8d7cb853406b833db1820e68fbff50f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d7cb853406b833db1820e68fbff50f3_JaffaCakes118
Size

116KB
MD5

8d7cb853406b833db1820e68fbff50f3
SHA1

bda37489d36bc2186854d6d91cd847095495c9fc
SHA256

83e1c01065959cb9e76d0b3d16dfebe1254f736b90d1c5c800d5ed422f92b2fd
SHA512

be1ba0c166d22f29558750950e31d4f7d09c2c1c07cfb456bd85612a51c18ad0d29f286dc18f8d130cd9db1a4cf7438072a705a681992b726dec4c4cd0819cbb
SSDEEP

1536:R3u1DBHbYvJEk1J8k0KCqx7SAm13MgcXj5R3ecYkightJIAvl:6DB7YSkqa/5R3ecYkJtJIAvl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d7cb853406b833db1820e68fbff50f3_JaffaCakes118

Files

8d7cb853406b833db1820e68fbff50f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a82f2756f36ba9889589d058f1a84aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

r:\data\trunk2\setuptools\Setup\Release\Setup.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

comctl32

InitCommonControlsEx

urlmon

URLDownloadToCacheFileA

wininet

InternetCanonicalizeUrlA
DeleteUrlCacheEntry
InternetSetOptionA

kernel32

GetConsoleMode
GetConsoleCP
DeleteFileA
InterlockedExchange
GetVersion
MultiByteToWideChar
lstrlenA
GetLastError
WriteFile
InterlockedIncrement
WideCharToMultiByte
CreateFileA
SetStdHandle
GetEnvironmentVariableA
CompareStringW
CompareStringA
CloseHandle
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
FreeLibrary
SetCurrentDirectoryA
GetProcAddress
LoadLibraryA
GetExitCodeProcess
CreateProcessA
GetSystemDirectoryA
VerifyVersionInfoA
GlobalFree
FindResourceA
LockResource
InterlockedDecrement
LoadResource
VerSetConditionMask
GetSystemInfo
GetCurrentProcess
CreateMutexA
OutputDebugStringA
GetVersionExA
FormatMessageA
LocalFree
GlobalAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapSize
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetSystemTimeAsFileTime
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
SetFilePointer
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
Sleep
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
HeapAlloc
VirtualAlloc
GetModuleHandleA
HeapFree
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException

user32

CharNextA
MsgWaitForMultipleObjects
SetForegroundWindow
DispatchMessageA
LoadIconA
SystemParametersInfoA
GetSystemMetrics
SetFocus
SetWindowTextA
SendMessageA
SetDlgItemTextA
IsDialogMessageA
MoveWindow
TranslateMessage
PeekMessageA
GetDlgItem
DestroyWindow
SetCursor
GetWindowRect
ShowWindow
CreateDialogParamA
ExitWindowsEx
CharPrevA
MessageBoxA
LoadStringA
LoadCursorA

advapi32

RegCloseKey
FreeSid
AllocateAndInitializeSid
RegOpenKeyExA
RegQueryValueExA

winhttp

WinHttpCloseHandle
WinHttpOpenRequest
WinHttpSendRequest
WinHttpConnect
WinHttpReadData
WinHttpQueryHeaders
WinHttpOpen
WinHttpCrackUrl
WinHttpReceiveResponse
WinHttpSetOption

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a82f2756f36ba9889589d058f1a84aca

Headers

File Characteristics

PDB Paths

Imports

version

comctl32

urlmon

wininet

kernel32

user32

advapi32

winhttp

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 16KB - Virtual size: 12KB