fe862182081e5f2ca16e3021179b51ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe862182081e5f2ca16e3021179b51ad_JaffaCakes118
Size

317KB
MD5

fe862182081e5f2ca16e3021179b51ad
SHA1

f234a82ee9a09bc7f09b98c978950b07b89bf0cb
SHA256

e3059d13d5985417c959f15fbd5e2acd866f672964da2f2fe0bbd03c3cfc6289
SHA512

907e9e82321325042bb27250abf3f52b0fcdc6b05b6df75d91e36a23775fdaf7bfcb89cb58f92ed2c0dcc02e28bd864a64b7d888610346861e9f46e5af7c6fff
SSDEEP

3072:wBwaM0k+7FB3oJJc5B2LvWiLAobIkeIDZroq9Zi4mCxxHtX9r1j3jPm61p3XQbj3:wNoJi2LEoMktMA9+t8i8V5yRxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe862182081e5f2ca16e3021179b51ad_JaffaCakes118

Files

fe862182081e5f2ca16e3021179b51ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e86da2ce3176db651012755b0ba651a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
lstrlenA
InterlockedDecrement
InterlockedIncrement
ReadFile
SetFilePointer
CloseHandle
CreateFileA
GetModuleFileNameA
GetVersionExA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
WideCharToMultiByte
DebugBreak
OutputDebugStringA
SetEndOfFile
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetLastError
GetDiskFreeSpaceExA
GetShortPathNameA
GetFullPathNameA
DeleteFileA
WriteFile
GetTempFileNameA
LoadLibraryW
SetLastError
GetModuleFileNameW
LoadLibraryA
lstrcatA
CopyFileA
GetTempPathA
FreeLibrary
CreateDirectoryA
GetFileSize
FlushFileBuffers
CreateThread
MultiByteToWideChar
GetTickCount
Sleep
TerminateThread
MoveFileA
GetCommandLineA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
FindResourceA
GetFileType
lstrlenW
lstrcmpiA
LoadLibraryExA
IsDBCSLeadByte
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
SizeofResource
LoadResource
GlobalFree
GlobalHandle
LockResource
CompareStringA
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
GetConsoleCP
GetConsoleMode
HeapDestroy
HeapCreate
GetCPInfo
GetOEMCP
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
HeapSize

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA

gdi32

DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
GetStockObject
DeleteDC

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
GetErrorInfo
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysFreeString

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellExecuteExA
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderPathA

user32

MapWindowPoints
SetWindowContextHelpId
IsWindowVisible
GetWindowRect
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
CreateAcceleratorTableA
CreateWindowExA
LoadCursorA
IsWindow
GetDesktopWindow
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetDlgItem
GetParent
IsChild
SetCapture
SystemParametersInfoA
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
DestroyWindow
DefWindowProcA
CreateDialogIndirectParamA
GetClassInfoExA
RegisterClassExA
ShowWindow
GetWindowLongA
SetWindowLongA
SendMessageA
FindWindowA
SetWindowTextA
CharNextA
wvsprintfA
LoadStringA
MapDialogRect
LoadIconA
PostQuitMessage
DispatchMessageA
IsDialogMessageA
GetMessageA
PostMessageA
RedrawWindow
UnregisterClassA
GetClassNameA

wininet

HttpOpenRequestA
InternetCloseHandle
InternetQueryOptionA
InternetOpenUrlA
InternetCrackUrlA
HttpQueryInfoA
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetReadFile
InternetSetOptionA
InternetGetConnectedState

wsock32

gethostbyname

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e86da2ce3176db651012755b0ba651a

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

oleaut32

shell32

user32

wininet

wsock32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 32KB - Virtual size: 37KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 112KB - Virtual size: 116KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 32KB - Virtual size: 37KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 112KB - Virtual size: 116KB