fc42e9197879476cb2d57d072a7edf86_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc42e9197879476cb2d57d072a7edf86_JaffaCakes118
Size

338KB
MD5

fc42e9197879476cb2d57d072a7edf86
SHA1

d73c2e6b6646dd19c22710c40e5b50a76481de0e
SHA256

88c59633755a858107463944f886d389bc023fc9aa94f32e426767d47e49e38f
SHA512

5804d81337a92ae591e1bdabdb0465d3a3bcdacb9886d557282a8e9ea2a27fa0f54ef5cdb59cea30ebb5918a009a98f880ba2d433035e799ca8dc82ad002e11c
SSDEEP

6144:huIum8/OVncjE4ZOX+FhCgozYLGzKJUPR3/kK:Ivm8WRYREX+N4YKOOPhk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc42e9197879476cb2d57d072a7edf86_JaffaCakes118

Files

fc42e9197879476cb2d57d072a7edf86_JaffaCakes118
.exe windows:4 windows x86 arch:x86

500844542143dfb9a734cd1ce1e702f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\lw

Imports

user32

WINNLSGetEnableStatus
ModifyMenuA
GetMessageW
ChildWindowFromPointEx
DdeQueryStringA
SwitchDesktop
IsIconic
GetDlgItemInt
IsClipboardFormatAvailable
GetComboBoxInfo
GetWindowRgn
wsprintfA
TranslateMessage
AnimateWindow
GetKeyNameTextA
CloseClipboard
DestroyMenu
CountClipboardFormats
UpdateWindow
SetWindowsHookA
ReleaseDC
GetMenuItemCount
DdeFreeStringHandle
RegisterClassA
MessageBoxA
CreateWindowExA
RegisterClassExA
DlgDirListComboBoxA
ShowWindow
DeleteMenu

wininet

HttpQueryInfoA
InternetGoOnline
InternetCreateUrlA
InternetCanonicalizeUrlA
InternetReadFileExW

comctl32

ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_GetBkColor
InitCommonControlsEx
ImageList_DragMove
ImageList_Add
ImageList_GetFlags
ImageList_Duplicate
ImageList_Replace
DestroyPropertySheetPage

gdi32

GetTextExtentPoint32A
EnumFontsW
GetOutlineTextMetricsA
DescribePixelFormat
SetColorSpace
GetCharABCWidthsW
GetTextAlign
Polyline
GetPaletteEntries
GetBitmapBits
GetDeviceGammaRamp
ResetDCW
StrokeAndFillPath
CreateFontIndirectW
SetViewportExtEx
FrameRgn
SetPaletteEntries
PlayMetaFile
StartDocW
FillPath

kernel32

GetSystemTimeAsFileTime
GetACP
ReadFile
GetStartupInfoA
CreateMutexA
SetStdHandle
SetEnvironmentVariableA
RtlUnwind
DosDateTimeToFileTime
HeapFree
GetThreadSelectorEntry
VirtualFree
HeapCreate
HeapAlloc
GetEnvironmentStringsW
SetHandleCount
EnumCalendarInfoExA
FreeEnvironmentStringsA
LeaveCriticalSection
InterlockedExchange
GetCommandLineA
TlsFree
FlushFileBuffers
EnterCriticalSection
GlobalReAlloc
CompareStringW
GetStdHandle
CloseHandle
GetCurrentThreadId
TerminateProcess
GetEnvironmentStrings
GetLocalTime
InterlockedDecrement
FoldStringA
CreateDirectoryA
HeapDestroy
GetTempPathW
GetTimeZoneInformation
lstrcatW
WideCharToMultiByte
ExitProcess
LCMapStringA
GetLastError
InterlockedIncrement
SetLastError
GetSystemTime
SetThreadIdealProcessor
VirtualQueryEx
TlsSetValue
GetCurrentProcess
OpenMutexA
ReadConsoleOutputCharacterW
SetLocalTime
UnhandledExceptionFilter
VirtualAlloc
ReadConsoleOutputW
GetStringTypeA
GetStringTypeW
GetVersion
IsBadWritePtr
CompareStringA
GetOEMCP
GetModuleFileNameA
InitializeCriticalSection
VirtualQuery
GetCPInfo
LoadLibraryA
LCMapStringW
GetFileType
OpenFile
QueryPerformanceCounter
TlsGetValue
SetFilePointer
DeleteCriticalSection
HeapReAlloc
GetCurrentThread
FreeEnvironmentStringsW
TlsAlloc
GetModuleHandleA
RtlMoveMemory
RtlFillMemory
GetProcAddress
WriteFile
GetLogicalDrives
GetTickCount
MultiByteToWideChar
GetCurrentProcessId

shell32

SheChangeDirExW
ExtractAssociatedIconA

comdlg32

ReplaceTextW
ChooseColorW

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

500844542143dfb9a734cd1ce1e702f6

Headers

File Characteristics

PDB Paths

Imports

user32

wininet

comctl32

gdi32

kernel32

shell32

comdlg32

Sections

.text Size: 204KB - Virtual size: 204KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 89KB - Virtual size: 89KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 204KB - Virtual size: 204KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 89KB - Virtual size: 89KB

.rsrc
Size: 11KB - Virtual size: 10KB