03d8b3a5b3de7455969875637b292b69_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03d8b3a5b3de7455969875637b292b69_JaffaCakes118
Size

600KB
MD5

03d8b3a5b3de7455969875637b292b69
SHA1

485a12db0d578155e8fd0469fd1ea5c73f5f29aa
SHA256

728553d4666d6e641322524735870eedb6dea3e5b0d52f6ba39b38fc79c8189d
SHA512

58d7bef24d79c7af1215c4bdded8dd3245cf73ccde19d5171cd319d8afebfe89dd71cc64b2edc1264f215a7d5e77839f96f012fc57c7f345e84ea84ea7b14a09
SSDEEP

12288:sDK6r+G+Fd9yoO3HAavKNIfaxl6D7rJsQVNzTGyB6:YKS+HFd9yoOX3vnglk7WmNzTG9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03d8b3a5b3de7455969875637b292b69_JaffaCakes118

Files

03d8b3a5b3de7455969875637b292b69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc40bd2d2ccf91b2e0728c907a6314d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

wininet

InternetAutodial
HttpQueryInfoW
IsUrlCacheEntryExpiredA
InternetReadFileExW
FtpCommandW
InternetGetConnectedStateExW
SetUrlCacheGroupAttributeA
FindFirstUrlCacheEntryExA

comctl32

CreateStatusWindowW
ImageList_SetIconSize
CreatePropertySheetPage
ImageList_DrawIndirect
ImageList_GetFlags
ImageList_SetDragCursorImage
InitCommonControlsEx
CreateToolbar
ImageList_SetImageCount
ImageList_Create
ImageList_Replace
ImageList_Merge
ImageList_Destroy
ImageList_GetImageInfo
ImageList_Read

user32

wvsprintfA
IsWindowUnicode
DdeGetLastError
DrawIconEx
InsertMenuW
ShowCursor
ShowWindow
SetDoubleClickTime
CreateWindowStationW
DdeDisconnect
CreateIcon
DestroyMenu
FindWindowA
GetDlgItemInt
OpenIcon
UnregisterHotKey
MessageBoxW
EnumDisplayMonitors
RegisterClassA
CreateDialogParamW
CreateWindowExA
CharUpperW
CreateDialogParamA
IsWindowEnabled
DestroyWindow
DefWindowProcA
EnumDisplaySettingsA
FrameRect
EnumDisplaySettingsW
SetSysColors
GetPropA
ActivateKeyboardLayout
RemoveMenu
RegisterClassExA
LoadStringA
UnhookWindowsHookEx
EnumDesktopWindows
PostThreadMessageA
MapVirtualKeyExA

shell32

ShellAboutW
FreeIconList
SheChangeDirExW
SHInvokePrinterCommandW
SHEmptyRecycleBinA

advapi32

AbortSystemShutdownA
CryptSetProviderExA
CryptDestroyKey
LookupSecurityDescriptorPartsA
RegConnectRegistryW
LookupPrivilegeDisplayNameW
CryptSetProviderA
CreateServiceA
RegEnumValueA

kernel32

CopyFileA
SystemTimeToTzSpecificLocalTime
CreateProcessW
TlsAlloc
GetTimeFormatA
SetStdHandle
MultiByteToWideChar
GetModuleFileNameA
GetCurrentThreadId
GetCommandLineA
InterlockedIncrement
AllocConsole
CloseHandle
MapViewOfFileEx
ReadFile
SetUnhandledExceptionFilter
CreateFileA
GetConsoleCP
SetFilePointer
FreeEnvironmentStringsW
TlsFree
LCMapStringA
FlushFileBuffers
GetCPInfo
InterlockedExchange
HeapCreate
RaiseException
GetStringTypeA
HeapSize
FreeEnvironmentStringsA
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
LocalHandle
WideCharToMultiByte
GetStringTypeW
DeleteCriticalSection
LoadLibraryA
GetEnvironmentStringsW
QueryPerformanceCounter
CreateMutexA
SetHandleCount
IsValidCodePage
TlsSetValue
RtlUnwind
GetConsoleOutputCP
TlsGetValue
CreateEventW
HeapReAlloc
GetSystemTimeAsFileTime
LeaveCriticalSection
HeapAlloc
HeapFree
GetPriorityClass
SetEnvironmentVariableA
SetLastError
EnumSystemLocalesA
GetDateFormatA
CompareStringA
GetTimeZoneInformation
lstrlenA
GetUserDefaultLCID
GetModuleHandleW
ExitProcess
SetConsoleCtrlHandler
LCMapStringW
GetCurrentProcessId
GetProfileIntA
ReadConsoleW
WriteConsoleW
FindClose
OpenMutexA
EnterCriticalSection
WriteConsoleA
GetStdHandle
GetLocaleInfoA
GetOEMCP
FreeLibrary
GetFileType
VirtualQuery
CompareStringW
GetEnvironmentStrings
SetLocaleInfoA
VirtualFree
GetACP
WriteFile
FillConsoleOutputCharacterA
IsValidLocale
GetLocaleInfoW
GetTickCount
InterlockedDecrement
GetCurrentProcess
GetStartupInfoA
GetProcAddress
IsDebuggerPresent
VirtualAlloc
GetModuleHandleA
AddAtomA
GetCommandLineW
GetConsoleMode
GetCurrentThread
UnhandledExceptionFilter
GetLastError
HeapDestroy

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 266KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc40bd2d2ccf91b2e0728c907a6314d5

Headers

File Characteristics

PDB Paths

Imports

wininet

comctl32

user32

shell32

advapi32

kernel32

Sections

.text Size: 198KB - Virtual size: 197KB

.rdata Size: 266KB - Virtual size: 265KB

.data Size: 108KB - Virtual size: 136KB

.rsrc Size: 27KB - Virtual size: 27KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 266KB - Virtual size: 265KB

.data
Size: 108KB - Virtual size: 136KB

.rsrc
Size: 27KB - Virtual size: 27KB