0456be9db9f7c58b8a84bd8eb20718b7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0456be9db9f7c58b8a84bd8eb20718b7_JaffaCakes118
Size

195KB
MD5

0456be9db9f7c58b8a84bd8eb20718b7
SHA1

d696035868d7c03b68f0625dc96a24ca6b579227
SHA256

e0dde99759509723f542373c23c113bcdee8bea186b2ceb98ae1bcfe519ca790
SHA512

04db0b07e109e6d1caadcecb83022352542e0b36849d9ea42040ffa428fefa7d06161d1c3502710f7edc47d75664fe5b534ed7da12529f4191c894916acc8258
SSDEEP

6144:EWdcwTYC4CX1YatV19BFOa6wIyrZ3Li4puNFDk:RdcwTYC4IdPyIti40NF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0456be9db9f7c58b8a84bd8eb20718b7_JaffaCakes118

Files

0456be9db9f7c58b8a84bd8eb20718b7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

266aeb0528226c5792a4b32760a38dff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GlobalAddAtomW
CreateFileMappingW
GetTimeZoneInformation
SetSystemTime
BeginUpdateResourceA
GetProcessVersion
WriteConsoleOutputAttribute
CreateThread
CreateFileW
Module32Next
EnumCalendarInfoExW
GetFileInformationByHandle
FoldStringA
LocalFlags
CompareStringA
TryEnterCriticalSection
GetNamedPipeHandleStateW
FlushInstructionCache
FileTimeToDosDateTime
TlsFree
GetThreadPriorityBoost
GetModuleHandleW
GetFileAttributesA
ReadConsoleA
GlobalDeleteAtom
GetThreadTimes
FindNextFileA
GetConsoleOutputCP
GetShortPathNameW
DeleteFileW
EnumCalendarInfoA
GetStdHandle
LocalReAlloc
OpenProcess
ReadConsoleOutputCharacterA
GetFileSize
GlobalReAlloc
OpenFileMappingA
FlushViewOfFile
FindAtomA
DuplicateHandle
ContinueDebugEvent
ReadConsoleOutputW
GetAtomNameA
SetConsoleTextAttribute
UnhandledExceptionFilter
InitAtomTable
CreateMailslotW
GlobalFix
GetLogicalDrives
VirtualUnlock
SetConsoleMode
HeapUnlock
LeaveCriticalSection
TerminateThread
FreeConsole
OutputDebugStringA
GetUserDefaultLangID
RemoveDirectoryW
DefineDosDeviceA
IsValidLocale
GlobalGetAtomNameA
GetSystemDirectoryW
GetCompressedFileSizeA
MoveFileA
GlobalMemoryStatus
GetStartupInfoA
GetCalendarInfoA
LoadLibraryExA
WritePrivateProfileStringA
GetSystemTime
GetProfileStringW
GetProcessTimes
FreeLibraryAndExitThread
CreateConsoleScreenBuffer
MapViewOfFileEx
InitializeCriticalSectionAndSpinCount
ExitThread
GetCommandLineW
Heap32ListFirst
GetPrivateProfileStructA
ReadConsoleInputA
WriteFileEx
IsDebuggerPresent
SetFilePointer
GetLocaleInfoW
WriteConsoleA
WriteConsoleInputA
InterlockedExchangeAdd
WritePrivateProfileSectionW
VirtualFreeEx
WritePrivateProfileStringW
EnumDateFormatsW
CreateDirectoryW
CreateTapePartition
GetProcAddress
SetFileAttributesW
GetWriteWatch
GetConsoleTitleW
SetLastError
Heap32First
GetConsoleScreenBufferInfo
FindFirstFileA
lstrcpy
VirtualLock

