16843074ed1e5356f89195969ed873fe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16843074ed1e5356f89195969ed873fe_JaffaCakes118
Size

368KB
MD5

16843074ed1e5356f89195969ed873fe
SHA1

c56a946d4c2d9862ee18a32dcaf26fa97124e59a
SHA256

e8f375f7964608d2f9d77d2dec290a5d6cc8458284ec9ab363dc8d7db5c30114
SHA512

5790a8dd003825d32eb1a249a969b79ad6714ad73d322b6dfa3a0d598405aabacdf924eaaf782666a2109765f5c09dc1b5fe519772fa47c15cc949fd29a6cc2f
SSDEEP

3072:U9+VzFkMiuwReTPK+wK4zkxo8Qi84Lg8trSxbt0Sh1pSAJaLRvQmslSfisvADTfL:1iuvrKBki8BTEgrSxzDJaemikAZTyjDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16843074ed1e5356f89195969ed873fe_JaffaCakes118

Files

16843074ed1e5356f89195969ed873fe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89e9c5c1fb606a6c1f181e301071642f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA

kernel32

WritePrivateProfileStringA
SetErrorMode
ExitProcess
RtlUnwind
ExitThread
CreateThread
GetSystemTimeAsFileTime
TerminateProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetFileTime
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
InterlockedDecrement
SetLastError
FormatMessageA
LocalFree
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetProcAddress
GlobalGetAtomNameA
GlobalAddAtomA
WriteFile
SetFileTime
LocalFileTimeToFileTime
lstrcmpA
GetCurrentProcess
DuplicateHandle
CreateFileW
CreateFileA
GetModuleHandleA
GetCurrentDirectoryA
IsBadReadPtr
CreateDirectoryW
ReadFile
SetFilePointer
SystemTimeToFileTime
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
CompareStringW
CompareStringA
lstrcmpiA
GetVersion
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenA
lstrcpynA
FreeResource
GlobalLock
GlobalUnlock
MulDiv
GlobalFree
CreateEventA
ResumeThread
GlobalAlloc
SetEvent
WaitForSingleObject
ResetEvent
CreateMutexA
GetLastError
GetModuleFileNameA
CreateDirectoryA
CopyFileA
CreateProcessA
GetTempPathA
CloseHandle
DeleteFileA
lstrcpyA
Sleep
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
SetUnhandledExceptionFilter

user32

EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
WaitMessage
GetMenuState
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
RemovePropA
SendDlgItemMessageA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
CallWindowProcA
GetSystemMetrics
PtInRect
wsprintfA
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
GetCapture
ReleaseCapture
LoadAcceleratorsA
IsWindowVisible
UpdateWindow
IsIconic
InsertMenuItemA
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
GetLastActivePopup
BringWindowToTop
SetMenu
ShowWindow
GetWindow
IsWindowEnabled
TranslateAcceleratorA
PeekMessageA
RegisterWindowMessageA
DestroyWindow
RegisterClassExA
DefWindowProcA
SetActiveWindow
GetWindowLongA
SetWindowLongA
CreateWindowExA
SystemParametersInfoA
GetClassNameA
GetWindowRect
GetCursorPos
TrackPopupMenu
GetMenuItemID
LoadMenuA
GetSysColorBrush
GetMenuItemInfoA
InflateRect
GetSubMenu
DestroyMenu
IsWindow
UnregisterClassA
CharUpperA
GetParent
CreateDialogIndirectParamA
GetNextDlgTabItem
RegisterClassA
EndDialog
GetDesktopWindow
GetClientRect
LoadBitmapA
LoadCursorA
SetRect
GetDC
ReleaseDC
GetSysColor
SetCursor
EnableWindow
InvalidateRect
CopyRect
FillRect
FindWindowA
SendMessageA
LoadIconA
GetDlgItemTextA
SetForegroundWindow
KillTimer
SetTimer
PostMessageA
PostQuitMessage
GetWindowPlacement
GetPropA

gdi32

GetPixel
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject
CreatePatternBrush
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetStretchBltMode
StretchBlt
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetClipBox
GetObjectA
CreateCompatibleBitmap
CreateSolidBrush
CreateCompatibleDC
GetDeviceCaps
CreateBitmap
SelectObject
BitBlt
DeleteObject
DeleteDC
SetBkColor
SetTextColor

msimg32

TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

DragQueryFileA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderA
SHCreateDirectoryExA
DragFinish
Shell_NotifyIconA

comctl32

ord17
ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CreateStreamOnHGlobal

oleaut32

VariantClear
VariantChangeType
OleLoadPicture
VariantInit

ws2_32

closesocket
accept
socket
select
gethostbyname
htonl
htons
WSACleanup
bind
WSAGetLastError
WSASetLastError
connect
sendto
recvfrom
WSAStartup
inet_addr
send
recv
WSAAsyncSelect

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

89e9c5c1fb606a6c1f181e301071642f

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

Sections

.text Size: 176KB - Virtual size: 176KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 8KB - Virtual size: 24KB

.rsrc Size: 120KB - Virtual size: 120KB

.aspack Size: 10KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

.text
Size: 176KB - Virtual size: 176KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 8KB - Virtual size: 24KB

.rsrc
Size: 120KB - Virtual size: 120KB

.aspack
Size: 10KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB