9f1758b2ae66219c4a9149e8ef03957d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9f1758b2ae66219c4a9149e8ef03957d_JaffaCakes118
Size

585KB
MD5

9f1758b2ae66219c4a9149e8ef03957d
SHA1

18b54d98acc19e1c7465fe5872f748568106bfb8
SHA256

ba44bf89c615e7f9eb67daceae9c318f03d968c8616b9c259d5e35e937b488b6
SHA512

2525f02e1819da9688aa6ca47eed4dc19034ae47b3e596dac4c1f26142e7411bff54ca77c3f2f9f0900155044e7b8ffd3b93c2b4163dc01011a3df53d308a8d5
SSDEEP

3072:E1eZxSeSWZljGU4+SR94iQy5RRVtUS9Sq7+mpTrcZRLAB:RIQlZGRdVtP9dTrCAB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f1758b2ae66219c4a9149e8ef03957d_JaffaCakes118

Files

9f1758b2ae66219c4a9149e8ef03957d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6b13ecb0308021d0b1f4ff32bb652cb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

wininet

InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetCloseHandle
InternetOpenW
InternetReadFile

shlwapi

PathRemoveFileSpecW
PathCombineW
PathIsDirectoryW
PathFileExistsW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

iphlpapi

GetAdaptersInfo

kernel32

LCMapStringW
LCMapStringA
InitializeCriticalSectionAndSpinCount
CreateThread
Sleep
CreateMutexW
GetUserDefaultUILanguage
FreeLibrary
GetProcAddress
LoadLibraryW
GetVersionExW
GetModuleFileNameW
WaitForSingleObject
SetThreadExecutionState
GetLocalTime
CloseHandle
lstrcpyW
DeleteFileW
SetFileAttributesW
GetFileAttributesExW
DeviceIoControl
CreateFileW
GlobalMemoryStatus
GetLastError
CreateDirectoryW
RemoveDirectoryW
FindClose
FindNextFileW
FindFirstFileW
SystemTimeToFileTime
GetSystemInfo
GetSystemDirectoryW
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
HeapSize
GetModuleHandleA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
GetOEMCP
GetACP
ExitProcess
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetCPInfo
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetStartupInfoA
LoadLibraryA
SetFilePointer
SetStdHandle
FlushFileBuffers
WriteConsoleA
WriteConsoleW
GetConsoleOutputCP
SetEndOfFile
GetLocaleInfoW
GetProcessHeap
CreateFileA
GetCommandLineA
HeapAlloc
HeapFree
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime

user32

OpenClipboard
EmptyClipboard
CloseClipboard
GetDesktopWindow
SetForegroundWindow
LoadStringW
GetWindowTextW
DrawTextW
CallWindowProcW
DefWindowProcW
GetParent
ScreenToClient
SetCapture
GetCursorPos
GetWindowRect
SetWindowLongW
ReleaseCapture
PostMessageW
GetDlgItemInt
SetDlgItemInt
EndDialog
GetClientRect
DestroyWindow
BeginPaint
EndPaint
PostQuitMessage
SetDlgItemTextW
CheckDlgButton
EnableWindow
DialogBoxParamW
IsDlgButtonChecked
GetDlgItemTextW
SendDlgItemMessageW
SetCursor
MessageBoxW
LoadCursorW
CreateDialogParamW
LoadIconW
SendMessageW
ShowWindow
UpdateWindow
GetDlgItem
InvalidateRect
SetTimer
GetMessageW
DispatchMessageW
TranslateMessage
GetWindowLongW
SetClipboardData

gdi32

CreateFontIndirectW
SelectObject
SetTextColor
SetBkMode
DeleteObject
GetObjectW

comdlg32

GetSaveFileNameW

advapi32

RegCloseKey
RegOpenKeyExW

shell32

ShellExecuteW
ShellExecuteExW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize

oleaut32

VariantClear
VariantInit

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 435KB - Virtual size: 435KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b13ecb0308021d0b1f4ff32bb652cb6

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

wininet

shlwapi

version

iphlpapi

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 117KB - Virtual size: 116KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 30KB

.rsrc Size: 435KB - Virtual size: 435KB

.text
Size: 117KB - Virtual size: 116KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 30KB

.rsrc
Size: 435KB - Virtual size: 435KB