17c1f0217cee976de34ad52a44c9c1e5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

17c1f0217cee976de34ad52a44c9c1e5_JaffaCakes118
Size

564KB
MD5

17c1f0217cee976de34ad52a44c9c1e5
SHA1

fcdd78bd44c6686431fb8b9c4edf7ce0e80bd3d0
SHA256

e9fc3269dfdde592f86929cbb7d81049b10d9a25c5e9633364be405fb0416376
SHA512

b191b6743148f895191532e185f8580676b43c14c1411ddf7bc9661531a371e6b92a1705369207179ee2b55e837ac284ebcae10df8eae648bde7f1ab77fdeb10
SSDEEP

12288:JoDg6oi/LrU1CJL+Q51yhpdPKx8q+FN3JtGqE4TTJ:J6Hoi1Jz6hpdSiqkN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c1f0217cee976de34ad52a44c9c1e5_JaffaCakes118

Files

17c1f0217cee976de34ad52a44c9c1e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f8af4705585089704d3939f1eebcec8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\fqngdse\

Imports

wininet

InternetCrackUrlA
CreateUrlCacheContainerA
InternetSetOptionA
InternetFindNextFileW
ReadUrlCacheEntryStream
InternetUnlockRequestFile
FindNextUrlCacheContainerA
UrlZonesDetach

user32

IsZoomed
GetClientRect
RegisterClipboardFormatA
IsMenu
OpenIcon
RegisterClassA
GetClassWord
GetUpdateRect
EnumDisplayDevicesW
DefWindowProcA
ToAsciiEx
RegisterClassExA
SetUserObjectSecurity
SystemParametersInfoW
FindWindowW
SetMenuItemBitmaps
CreateWindowExA
CharLowerW
MessageBoxA
CreateMDIWindowA
DragDetect
GetDialogBaseUnits
TrackMouseEvent
GetMessagePos
InsertMenuItemW
DestroyWindow
ShowWindow
CopyRect
DispatchMessageW
SetWindowRgn

shell32

SHFileOperation

comctl32

_TrackMouseEvent
CreateToolbar
GetEffectiveClientRect
ImageList_BeginDrag
ImageList_SetBkColor
CreateStatusWindow
InitCommonControlsEx
ImageList_Write
CreatePropertySheetPageA
ImageList_SetDragCursorImage
ImageList_Draw
InitMUILanguage
ImageList_DragLeave
MakeDragList
ImageList_DragEnter
DrawStatusTextW

advapi32

CryptSetHashParam
LogonUserA
StartServiceW
RegDeleteKeyA
LookupAccountNameA
LookupPrivilegeNameW
CryptSetProviderExW
LookupAccountSidA

kernel32

OpenMutexA
GetCurrentThreadId
GetPrivateProfileIntA
GetLocaleInfoA
MultiByteToWideChar
FreeEnvironmentStringsW
VirtualProtectEx
EnterCriticalSection
CompareStringW
HeapCreate
GetProcessAffinityMask
CreateMutexA
GetThreadPriorityBoost
GetSystemDefaultLCID
SetConsoleCP
LocalHandle
SetEndOfFile
DeleteCriticalSection
TlsAlloc
EnumSystemLocalesA
GetDriveTypeW
GetPrivateProfileSectionA
SetEnvironmentVariableA
GetFileType
QueryPerformanceCounter
GetPrivateProfileStructA
FindFirstFileExA
HeapAlloc
FoldStringW
IsValidCodePage
ExitProcess
WriteFile
GetDateFormatA
FindFirstFileA
SetConsoleOutputCP
LoadLibraryA
GetStringTypeA
TlsFree
GetStdHandle
VirtualProtect
EnumResourceNamesA
EnumTimeFormatsW
WriteConsoleInputW
GetEnvironmentStringsW
GetModuleHandleA
CreateSemaphoreW
IsValidLocale
CompareStringA
InterlockedIncrement
GetVersionExA
TlsGetValue
GetSystemDirectoryA
GetCurrentProcessId
VirtualQuery
InterlockedExchange
VirtualFree
HeapReAlloc
WaitNamedPipeA
HeapFree
GetTimeZoneInformation
CloseHandle
LCMapStringW
GetUserDefaultLCID
GlobalAddAtomW
VirtualAlloc
ResumeThread
GetACP
GetLocaleInfoW
ReadConsoleA
WideCharToMultiByte
GetEnvironmentStrings
GetTimeFormatA
WaitForDebugEvent
SetUnhandledExceptionFilter
SetHandleCount
GetOEMCP
CreateDirectoryW
GlobalLock
GetProcAddress
HeapSize
SetVolumeLabelW
EnumSystemLocalesW
ReadConsoleOutputCharacterW
LeaveCriticalSection
ConnectNamedPipe
TerminateProcess
LockResource
WaitForMultipleObjectsEx
RtlUnwind
GetModuleHandleW
LocalShrink
HeapDestroy
FileTimeToLocalFileTime
FileTimeToSystemTime
IsBadWritePtr
ReleaseMutex
GetCommandLineA
GetSystemTimeAsFileTime
GetCurrentProcess
GetTickCount
GetLogicalDriveStringsA
OpenSemaphoreW
SetLastError
GetCurrentThread
UnhandledExceptionFilter
GetTempPathW
EnumSystemCodePagesA
HeapLock
VirtualQueryEx
WaitNamedPipeW
SetComputerNameW
OpenSemaphoreA
TlsSetValue
CreateWaitableTimerA
GetStartupInfoA
GetConsoleCP
GetExitCodeProcess
GetLogicalDriveStringsW
GetSystemInfo
FillConsoleOutputCharacterA
GetStringTypeW
ReadFile
InitializeCriticalSection
VirtualLock
EnumResourceNamesW
GetComputerNameW
lstrcmpA
FreeEnvironmentStringsA
FlushFileBuffers
LCMapStringA
GetLastError
WriteConsoleA
GetProfileIntA
CopyFileExA
GetModuleFileNameA
SetFilePointer
CreateMutexW
GetCPInfo
SetStdHandle

comdlg32

GetOpenFileNameA
ReplaceTextW
ChooseFontW
ChooseColorW

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f8af4705585089704d3939f1eebcec8

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

shell32

comctl32

advapi32

kernel32

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 108KB - Virtual size: 137KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 108KB - Virtual size: 137KB

.rsrc
Size: 24KB - Virtual size: 20KB