1592ffe27b5d47863cd2dcaeede64733_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1592ffe27b5d47863cd2dcaeede64733_JaffaCakes118
Size

204KB
MD5

1592ffe27b5d47863cd2dcaeede64733
SHA1

c68e921ea41b2e20b314fd771b819e5c4b1c31ae
SHA256

4b8b63cd97a10c315b7c227a93ac424647e86f41d8a665a02075fdbd1733a54d
SHA512

80245dd005656cd22ea898ddb686f644ec5ea3eed75dea5a859fddde0062ef9ef16a07435ef7529234403c49d6649f7cf917ccddc37c1c45c34ca1cc71997beb
SSDEEP

3072:aQliMugQSgH2UF71KE/cO/aOW8yz+elDUJLLIXXjbha:RliMugQ7H7lUE0O/aON3Jino

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1592ffe27b5d47863cd2dcaeede64733_JaffaCakes118

Files

1592ffe27b5d47863cd2dcaeede64733_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6dcb044593c04c776cbee4f553e83bcf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent

shlwapi

StrToInt64ExW

msimg32

AlphaBlend

wininet

HttpEndRequestW
InternetCloseHandle
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetCheckConnectionW
InternetAttemptConnect
InternetReadFile
InternetQueryDataAvailable

kernel32

DeleteFileW
Sleep
GetModuleFileNameW
GetTempPathW
GetTempFileNameW
ResumeThread
GlobalReAlloc
GetModuleHandleW
IsBadReadPtr
DuplicateHandle
GetCurrentProcess
GetFileType
SystemTimeToFileTime
GetCurrentDirectoryW
DosDateTimeToFileTime
SetFileTime
FindResourceA
LoadResource
SizeofResource
GetProcessHeap
HeapAlloc
HeapFree
LCMapStringW
LCMapStringA
HeapSize
InitializeCriticalSection
GetOEMCP
GetACP
GetSystemInfo
GetCPInfo
ExitProcess
GetStringTypeW
GetStringTypeA
VirtualQuery
InterlockedExchange
RtlUnwind
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
TlsGetValue
TlsSetValue
TlsFree
GetCurrentThreadId
SetLastError
TlsAlloc
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
GetStartupInfoW
GetModuleHandleA
GetProcAddress
WideCharToMultiByte
GetSystemDirectoryW
CreateDirectoryW
FindClose
FindNextFileW
FindFirstFileW
CreateThread
CreateProcessW
TerminateProcess
MultiByteToWideChar
WriteFile
SetFilePointer
SetFileAttributesW
GetTickCount
ExpandEnvironmentStringsW
GetLastError
CreateEventW
CloseHandle
GlobalUnlock
ReadFile
GlobalFree
GlobalLock
GlobalAlloc
GetFileSize
CreateFileW
GetCommandLineW
LoadLibraryA
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualProtect
SetUnhandledExceptionFilter
IsBadCodePtr
GetLocaleInfoA

user32

GetNextDlgTabItem
SetWindowPos
SetFocus
EnumChildWindows
DispatchMessageW
TranslateMessage
GetMessageW
GetClassInfoExW
RegisterClassExW
wsprintfW
CreateWindowExW
SystemParametersInfoW
GetUpdateRect
UnregisterClassW
IsWindowEnabled
EnableWindow
ShowWindow
UpdateWindow
LoadImageW
SetRect
FillRect
GetIconInfo
SetWindowLongW
GetWindowLongW
CopyRect
GetClientRect
LoadIconW
EndPaint
BeginPaint
PostQuitMessage
SetCursor
GetForegroundWindow
MessageBoxW
InflateRect
SetWindowRgn
LoadCursorW
CallWindowProcW
DefWindowProcW
IsWindow
InvalidateRect
GetDC
PostMessageW
SendMessageW
SetPropW
GetPropW
DrawIconEx
DrawTextW
ReleaseDC
GetWindowRect
GetDCEx
DestroyWindow
GetParent

gdi32

SetDIBits
RestoreDC
GetTextExtentPoint32W
SaveDC
GetDeviceCaps
GetCurrentPositionEx
CreateFontIndirectW
GetStockObject
GetTextColor
CombineRgn
ExtCreateRegion
GetDIBits
StretchBlt
GetObjectW
SetTextColor
GetTextExtentPointW
SetBkMode
CreateFontW
LineTo
MoveToEx
BitBlt
CreateCompatibleBitmap
DeleteDC
RoundRect
Rectangle
CreateSolidBrush
CreatePen
SelectObject
CreateDIBSection
CreateCompatibleDC
CreateDCW
DeleteObject
CreateDIBitmap

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyW
RegDeleteValueW

shell32

CommandLineToArgvW
SHGetFolderPathW
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW

ole32

CoCreateInstance
CoInitialize
CreateStreamOnHGlobal
CoUninitialize

oleaut32

OleLoadPicture

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6dcb044593c04c776cbee4f553e83bcf

Headers

File Characteristics

Imports

comctl32

shlwapi

msimg32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 156KB - Virtual size: 156KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 156KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 12KB - Virtual size: 12KB