4e39187ec3168220da7bf589b3f10626_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4e39187ec3168220da7bf589b3f10626_JaffaCakes118
Size

1.2MB
MD5

4e39187ec3168220da7bf589b3f10626
SHA1

a4b6dceb63a475f1ec5da229c69d77947724eea7
SHA256

a496c677ee6c731fe0acf3020ebbd3d1502ebec3bb47ee2284eedd4231ced959
SHA512

65d4e30cf5e93b855841136bbc9d7cf986bbaaa720ff0e56553a47f76133450bb91199e028810550df6d938e48dce9b0fdd6eec13fd794bd363765188519a470
SSDEEP

24576:cTCfdN3a4wznqstQn4N8jiWmOwSUQkqmm7wFuNf6W+j5QvEDqniI79e8:fyq4kP0S3we6W+j5QvEm57x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e39187ec3168220da7bf589b3f10626_JaffaCakes118

Files

4e39187ec3168220da7bf589b3f10626_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a65f30367f692ef0cdba3816e1eed364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile
HttpQueryInfoW
InternetCloseHandle

msimg32

AlphaBlend

comctl32

_TrackMouseEvent

riched20

ord4

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW

shlwapi

StrStrIW
PathFileExistsW
StrStrIA

kernel32

SetFileTime
WideCharToMultiByte
GetFileAttributesW
MultiByteToWideChar
GetCurrentDirectoryW
SystemTimeToFileTime
CreateDirectoryW
FindNextFileW
FindClose
FindFirstFileW
SetFileAttributesW
WaitForSingleObject
GetLongPathNameW
GetTempFileNameW
GetWindowsDirectoryW
GetTempPathW
TerminateProcess
GetCurrentThreadId
ResumeThread
GetModuleHandleW
QueryPerformanceCounter
GetVersionExW
InterlockedDecrement
LocalFileTimeToFileTime
GetSystemInfo
LoadResource
LockResource
SizeofResource
FreeResource
FindResourceW
MulDiv
GlobalLock
GlobalFree
GlobalAlloc
GlobalUnlock
InterlockedIncrement
HeapFree
GetProcessHeap
LoadLibraryA
GetModuleHandleA
GetACP
GetStringTypeW
GetStringTypeA
ExitProcess
GetCPInfo
LCMapStringW
LCMapStringA
RaiseException
HeapReAlloc
CreateThread
ExitThread
RtlUnwind
GetStartupInfoW
GetVersionExA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedExchange
HeapCreate
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GetCurrentProcessId
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTickCount
lstrcmpW
OutputDebugStringW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
CreateEventW
Sleep
GetModuleFileNameW
CreateProcessW
WriteFile
SetEndOfFile
GetFileSize
HeapDestroy
GetPrivateProfileStringW
GetPrivateProfileIntW
DeleteFileW
WritePrivateProfileStringW
lstrlenA
CreateFileW
ReadFile
CloseHandle
SetFilePointer
lstrlenW
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleFileNameA
GetTimeZoneInformation
VirtualFree
VirtualAlloc
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
CreateFileA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetThreadLocale
SetEvent
GetCurrentProcess
ResetEvent

user32

DefWindowProcW
RegisterClassW
LoadBitmapW
DestroyWindow
SetCapture
SetFocus
ShowCaret
InvalidateRect
TranslateAcceleratorW
CreateCaret
IsWindow
UpdateLayeredWindow
BeginPaint
SetWindowRgn
PtInRect
GetKeyState
CreateWindowExW
GetMonitorInfoW
ScreenToClient
ReleaseCapture
SetCaretPos
ReleaseDC
GetFocus
GetUpdateRect
IsWindowEnabled
GetDC
MonitorFromWindow
DispatchMessageW
TranslateMessage
GetMessageW
EndPaint
GetWindowTextLengthW
CharPrevW
GetWindowRect
IsWindowVisible
GetWindow
MapWindowPoints
GetWindowTextW
CallWindowProcW
SystemParametersInfoW
IsChild
GetClientRect
IsZoomed
FillRect
CharNextW
DrawFocusRect
SetCursor
OffsetRect
InvalidateRgn
DestroyAcceleratorTable
CreateAcceleratorTableW
ChildWindowFromPointEx
GetAsyncKeyState
ClientToScreen
GetParent
GetClassNameW
SetWindowTextW
SetWindowLongW
EnumThreadWindows
GetWindowLongW
SetWindowPos
PostQuitMessage
MessageBoxW
GetCursorPos
ShowWindow
PostMessageW
SetTimer
SendMessageW
KillTimer
GetSystemMetrics
LoadImageW
LoadIconW
wsprintfA
wsprintfW
RegisterClassExW
GetPropW
LoadCursorW
SetPropW
GetClassInfoExW
DestroyIcon
EnableWindow
IntersectRect
CopyImage
DrawIconEx
IsRectEmpty
IsIconic
DrawTextW
GetSysColor
MoveWindow
RedrawWindow
SetForegroundWindow
CharNextA
HideCaret

gdi32

CreateCompatibleDC
CreateEllipticRgn
GetTextExtentPoint32W
TextOutW
SetTextColor
ExtSelectClipRgn
RoundRect
CreateSolidBrush
ExtTextOutW
SetBitmapBits
MoveToEx
GetBitmapBits
SetStretchBltMode
SelectClipRgn
GetCharABCWidthsW
SetBkColor
SetBkMode
StretchBlt
GetDeviceCaps
CreateCompatibleBitmap
CreateRectRgnIndirect
GetObjectW
LineTo
CombineRgn
BitBlt
CreateRoundRectRgn
Rectangle
CreateRectRgn
EnumFontsW
DeleteObject
CreatePen
SelectObject
DeleteDC
CreateDIBSection
CreateFontIndirectW
GetClipBox
GetTextMetricsW
GetStockObject

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

ole32

CoInitialize
CLSIDFromProgID
CLSIDFromString
DoDragDrop
CreateStreamOnHGlobal
OleLockRunning
OleDuplicateData
ReleaseStgMedium
CoCreateInstance

oleaut32

SysAllocString
OleLoadPicture
SysFreeString

Sections

.text
Size: 876KB - Virtual size: 875KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a65f30367f692ef0cdba3816e1eed364

Headers

File Characteristics

Imports

wininet

msimg32

comctl32

riched20

shell32

shlwapi

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 876KB - Virtual size: 875KB

.rdata Size: 164KB - Virtual size: 161KB

.data Size: 16KB - Virtual size: 25KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 180KB - Virtual size: 178KB

.text
Size: 876KB - Virtual size: 875KB

.rdata
Size: 164KB - Virtual size: 161KB

.data
Size: 16KB - Virtual size: 25KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 180KB - Virtual size: 178KB