wininet

GetUrlCacheEntryInfoExA
LoadUrlCacheContent
SetUrlCacheGroupAttributeA
InternetGetCertByURL
InternetQueryOptionA
CommitUrlCacheEntryA
FtpCommandA
InternetConnectW
IsUrlCacheEntryExpiredA
InternetShowSecurityInfoByURLA
UnlockUrlCacheEntryFileA
InternetWriteFileExW
DeleteUrlCacheEntryW
FindFirstUrlCacheContainerA
InternetReadFileExA
GetUrlCacheEntryInfoW
InternetAutodialHangup
InternetWriteFile
DeleteIE3Cache
FindFirstUrlCacheGroup
InternetAutodial
InternetConfirmZoneCrossingW
InternetGetConnectedStateExA
FindNextUrlCacheEntryA
DeleteUrlCacheEntryA
FtpDeleteFileW
GopherFindFirstFileA
GetUrlCacheEntryInfoExW
InternetReadFile
InternetGetCertByURLA
GetUrlCacheGroupAttributeA
SetUrlCacheEntryGroupA
HttpQueryInfoW
FtpRenameFileA
InternetTimeFromSystemTimeW
FindFirstUrlCacheEntryExW
UnlockUrlCacheEntryStream
InternetSetOptionExA
FindFirstUrlCacheEntryA
InternetDialA
InternetReadFileExW
InternetTimeToSystemTimeA
UnlockUrlCacheEntryFile
InternetLockRequestFile
SetUrlCacheEntryGroup
InternetSetOptionA
InternetOpenUrlA
FindNextUrlCacheGroup
HttpSendRequestA
GetUrlCacheHeaderData
InternetSetDialStateW
RunOnceUrlCache
InternetErrorDlg
InternetOpenUrlW
ResumeSuspendedDownload
InternetFortezzaCommand
FtpGetFileA
ShowSecurityInfo
IncrementUrlCacheHeaderData
CreateUrlCacheContainerW
FtpRemoveDirectoryW
SetUrlCacheEntryInfoW
InternetCreateUrlW
InternetAlgIdToStringW
InternetSetOptionExW
InternetConnectA
InternetSecurityProtocolToStringA
InternetQueryFortezzaStatus
FtpRenameFileW
HttpSendRequestW
GopherGetAttributeA
InternetConfirmZoneCrossing
GopherOpenFileA
HttpSendRequestExW
InternetCrackUrlW
InternetSetDialState
InternetWriteFileExA
InternetTimeFromSystemTimeA
InternetShowSecurityInfoByURL
FtpPutFileEx
DeleteUrlCacheContainerA
HttpAddRequestHeadersW
FindNextUrlCacheEntryExA
InternetGoOnlineA
DeleteUrlCacheEntry
InternetSecurityProtocolToStringW
InternetGetCookieW
FindFirstUrlCacheEntryW
InternetSetCookieW
HttpOpenRequestA
CreateUrlCacheEntryA
FindFirstUrlCacheEntryExA
FtpGetFileEx
InternetGetConnectedStateExW
SetUrlCacheEntryGroupW
UpdateUrlCacheContentPath
GetUrlCacheGroupAttributeW
InternetTimeToSystemTime
ShowCertificate
InternetFindNextFileA
InternetDialW
InternetCanonicalizeUrlA
GopherFindFirstFileW
HttpAddRequestHeadersA
FtpRemoveDirectoryA
GopherGetLocatorTypeA
ReadUrlCacheEntryStream
FreeUrlCacheSpaceA
RetrieveUrlCacheEntryStreamW
FtpGetFileSize
RetrieveUrlCacheEntryFileA
InternetCheckConnectionA
InternetSetOptionW
FtpOpenFileW
FtpSetCurrentDirectoryW
FindCloseUrlCache
GopherOpenFileW
InternetOpenA
InternetTimeFromSystemTime
HttpEndRequestA
InternetGoOnlineW
RegisterUrlCacheNotification
IsHostInProxyBypassList
InternetGetConnectedStateEx
FindNextUrlCacheContainerA
GopherCreateLocatorA
GopherCreateLocatorW
InternetCombineUrlA
InternetGetConnectedState
RetrieveUrlCacheEntryFileW
InternetGoOnline
HttpQueryInfoA
FtpPutFileW
GopherGetLocatorTypeW
SetUrlCacheGroupAttributeW
InternetCombineUrlW
InternetUnlockRequestFile
FtpGetCurrentDirectoryA
FindNextUrlCacheEntryExW
InternetSetCookieA
UnlockUrlCacheEntryFileW
SetUrlCacheConfigInfoA
HttpOpenRequestW
ShowX509EncodedCertificate
CreateUrlCacheEntryW
InternetCreateUrlA
FindNextUrlCacheEntryW
FtpCreateDirectoryA
FtpDeleteFileA
SetUrlCacheEntryInfoA
SetUrlCacheHeaderData
InternetDial
SetUrlCacheConfigInfoW
InternetQueryOptionW
InternetAttemptConnect
HttpEndRequestW
FtpSetCurrentDirectoryA
InternetTimeToSystemTimeW

