02a0dc58c88f19189d46e6c6c6642c30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02a0dc58c88f19189d46e6c6c6642c30_JaffaCakes118
Size

455KB
MD5

02a0dc58c88f19189d46e6c6c6642c30
SHA1

28eb25508c1e848737498c5ef953706b68f3e62a
SHA256

e591b98c14047d413f958e882323ff75e83a01f5993223260993dcabe258981c
SHA512

3cc18b66ee0699932f6113669477fe8860f1007c194a933c9ed0452929340ba8545e0cd29901d766bdb499b1d52c80dd6c3369c051e243c54e3c6be54d312569
SSDEEP

12288:Sy4RRZIdfWuzgt3MA8c1xadunZqMzlA6B4zzDP:aIhWFZMMxwunZqK3B07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02a0dc58c88f19189d46e6c6c6642c30_JaffaCakes118

Files

02a0dc58c88f19189d46e6c6c6642c30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6204f688dc17c82e59150551d98681b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoExA
SetUrlCacheEntryGroupA
InternetCreateUrlA
FindNextUrlCacheEntryW
RetrieveUrlCacheEntryStreamW
InternetGetConnectedStateEx
InternetSetDialStateW
SetUrlCacheEntryInfoA
FtpRemoveDirectoryW
InternetConnectW
CreateUrlCacheContainerW
GopherFindFirstFileW
GetUrlCacheHeaderData
InternetOpenUrlW
ReadUrlCacheEntryStream
FtpGetCurrentDirectoryA
InternetReadFile
IsUrlCacheEntryExpiredW
InternetDialW

gdi32

GetTextMetricsA
FloodFill
GetObjectType

shell32

SHFileOperationW
DragQueryFile
SHGetDesktopFolder
SHChangeNotify
ShellExecuteA
SHEmptyRecycleBinA
SHGetNewLinkInfo
InternalExtractIconListW

user32

SetMenu
CreateMenu
DlgDirListW
FreeDDElParam
MessageBoxA
UnloadKeyboardLayout
IsCharAlphaNumericA
GetPropA
CreateAcceleratorTableA
EnumPropsExA
GetUserObjectInformationW
DdeInitializeW
UnregisterClassA
GetDlgItemInt
EqualRect
RealChildWindowFromPoint
SetParent
DdeQueryConvInfo
FindWindowW
SetFocus
GetActiveWindow
GetScrollInfo
OpenWindowStationW
CharLowerBuffA
DrawFocusRect

kernel32

InterlockedIncrement
GetCurrentProcessId
GetLastError
TlsSetValue
UnhandledExceptionFilter
QueryPerformanceCounter
GetCPInfo
GetVersionExA
GetUserDefaultLCID
GetCommandLineA
OpenSemaphoreA
SetLastError
GetCurrentThread
WaitForMultipleObjectsEx
SetUnhandledExceptionFilter
IsValidLocale
GetTickCount
HeapSize
GetTimeFormatA
SetConsoleTextAttribute
GetEnvironmentStringsW
HeapReAlloc
GetSystemInfo
InterlockedExchange
Sleep
GetModuleHandleA
SetEnvironmentVariableA
TlsGetValue
TlsFree
EnterCriticalSection
AddAtomA
GlobalGetAtomNameW
FlushFileBuffers
GetDateFormatA
WriteFile
GetLocaleInfoA
GetSystemTimeAsFileTime
GetProcAddress
LCMapStringA
HeapAlloc
HeapDestroy
GetStdHandle
GetModuleFileNameA
HeapCreate
GetFileType
CreateProcessA
VirtualFree
HeapFree
lstrcmpiW
GetStringTypeW
CopyFileA
TryEnterCriticalSection
IsValidCodePage
TerminateProcess
GetStartupInfoW
GetCurrentProcess
VirtualQuery
InterlockedDecrement
FindFirstFileW
SetConsoleCtrlHandler
SetComputerNameA
VirtualProtectEx
EnumSystemLocalesA
WideCharToMultiByte
GetCurrentThreadId
LCMapStringW
LeaveCriticalSection
GetLocalTime
VirtualAlloc
InitializeCriticalSection
GetACP
IsDebuggerPresent
FreeLibrary
GetProcessHeap
GetEnvironmentStrings
GetLocaleInfoW
DeleteCriticalSection
CompareStringA
ExitProcess
GetOEMCP
FreeEnvironmentStringsW
SetHandleCount
MultiByteToWideChar
RtlUnwind
TlsAlloc
SetThreadContext
MoveFileExW
GetStringTypeA
GetStartupInfoA
lstrlen
GetTimeZoneInformation
CompareStringW
LoadLibraryA
FreeEnvironmentStringsA

comdlg32

LoadAlterBitmap
ReplaceTextW
GetSaveFileNameW
ChooseFontA
ChooseFontW
PageSetupDlgW
PrintDlgW
PageSetupDlgA
GetOpenFileNameA
ChooseColorA
ReplaceTextA
FindTextW
FindTextA
GetFileTitleW
GetFileTitleA

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6204f688dc17c82e59150551d98681b6

Headers

File Characteristics

Imports

wininet

gdi32

shell32

user32

kernel32

comdlg32

Sections

.text Size: 169KB - Virtual size: 169KB

.data Size: 277KB - Virtual size: 299KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 169KB - Virtual size: 169KB

.data
Size: 277KB - Virtual size: 299KB

.rsrc
Size: 8KB - Virtual size: 7KB