82b00ff6ee8d574dfae6b00c7f0c144a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82b00ff6ee8d574dfae6b00c7f0c144a_JaffaCakes118
Size

96KB
MD5

82b00ff6ee8d574dfae6b00c7f0c144a
SHA1

31cb6eb3de375a72247bbf02794101af32a7665b
SHA256

83319a11b3d1529098f24586b7fdd0c4e81764ae2b62518694fa0d0e6bfc2be9
SHA512

eed4fced3390d6b470342715a70f7293a267f0a17b741b2689f54f73990703169109df154b94d6658dcfd2c87cd2e8ddb097901d66c31633e9b140c1158b88bd
SSDEEP

1536:gO0v22y7L0R+vqJZcvY0BbtFvZsV4Mv+5SaE3zzh7WvfjHa+v2XmCV:av1yH0zNuZkvSSbxWv++v2Xr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82b00ff6ee8d574dfae6b00c7f0c144a_JaffaCakes118

Files

82b00ff6ee8d574dfae6b00c7f0c144a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1a5b0299f8bee5fea08ed11eb73d0841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkMode
SetWinMetaFileBits
CreateCompatibleDC
GetEnhMetaFileHeader
GetClipBox
GetEnhMetaFileBits
SetTextCharacterExtra
DPtoLP
SetAbortProc
ScaleWindowExtEx
EndDoc
SetWorldTransform
BeginPath
RestoreDC
CreateDIBSection
RectVisible
TextOutA
CreateICA
DeleteEnhMetaFile
CreateCompatibleBitmap
PolyBezierTo
ExtCreatePen
SetStretchBltMode
SetPolyFillMode
LPtoDP
GetTextFaceA
SaveDC
ExtEscape
CloseEnhMetaFile
CreateSolidBrush
SetTextAlign
IntersectClipRect
GetWinMetaFileBits
PatBlt
EndPath
StartDocW
SetWindowExtEx
EndPage
ResizePalette
SetPixel
GetEnhMetaFilePaletteEntries
GetObjectA
GdiFlush
GetBrushOrgEx
SetBkColor
GetWindowOrgEx
PlayEnhMetaFile
CreatePen
GetBitmapBits
GetTextCharsetInfo
CreateFontW
SetViewportExtEx
GetStockObject
SelectClipRgn
SelectPalette
GetBkColor
ExtFloodFill
SetDIBColorTable
SetMapMode
GetTextColor
StartPage
GetTextMetricsA
DeleteObject
CopyEnhMetaFileW
CreateRoundRectRgn
GetTextExtentPoint32A
Polygon
FillRgn
GetTextExtentPoint32W
GetCharWidthA
CreateDCW
StrokePath
GetGlyphOutlineW
EnumFontFamiliesExW
GetObjectType
ScaleViewportExtEx
PtVisible
CreateEllipticRgn
StretchBlt
GetNearestPaletteIndex
OffsetRgn
CreateDCA
ExtSelectClipRgn
CombineRgn
GetObjectW
EnumFontFamiliesA
SetROP2

user32

SetClassLongW
CharPrevW
PostMessageA
DefWindowProcA
WinHelpA
CopyIcon
BeginDeferWindowPos
TrackPopupMenuEx
DispatchMessageA
FindWindowA
LoadStringW
RegisterClassExW
GetKeyboardState
SetClipboardData
GetWindowTextA
WaitMessage
IsWindowVisible
GetLastActivePopup
SetDlgItemInt
LoadCursorA
SetMenu
SendNotifyMessageW
GetDC
GetDlgItemTextA
EnableScrollBar
GetMenuItemID
FindWindowW
CopyImage
FindWindowExW
DispatchMessageW
EnumDisplaySettingsW
GetClipboardData
SendDlgItemMessageA
CharUpperA
DrawTextW
CreateDialogIndirectParamA
TranslateAcceleratorW
CharNextW
SendInput
SetWindowLongA
FillRect
GetParent
AdjustWindowRect
GetScrollRange
IsDlgButtonChecked
SetWindowPlacement
GetDlgItem
GetClipboardFormatNameW
DestroyCursor
GetMenuItemCount
ModifyMenuA
CharToOemA
ShowOwnedPopups
GetCaretPos
CheckMenuItem
LoadMenuW
SetForegroundWindow
CloseDesktop

