770fb63b61e17f0e060f2f4678156fb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

770fb63b61e17f0e060f2f4678156fb2_JaffaCakes118
Size

848KB
MD5

770fb63b61e17f0e060f2f4678156fb2
SHA1

28f04d90e050100189307fa13ed0cd03b0390eb0
SHA256

f9a2b9622ebbd7a8f82a1b3870146bb3c5538feab22818f37eb84d1e6cdcb42b
SHA512

b7b70695688ed40717762e984cb766662ec7f15f5f4e20c6c77d743e53298115ad6e987a4ba510016f8e0e068a13ed2d21809f142bdfea5d0e0150d54085249f
SSDEEP

12288:EgQQ/9LQFcSEwK2xzv8X5edVaGs9POMQw8Ky1ybc5MaB4V0QG/Rwit+GFsQcbfnX:EgvNQK4d8GXnwy1yijE0LR3jFsQeS3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
770fb63b61e17f0e060f2f4678156fb2_JaffaCakes118

Files

770fb63b61e17f0e060f2f4678156fb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0bebe387337309bbdc84b98edc202f33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
WideCharToMultiByte
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStdHandle
GetFileType
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
CreateDirectoryW
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
InterlockedDecrement
InterlockedIncrement
FindResourceW
GetStartupInfoW
GetModuleHandleW
CreateEventW
GetLocalTime
MulDiv
CloseHandle
WriteFile
SetHandleCount
LoadResource
WaitForSingleObject
DeleteCriticalSection
GetLastError
GetCurrentThreadId
GetEnvironmentStringsW
GetCurrentProcess
InitializeCriticalSection
VirtualAlloc

shlwapi

PathRemoveExtensionW
PathRemoveFileSpecW
UrlCanonicalizeW
UrlUnescapeW
PathCreateFromUrlW
SHGetValueW
SHSetValueW
AssocCreate
AssocQueryStringW
PathIsNetworkPathW
PathIsRootW
PathIsDirectoryW
PathFileExistsW
PathAppendW
PathAddBackslashW
StrRetToStrW
StrCmpIW
StrCmpW
StrTrimW
StrToIntExW
StrStrIW
StrStrW
StrRChrW
StrPBrkW
StrCmpNIW
StrCmpNW
PathIsURLW

user32

CreateIcon
DrawIconEx
WinHelpW
GetWindow
SetWindowLongW
EqualRect
OffsetRect
SetCursorPos
MessageBoxW
GetClientRect
ShowScrollBar
InvalidateRect
GetWindowDC
DrawIcon
GetMenuItemID
DestroyMenu
MsgWaitForMultipleObjectsEx
CheckRadioButton
GetDlgItemTextW
SetDlgItemInt
SendMessageTimeoutW

crypt32

CryptEncodeObjectEx
CertFreeCertificateChain
CertGetCertificateChain
CryptQueryObject
CertNameToStrW
CryptAcquireCertificatePrivateKey
CertFindExtension
CertVerifyTimeValidity
CertAddCertificateContextToStore
CertAddEncodedCertificateToStore
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertEnumCertificatesInStore
CertOpenStore
CryptEnumOIDInfo
CryptFindOIDInfo
CryptDecodeObjectEx

wininet

InternetSetOptionW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
InternetOpenW

ole32

StringFromCLSID
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
PropVariantClear

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 432KB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0i4s7o
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.e91shr
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bebe387337309bbdc84b98edc202f33

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

crypt32

wininet

ole32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 432KB - Virtual size: 7.4MB

.0i4s7o Size: 106KB - Virtual size: 106KB

.e91shr Size: 235KB - Virtual size: 235KB

.rsrc Size: 27KB - Virtual size: 30KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 432KB - Virtual size: 7.4MB

.0i4s7o
Size: 106KB - Virtual size: 106KB

.e91shr
Size: 235KB - Virtual size: 235KB

.rsrc
Size: 27KB - Virtual size: 30KB