7c94373a8e75d4384c750148e5f14cea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7c94373a8e75d4384c750148e5f14cea_JaffaCakes118
Size

615KB
MD5

7c94373a8e75d4384c750148e5f14cea
SHA1

f612f3b2f1c625f1ae1232b8cba6592d5faae21c
SHA256

f546bfd1d40c996df277b1e308f9d686e0b88edbaca48e9e3e4fafef5570388c
SHA512

17167ab0406769469232eb321daf80a8a96d51d3cfc33542d1e05751b139dcb0c8e1a7db1ce8e1963569e02c60512ca60074694b890781c93d0fddeff58d2e2a
SSDEEP

6144:1AUG01LVWvoPPdaEUIZQX2k+qxa0Gu6yGdCLWTBTbbIsG:1OOkoP04iX2FqQ0Gu6fdCLWTasG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c94373a8e75d4384c750148e5f14cea_JaffaCakes118

Files

7c94373a8e75d4384c750148e5f14cea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f4bbdd2c2d90d9a653d01e8b97259980

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegSetValueExW
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
CryptCreateHash
CryptDestroyHash
CryptHashData

wininet

InternetOpenW
InternetQueryOptionW
InternetReadFile
InternetConnectW
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
HttpOpenRequestW
InternetCrackUrlW
InternetCloseHandle
InternetReadFileExW
InternetGetConnectedState

rpcrt4

UuidCreate
RpcStringFreeA
UuidToStringW

kernel32

GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FindResourceExW
FindResourceW
LoadResource
WideCharToMultiByte
SizeofResource
MultiByteToWideChar
lstrlenW
GetLastError
LockResource
CreateDirectoryW
WaitForSingleObject
WriteFile
CreateFileW
CloseHandle
GetModuleHandleW
GetProcAddress
ExpandEnvironmentStringsW
FindFirstFileW
MoveFileExW
GetFileAttributesW
GetTempPathW
FindClose
SetCurrentDirectoryW
RemoveDirectoryW
FindNextFileW
DeleteFileW
SetFileAttributesW
SetFilePointer
ReadFile
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
GlobalLock
InitializeCriticalSection
GlobalAlloc
LeaveCriticalSection
MulDiv
GetModuleFileNameW
lstrcmpW
GlobalUnlock
FlushInstructionCache
RaiseException
SetLastError
EnterCriticalSection
DeleteCriticalSection
EnumSystemLocalesA
GetCommandLineW
LocalFree
GetFileSize
FreeLibrary
CreateProcessW
LoadLibraryExW
SetEvent
OutputDebugStringW
Sleep
ResetEvent
CreateEventW
lstrcmpiW
CreateThread
FormatMessageW
GetExitCodeThread
VerSetConditionMask
GetVersionExW
VerifyVersionInfoW
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
HeapCreate
GetStringTypeW
LCMapStringA
CompareStringW
CompareStringA
LCMapStringW
GetCPInfo
RtlUnwind
GetStartupInfoA
GetCommandLineA
ExitProcess
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
GetModuleHandleA
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
FlushFileBuffers
CreateFileA
SetEndOfFile
SetEnvironmentVariableA
GetCurrentThreadId

user32

SetWindowTextW
CallWindowProcW
GetWindow
MoveWindow
DispatchMessageW
UnregisterClassA
MapWindowPoints
IsWindowVisible
GetSystemMetrics
MessageBoxW
CreateDialogParamW
ShowWindow
SendDlgItemMessageW
MonitorFromWindow
PostMessageW
LoadImageW
GetWindowRect
DefWindowProcW
UpdateWindow
GetMonitorInfoW
EndPaint
ClientToScreen
DestroyWindow
DestroyAcceleratorTable
ScreenToClient
GetMessageW
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
GetKeyState
SetForegroundWindow
GetFocus
GetParent
InvalidateRgn
LoadCursorW
GetClientRect
CreateAcceleratorTableW
SetFocus
BeginPaint
GetClassInfoExW
GetDC
TranslateMessage
RegisterClassExW
InvalidateRect
GetWindowLongW
GetWindowTextW
GetClassNameW
ReleaseDC
GetDlgItem
SetWindowLongW
RedrawWindow
GetDesktopWindow
GetSysColor
SetWindowPos
IsWindow
CreateWindowExW
ReleaseCapture
SendMessageW
GetWindowTextLengthW

gdi32

GetStockObject
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
GetDeviceCaps
DeleteDC
BitBlt
CreateSolidBrush

shell32

ShellExecuteExW
CommandLineToArgvW

ole32

StringFromGUID2
OleInitialize
OleUninitialize
CoGetClassObject
CoTaskMemAlloc
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemFree
OleRun
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysFreeString
SafeArrayCreateVector
SafeArrayAccessData
LoadTypeLi
SafeArrayDestroy
VarUI4FromStr
LoadRegTypeLi
OleCreateFontIndirect
VariantInit
SysAllocStringLen
SafeArrayUnaccessData
VariantClear
GetErrorInfo

shlwapi

PathIsDirectoryW
PathStripPathW
PathRemoveFileSpecW
PathIsSystemFolderW
PathAddBackslashW
PathFileExistsW
PathRemoveExtensionW
PathFindExtensionW

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4bbdd2c2d90d9a653d01e8b97259980

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

wininet

rpcrt4

kernel32

user32

gdi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 323KB - Virtual size: 323KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 155KB - Virtual size: 155KB

.reloc Size: 22KB - Virtual size: 22KB

.text
Size: 323KB - Virtual size: 323KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 155KB - Virtual size: 155KB

.reloc
Size: 22KB - Virtual size: 22KB