wininet

ReadUrlCacheEntryStream
InternetAutodial
InternetGetLastResponseInfoW
RetrieveUrlCacheEntryFileW
CreateUrlCacheGroup
FtpCreateDirectoryW
InternetSetDialState
CommitUrlCacheEntryW
CreateUrlCacheEntryA
InternetGetLastResponseInfoA
InternetCheckConnectionA
InternetGetConnectedState
FtpRenameFileA
InternetCreateUrlW
RetrieveUrlCacheEntryStreamA
FtpFindFirstFileA
InternetUnlockRequestFile
GopherGetLocatorTypeW
InternetConnectW
InternetSetOptionA
InternetAttemptConnect
InternetHangUp
SetUrlCacheEntryInfoW
GetUrlCacheEntryInfoExA
InternetFindNextFileW
HttpQueryInfoW
FtpDeleteFileW
DeleteUrlCacheEntry
InternetQueryOptionW
CreateUrlCacheEntryW
InternetCombineUrlW
UnlockUrlCacheEntryFile
FtpOpenFileA
GopherOpenFileW
InternetOpenA
DeleteUrlCacheGroup
HttpAddRequestHeadersW
InternetSetCookieA
FtpDeleteFileA
InternetSetOptionExA
FindNextUrlCacheEntryW
FtpFindFirstFileW
InternetAutodialHangup
FtpPutFileW
HttpEndRequestA
InternetErrorDlg
InternetTimeFromSystemTime
FtpCreateDirectoryA
InternetSetOptionW
HttpSendRequestExW
FindNextUrlCacheEntryA
RetrieveUrlCacheEntryFileA
HttpSendRequestW
HttpOpenRequestA
FtpGetFileA
GetUrlCacheEntryInfoExW
InternetReadFile
FtpSetCurrentDirectoryW
FindCloseUrlCache
FtpRemoveDirectoryA
HttpSendRequestA
InternetSetFilePointer
FtpGetFileW
InternetCrackUrlW
GetUrlCacheEntryInfoW
FtpSetCurrentDirectoryA
GopherGetAttributeW
HttpEndRequestW
InternetTimeToSystemTime
InternetCombineUrlA
InternetSetStatusCallback
InternetGetCookieA
InternetLockRequestFile
InternetCanonicalizeUrlW
FindFirstUrlCacheEntryW
InternetSetCookieW
InternetCloseHandle
InternetReadFileExW
InternetOpenUrlW
FtpOpenFileW
InternetDial
GopherFindFirstFileW
InternetGoOnline
InternetOpenW
GetUrlCacheEntryInfoA
InternetQueryOptionA
FindNextUrlCacheEntryExA
HttpOpenRequestW
HttpAddRequestHeadersA
InternetConfirmZoneCrossing
InternetReadFileExA
GopherOpenFileA
InternetCreateUrlA
InternetQueryDataAvailable
InternetOpenUrlA
FindFirstUrlCacheEntryA
CommitUrlCacheEntryA
InternetCanonicalizeUrlA
RetrieveUrlCacheEntryStreamW
SetUrlCacheEntryInfoA
GopherGetAttributeA
InternetGetCookieW
UnlockUrlCacheEntryStream
InternetConnectA
HttpSendRequestExA
GopherFindFirstFileA
HttpQueryInfoA
GopherCreateLocatorA
InternetWriteFile
SetUrlCacheEntryGroup
FindFirstUrlCacheEntryExW
FtpRenameFileW
FindFirstUrlCacheEntryExA
FtpGetCurrentDirectoryA

