
InternetGetLastResponseInfoW
InternetAlgIdToStringW
GopherCreateLocatorW
FindFirstUrlCacheEntryA
SetUrlCacheEntryGroup
InternetQueryDataAvailable
HttpEndRequestA
FtpSetCurrentDirectoryA
InternetGetCookieW
SetUrlCacheHeaderData
InternetOpenUrlW
FtpGetFileA
DeleteUrlCacheContainerA
InternetFortezzaCommand
GetUrlCacheGroupAttributeW
InternetGoOnline
InternetWriteFileExA
InternetOpenUrlA
InternetConfirmZoneCrossingA
ReadUrlCacheEntryStream
SetUrlCacheGroupAttributeW
InternetSecurityProtocolToStringA
GetUrlCacheHeaderData
SetUrlCacheEntryGroupA
FindFirstUrlCacheGroup
HttpAddRequestHeadersW
InternetGetConnectedState
InternetSetOptionW
HttpEndRequestW
InternetGetLastResponseInfoA
FtpOpenFileW
DeleteUrlCacheEntryW
InternetTimeFromSystemTimeA
SetUrlCacheGroupAttributeA
CreateUrlCacheEntryA
FtpCreateDirectoryW
CreateUrlCacheContainerW
InternetCreateUrlW
DeleteUrlCacheEntry
CommitUrlCacheEntryA
InternetDial
FindNextUrlCacheGroup
InternetSetDialState
UrlZonesDetach
FreeUrlCacheSpaceA
InternetDialA
SetUrlCacheEntryInfoW
InternetGetCertByURLA
IncrementUrlCacheHeaderData
InternetReadFileExA
InternetConnectA
InternetAlgIdToStringA
InternetFindNextFileW
InternetReadFile
InternetAutodialHangup
FtpGetCurrentDirectoryW
GetUrlCacheEntryInfoExW
GetUrlCacheConfigInfoW
FtpRenameFileW
FtpCreateDirectoryA
InternetTimeToSystemTimeW
SetUrlCacheConfigInfoW
RetrieveUrlCacheEntryStreamW
DetectAutoProxyUrl
InternetOpenW
GetUrlCacheConfigInfoA
IsUrlCacheEntryExpiredA
InternetReadFileExW
FindFirstUrlCacheEntryExW
SetUrlCacheEntryGroupW
InternetGetConnectedStateExW
DeleteUrlCacheGroup
InternetCanonicalizeUrlA
HttpSendRequestA
InternetSecurityProtocolToStringW
RegisterUrlCacheNotification
GopherGetLocatorTypeW
InternetGetCertByURL
ShowClientAuthCerts
ShowCertificate
InternetSetCookieW
InternetFindNextFileA
InternetGetCookieA
GopherCreateLocatorA
CreateUrlCacheEntryW
FindFirstUrlCacheEntryW
FtpRemoveDirectoryA
LoadUrlCacheContent
UnlockUrlCacheEntryFileW
FtpRemoveDirectoryW
InternetCreateUrlA
FtpGetFileSize
InternetQueryOptionA
RetrieveUrlCacheEntryStreamA
FtpCommandA
FtpDeleteFileA
InternetConfirmZoneCrossingW
InternetAutodial
InternetShowSecurityInfoByURL
InternetInitializeAutoProxyDll
DeleteUrlCacheContainerW
FtpDeleteFileW
ShowSecurityInfo
FtpRenameFileA
FtpFindFirstFileA
UnlockUrlCacheEntryStream
GopherFindFirstFileA
RunOnceUrlCache
GopherOpenFileA
InternetCrackUrlA
InternetWriteFile
InternetCrackUrlW
FtpGetFileEx
HttpSendRequestExA
InternetShowSecurityInfoByURLW
FindNextUrlCacheEntryW
FreeUrlCacheSpaceW
InternetErrorDlg
InternetSetDialStateA
FindCloseUrlCache
GetUrlCacheGroupAttributeA
HttpSendRequestW
CommitUrlCacheEntryW
FtpSetCurrentDirectoryW

gdi32

GetTextExtentPoint32A
SetBkColor
CreateDIBSection
GetWindowOrgEx
GetMetaFileA
EnumEnhMetaFile
CreateCompatibleDC

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17e109e08353f710fea9e78b1b30e5c6

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 119KB - Virtual size: 118KB

.data Size: 118KB - Virtual size: 117KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 119KB - Virtual size: 118KB

.data
Size: 118KB - Virtual size: 117KB

.reloc
Size: 16KB - Virtual size: 15KB