a50cefc83739a0b57c4251351be37895_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a50cefc83739a0b57c4251351be37895_JaffaCakes118
Size

834KB
MD5

a50cefc83739a0b57c4251351be37895
SHA1

15c58f4e51a509b90b18c1adf334cb264091020c
SHA256

b0ec8a13ebb49b63381be54e6ca1bee7366ff1fced80b24969e0da0cfbfbe623
SHA512

b9a176bd85ab9b9a4044681aec16462bc71d5cfc6f17ce5d27e1c2830dd2e6becb01ab8e2c9e27bd00b599e2f4576b3fdd3667e1fc918f433e1f70f0d366c52f
SSDEEP

12288:nwtXWFkgcgFRQBWMY427qFCIWXVNznKBRBq8BZhrnkNUNTgd384:4XqFRYup7Qg9nKBRBLtrnkNUpgd38

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a50cefc83739a0b57c4251351be37895_JaffaCakes118

Files

a50cefc83739a0b57c4251351be37895_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f39039f94f71e896f67f478524e92749

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesW
ReadFile
GetSystemDirectoryA
CreateFileW
lstrlenW
WritePrivateProfileStringW
SetFileAttributesA
FindNextFileW
LocalFree
SetFileAttributesW
ExitProcess
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
SetEvent
GetSystemDirectoryW
TerminateProcess
GetTempFileNameA
FindClose
GetLocalTime
Process32FirstW
WritePrivateProfileStringA
CreateFileMappingW
CreateEventW
GetModuleFileNameA
Process32NextW
CreateToolhelp32Snapshot
CreateMutexW
SetUnhandledExceptionFilter
GetModuleFileNameW
SetCurrentDirectoryW
GetCurrentThreadId
GetCurrentProcessId
GetModuleHandleW
LoadLibraryW
GetTempPathW
GetProcAddress
MoveFileW
DeleteFileW
InterlockedIncrement
DosDateTimeToFileTime
SystemTimeToFileTime
GetCurrentDirectoryW
GetFileType
OutputDebugStringW
GetComputerNameW
FindFirstFileW
GetFileSize
GetModuleHandleA
lstrlenA
WriteConsoleW
SetStdHandle
LoadLibraryExW
LCMapStringW
CompareStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
MoveFileExW
FlushFileBuffers
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
RtlUnwind
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetStdHandle
GetModuleHandleExW
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
GetEnvironmentVariableW
MultiByteToWideChar
WideCharToMultiByte
CreateThread
DeleteFileA
GetTempPathA
CloseHandle
WaitForMultipleObjects
CreateDirectoryA
CreateProcessA
Sleep
InitializeCriticalSection
WriteFile
GetTickCount
WaitForSingleObject
InterlockedDecrement
SetEndOfFile
SetFilePointer
CreateFileA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
HeapReAlloc
GetLastError
InterlockedExchange
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
AreFileApisANSI
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
ResumeThread
ExitThread
EncodePointer
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemInfo
IsDebuggerPresent
HeapAlloc
SetEnvironmentVariableA

user32

SetWindowPos
GetDesktopWindow
SetWindowLongW
EnableMenuItem
ReleaseDC
GetWindowTextW
GetWindowLongW
LoadMenuW
GetCursorPos
RegisterClassExW
TranslateMessage
GetDC
BeginPaint
SetRectEmpty
CharNextA
LoadCursorW
GetSubMenu
DrawTextA
KillTimer
FillRect
TrackPopupMenu
PostQuitMessage
ShowWindow
IsWindow
CreateWindowExW
GetSystemMetrics
IsWindowVisible
SetWindowTextA
SendMessageW
UpdateWindow
DefWindowProcW
GetMessageW
SetTimer
GetSystemMenu
SetCursor
SetRect
PtInRect
MessageBoxW
EndPaint
SetForegroundWindow
EnableWindow
DestroyWindow
CopyRect
DispatchMessageW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
LoadIconW

gdi32

GetTextExtentPoint32A
EnumFontsW
SetTextColor
FrameRgn
SetBkMode
CreateFontW
GetDIBColorTable
CreateRoundRectRgn
CreateSolidBrush
TextOutA
BitBlt
DeleteDC
CreateDIBSection
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
StretchBlt

advapi32

ConvertSidToStringSidW
RegisterEventSourceA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyExW
LookupAccountNameW
RegQueryValueExW
RegQueryValueExA
DeregisterEventSource
ReportEventA

shell32

ord165
Shell_NotifyIconW
SHGetSpecialFolderPathA
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CLSIDFromString

oleaut32

GetErrorInfo
SysFreeString
SysAllocString
VariantClear
VariantInit

ws2_32

send
inet_addr
inet_ntoa
gethostbyname
closesocket
socket
recv
connect
__WSAFDIsSet
shutdown
WSAGetLastError
select
WSAStartup
ioctlsocket
getpeername
sendto
recvfrom
setsockopt
htons

shlwapi

StrStrIW
PathAppendW
PathFileExistsA
PathFileExistsW
StrStrIA
PathIsDirectoryW
PathRemoveFileSpecW

gdiplus

GdipGetImagePalette
GdipGetImageHeight
GdipBitmapUnlockBits
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromStream
GdipDisposeImage
GdipGetImagePaletteSize
GdipBitmapLockBits
GdipCloneImage
GdipGetImageWidth
GdiplusStartup
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipAlloc
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipFree

msimg32

TransparentBlt
AlphaBlend

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyA
SetupIterateCabinetW
SetupDiDestroyDeviceInfoList

d3d9

Direct3DCreate9

iphlpapi

GetAdaptersInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

urlmon

URLDownloadToFileW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f39039f94f71e896f67f478524e92749

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

shlwapi

gdiplus

msimg32

setupapi

d3d9

iphlpapi

version

urlmon

dbghelp

Sections

.text Size: 362KB - Virtual size: 362KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 276KB - Virtual size: 292KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 21KB - Virtual size: 21KB

.text
Size: 362KB - Virtual size: 362KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 276KB - Virtual size: 292KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 21KB - Virtual size: 21KB