gdi32

BitBlt
SetDIBColorTable
PlayMetaFileRecord
AbortPath
PlayMetaFile
EnumObjects
GetSystemPaletteEntries
SetTextAlign
RemoveFontResourceW
GetPixel
ResetDCA
GetNearestPaletteIndex
SetColorSpace
SetDeviceGammaRamp
GetDIBits
GetClipBox
GetFontData
RectVisible
StretchDIBits
GetTextExtentPointW
UpdateICMRegKeyA
EnumFontFamiliesW
GetMetaFileBitsEx
OffsetViewportOrgEx
CreateMetaFileW
GetTextExtentPoint32W
GetGlyphOutline
GetBkColor
WidenPath
RectInRegion
CreateEnhMetaFileW
CreateCompatibleDC
PlayEnhMetaFile
CreateFontW
StartDocA
ColorCorrectPalette
GetWinMetaFileBits
SetMagicColors
GetFontLanguageInfo
SetViewportExtEx
GetTextExtentExPointW
OffsetRgn
Polyline
DeleteMetaFile
RestoreDC
DeleteDC
SetArcDirection
GetWindowOrgEx
CreatePenIndirect
ChoosePixelFormat
CreateRectRgnIndirect
CreateDIBPatternBrush
SetPixel
GetKerningPairs
GetObjectW
GetGraphicsMode
GetGlyphOutlineA
GetRasterizerCaps
GetEnhMetaFileBits
ResizePalette
UpdateICMRegKeyW
CancelDC
CopyMetaFileW
GetEnhMetaFileDescriptionA
GetMiterLimit
GetCharWidthW
SetPaletteEntries
SwapBuffers
OffsetClipRgn
GdiFlush
GetCharABCWidthsA
CreateDIBitmap
PatBlt
CreateDIBPatternBrushPt
DeleteColorSpace
CreateFontA
EndPage
EnumEnhMetaFile
GetEnhMetaFileA
DeleteEnhMetaFile
ExtSelectClipRgn
GetICMProfileA
GetKerningPairsA
ExcludeClipRect
PolyTextOutW
GetPath
GetViewportOrgEx
EnumFontsA
CreateDiscardableBitmap
CreatePolyPolygonRgn
PlgBlt
GetTextExtentExPointA
CreateDIBSection
PolyTextOutA
GetCharacterPlacementA
RemoveFontResourceA
Polygon
GetWorldTransform
GetDIBColorTable
EndDoc
EnumFontsW
ExtEscape
FixBrushOrgEx
SetAbortProc
CreateSolidBrush
FlattenPath
PolyPolygon
CopyEnhMetaFileW
SetMetaRgn
LPtoDP
SaveDC
CreateDCA
CreateICA
ExtFloodFill
GetLogColorSpaceA
AddFontResourceW
gdiPlaySpoolStream
GetTextMetricsW
GetPolyFillMode
Rectangle
PolyBezierTo
BeginPath
GetViewportExtEx
GetTextColor
GetCharABCWidthsFloatA
GetStockObject
EnumICMProfilesA
CreatePen
EnumFontFamiliesExW
SetPixelFormat
SetDIBits
GetEnhMetaFileDescriptionW
GdiGetBatchLimit
GetDeviceCaps
SetWinMetaFileBits
Ellipse
GetMetaFileA
CreateICW
GetClipRgn
CombineTransform
PolyPolyline
SetBoundsRect
CreateRoundRectRgn
SetWorldTransform
PtInRegion
SetDIBitsToDevice
GetColorSpace
PtVisible
ExtCreateRegion
CreateScalableFontResourceA
CreateBitmap
ArcTo
GetLogColorSpaceW
GetPaletteEntries
GetROP2
SetMapMode
GetLayout
GetCharWidth32W
SetICMProfileA
DescribePixelFormat
SetBkColor
CreateCompatibleBitmap
SetPolyFillMode
PlayEnhMetaFileRecord
GetBoundsRect
GetBkMode
TextOutA
Chord
FrameRgn
GetEnhMetaFilePaletteEntries
GetTextCharacterExtra
PathToRegion
CreatePalette
PolyBezier
SetRectRgn
SetBitmapBits
GetArcDirection
GetCharABCWidthsW
DPtoLP
CreateBitmapIndirect
SetBkMode
FillPath
StrokePath
CreateColorSpaceA
GetDeviceGammaRamp
SetGraphicsMode
SetStretchBltMode
Arc
CloseMetaFile
PolylineTo
GetCharWidthA
GetCurrentPositionEx
InvertRgn
CreateColorSpaceW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

266aeb0528226c5792a4b32760a38dff

Headers

File Characteristics

Imports

kernel32

wininet

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.data Size: 92KB - Virtual size: 92KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 89KB - Virtual size: 88KB

.data
Size: 92KB - Virtual size: 92KB

.reloc
Size: 12KB - Virtual size: 12KB