shlwapi

SHDeleteValueW
PathRemoveFileSpecA
PathIsContentTypeW
SHRegGetBoolUSValueW
SHQueryInfoKeyW
PathAddBackslashA
StrTrimA
StrCpyW
PathGetDriveNumberW
PathCommonPrefixW
PathFileExistsA
SHRegEnumUSValueW
PathAppendA
StrCSpnW
StrCmpIW
PathBuildRootA
PathMatchSpecA
PathFindExtensionW
PathStripPathA
PathRemoveBlanksA
PathFindFileNameA
StrPBrkW
PathIsUNCServerShareW
PathMakePrettyW
PathFindOnPathW
SHQueryValueExW
StrCmpW
PathSkipRootA
SHDeleteEmptyKeyA
PathFindExtensionA
PathIsRelativeA
PathIsUNCServerW
StrFormatByteSizeA
PathIsSystemFolderW
PathCommonPrefixA
PathIsUNCW
PathCanonicalizeW
PathRenameExtensionW
PathRemoveExtensionA
PathQuoteSpacesW
PathFindOnPathA
PathAddBackslashW
PathAppendW
PathRemoveBackslashA
SHRegCreateUSKeyW
PathIsUNCA
SHDeleteKeyW
StrNCatA
StrToIntW
SHGetValueW
SHRegDeleteEmptyUSKeyW
PathCompactPathExA
PathUnquoteSpacesA
StrDupW
PathCombineW
PathStripToRootA
SHEnumKeyExW
StrPBrkA
PathCombineA
SHQueryValueExA
PathMatchSpecW
PathCompactPathExW
SHRegWriteUSValueW
SHEnumValueW
PathSetDlgItemPathW
SHDeleteEmptyKeyW
SHDeleteKeyA
PathIsSameRootW
SHRegDeleteUSValueW
SHRegCloseUSKey
SHEnumKeyExA
PathRemoveArgsW
StrFormatByteSizeW
PathIsSameRootA
PathRemoveFileSpecW
PathCompactPathW
StrTrimW
PathFileExistsW
PathAddExtensionA

advapi32

InitializeSecurityDescriptor
RegQueryInfoKeyW
QueryServiceConfigW
RegRestoreKeyW
StartServiceA
AddAce
RegCreateKeyExW
RegisterEventSourceA
StartServiceCtrlDispatcherW
CreateServiceW
RegisterServiceCtrlHandlerA
InitializeSid
SetSecurityDescriptorOwner
RegCreateKeyExA
RevertToSelf
ChangeServiceConfigW
LookupAccountNameW
RegSetValueExW
RegUnLoadKeyW
RegCreateKeyW
RegSetValueExA
SetEntriesInAclW
LookupPrivilegeValueW
GetSidSubAuthorityCount
SetSecurityDescriptorSacl
LsaFreeMemory
CloseServiceHandle
GetSidIdentifierAuthority
GetKernelObjectSecurity
RegQueryValueA
RegQueryValueW
RegSetValueA
CreateProcessAsUserW
SetFileSecurityA
RegDeleteKeyA
RegEnumKeyW
DeleteService
RegCloseKey
StartServiceCtrlDispatcherA
OpenSCManagerA
LsaQueryInformationPolicy
QueryServiceStatus
SetSecurityDescriptorGroup
GetAce
RegOpenKeyExW
ReportEventA

urlmon

URLOpenPullStreamW
ReleaseBindInfo
HlinkGoBack
CreateURLMoniker
HlinkSimpleNavigateToMoniker
RevokeBindStatusCallback
FindMimeFromData
CoGetClassObjectFromURL
URLOpenBlockingStreamW
CoInternetGetSecurityUrl
UrlMkSetSessionOption
FindMediaType
HlinkNavigateString
SetSoftwareUpdateAdvertisementState
CopyBindInfo
CoInternetCreateZoneManager
CreateAsyncBindCtxEx
GetClassURL
IsAsyncMoniker
ObtainUserAgentString
CreateFormatEnumerator

kernel32

UTRegister
ReplaceFileW

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a5b0299f8bee5fea08ed11eb73d0841

Headers

File Characteristics

Imports

gdi32

user32

wininet

shlwapi

advapi32

urlmon

kernel32

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 33KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 11KB