058f052390af416198d0c41efea47c42_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

058f052390af416198d0c41efea47c42_JaffaCakes118
Size

792KB
MD5

058f052390af416198d0c41efea47c42
SHA1

71eb3e2e8b455f8df79aadf540b129dfe4973fc2
SHA256

5ecd9538ea0ed02155602dce51c0bdf6b1f05967743ab29dd31649dd34a13baa
SHA512

f44f1d0259262de3760a85cdc909095f39f02fe8195f92054761e8e01e4db4276cd91c8b7efddc150a6bb026b3429b0ea21ced52520b25dee4f8e8f6c156f978
SSDEEP

24576:PoB/YUyc+SH1WNindkEDzKCtUTSXH0nCXeZ:Po9NANind+CtySXHLOZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
058f052390af416198d0c41efea47c42_JaffaCakes118

Files

058f052390af416198d0c41efea47c42_JaffaCakes118
.exe windows:4 windows x86 arch:x86

065c0e69ecfbedaaf633da43a154547b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetBkColor
InitCommonControlsEx
DrawInsert
ImageList_GetFlags
ImageList_Draw
ImageList_LoadImageW
ImageList_SetBkColor
InitMUILanguage
CreateStatusWindowW
CreatePropertySheetPageW
ImageList_Write
ImageList_ReplaceIcon
ImageList_SetIconSize
ImageList_DrawEx
CreateUpDownControl
CreateToolbarEx
ImageList_AddMasked
CreatePropertySheetPage
ImageList_EndDrag

user32

GetClassInfoW
WindowFromPoint
UnpackDDElParam
DefFrameProcW
ValidateRect
CreateWindowExA
InvertRect
GetClipCursor
KillTimer
DestroyWindow
CallMsgFilterW
DdeAbandonTransaction
UnhookWindowsHookEx
IsDialogMessage
ShowWindow
RegisterClassExA
GetClipboardFormatNameA
DefWindowProcW
ChangeClipboardChain
CreateAcceleratorTableW
MessageBoxW
ScrollDC
SetWindowLongW
MapVirtualKeyW
UnhookWinEvent
FrameRect
GetWindowThreadProcessId
SetDlgItemInt
RegisterClassA
DrawEdge
CopyAcceleratorTableW
GetProcessDefaultLayout

wininet

InternetCrackUrlA
InternetGetConnectedStateExA
InternetCheckConnectionW
InternetReadFile
ResumeSuspendedDownload
InternetSetDialState
DeleteIE3Cache
FindFirstUrlCacheEntryA

shell32

SHInvokePrinterCommandA
DragQueryFileW

kernel32

SetTimeZoneInformation
TerminateProcess
GetEnvironmentStringsW
IsValidLocale
OutputDebugStringA
LoadResource
GetLocaleInfoA
VirtualFree
GetTickCount
GetCurrencyFormatW
MultiByteToWideChar
IsValidCodePage
SetConsoleCtrlHandler
GetCurrentThread
ExitProcess
GetCPInfo
GetTimeZoneInformation
EnumSystemLocalesA
LocalHandle
GetStringTypeW
EnumResourceNamesW
AddAtomA
GetModuleFileNameW
HeapReAlloc
FreeEnvironmentStringsA
CreateMutexA
GetEnvironmentStrings
LCMapStringA
GetUserDefaultLangID
GetWindowsDirectoryA
GetDateFormatA
GetCommandLineA
GetSystemTime
GetUserDefaultLCID
IsBadReadPtr
GetPrivateProfileSectionNamesA
GetProcAddress
EnterCriticalSection
GetEnvironmentVariableW
SetLastError
LCMapStringW
GetVersion
CompareStringW
DebugBreak
WaitForMultipleObjects
CreateWaitableTimerA
WriteFile
GetSystemTimeAsFileTime
FlushFileBuffers
SetEnvironmentVariableA
TlsGetValue
HeapAlloc
SetHandleCount
LoadLibraryA
FillConsoleOutputCharacterW
lstrcpyn
HeapCreate
GetOEMCP
CompareStringA
GetStartupInfoA
InterlockedIncrement
GetProcessAffinityMask
TlsAlloc
GetStartupInfoW
HeapDestroy
GetFileType
GetModuleHandleW
TlsFree
CloseHandle
GetStdHandle
UnhandledExceptionFilter
GetACP
LeaveCriticalSection
WaitNamedPipeW
GetCurrentProcessId
DeleteFileA
HeapFree
RtlUnwind
GetStringTypeA
OpenMutexA
InterlockedExchange
GetVersionExA
SetStdHandle
DeleteCriticalSection
InterlockedDecrement
GlobalGetAtomNameA
FreeEnvironmentStringsW
HeapValidate
SetFilePointer
VirtualProtect
GetCommandLineW
InitializeCriticalSection
VirtualAlloc
VirtualQuery
GetTimeFormatA
GetModuleFileNameA
IsBadWritePtr
GetNumberFormatW
GetCurrentThreadId
GetLocaleInfoW
WideCharToMultiByte
DeleteFileW
WritePrivateProfileStructW
GetCompressedFileSizeW
GetFileTime
TlsSetValue
ReadFile
QueryPerformanceCounter
GetLastError
PulseEvent
GetCurrentProcess
FreeLibraryAndExitThread
GetThreadContext
GetSystemInfo
GetModuleHandleA

comdlg32

GetOpenFileNameA
FindTextW
FindTextA

advapi32

AbortSystemShutdownA
LookupPrivilegeDisplayNameA
InitiateSystemShutdownW

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

065c0e69ecfbedaaf633da43a154547b

Headers

File Characteristics

Imports

comctl32

user32

wininet

shell32

kernel32

comdlg32

advapi32

Sections

.text Size: 229KB - Virtual size: 228KB

.rdata Size: 403KB - Virtual size: 402KB

.data Size: 133KB - Virtual size: 140KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 229KB - Virtual size: 228KB

.rdata
Size: 403KB - Virtual size: 402KB

.data
Size: 133KB - Virtual size: 140KB

.rsrc
Size: 26KB - Virtual size: 26KB