173fa8a244044f8dc76fe7659fb4f403_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

173fa8a244044f8dc76fe7659fb4f403_JaffaCakes118
Size

500KB
MD5

173fa8a244044f8dc76fe7659fb4f403
SHA1

670cc60ba2d5eb5976c5465696702b445151d5ae
SHA256

d1d4546dae0ca0a672a9d9fba204135334e5007506c4804591219bdf21edbcbf
SHA512

db4134e232e0efd8764396895aa71266b4905b83c1b9186e2915c4686c4f1116aa0feb334797d69f08f3f82fd385b259c97c75328c4a315f72885aaf47b0a54e
SSDEEP

12288:pkehmBQFtzYLSLsfhXg77ap96fCatCE+4wk4scWPwH+QaePdRtmNLxaThRq71YBf:3o0t5JvDPw9aadRtmNLxak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173fa8a244044f8dc76fe7659fb4f403_JaffaCakes118

Files

173fa8a244044f8dc76fe7659fb4f403_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f521eb0a34b04373f9d44bc3224ff17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostname
inet_ntoa
inet_addr
select
sendto
closesocket
setsockopt
WSAStartup
WSACleanup
WSASocketA
WSAGetLastError
gethostbyname

kernel32

ExitThread
MoveFileA
SetFilePointer
FileTimeToLocalFileTime
CreateProcessA
FormatMessageA
GetDiskFreeSpaceA
GetVersion
GetSystemInfo
lstrcmpiA
GetCurrentProcessId
GetLongPathNameA
SuspendThread
ResumeThread
ExitProcess
InterlockedDecrement
VirtualFree
HeapCreate
HeapDestroy
SetEndOfFile
DeviceIoControl
SetHandleCount
SetStdHandle
GetLocalTime
CreateThread
GetCPInfo
HeapSize
HeapReAlloc
HeapFree
GetCommandLineA
GetStartupInfoA
RaiseException
GetSystemTime
SetFileTime
HeapAlloc
GetFileType
MultiByteToWideChar
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
RtlUnwind
FindResourceA
LoadResource
LockResource
FreeLibrary
SetThreadPriority
GlobalGetAtomNameA
GlobalDeleteAtom
TerminateProcess
GetFileInformationByHandle
GetLastError
FileTimeToSystemTime
GetVersionExA
WinExec
GetVolumeInformationA
GetACP
SetLocalTime
WideCharToMultiByte
GetLogicalDrives
GetDriveTypeA
GetWindowsDirectoryA
GetCurrentProcess
GetStdHandle
CreateFileA
WriteFile
CloseHandle
MulDiv
IsBadWritePtr
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
CreateDirectoryA
OpenFile
WaitForSingleObject
ResetEvent
SetEvent
GetTickCount
CreateEventA
LocalSize
LocalFree
GlobalAlloc
GlobalLock
lstrcpyA
lstrlenA
GlobalUnlock
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GlobalFree
GetModuleFileNameA
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
CompareStringA
LocalAlloc
ReadFile
GetModuleHandleA
SetFileAttributesA
GetSystemDefaultLangID
GetPrivateProfileStringA
GetSystemDirectoryA
ExpandEnvironmentStringsA
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FindClose
Sleep
GetFileSize
WritePrivateProfileStringA
OutputDebugStringA
CopyFileA
DeleteFileA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
GetComputerNameA
LoadLibraryA
GetTimeZoneInformation
GetProcAddress
CompareStringW
GetOEMCP
VirtualAlloc

user32

GetWindowLongA
GetSubMenu
PeekMessageA
DispatchMessageA
PostQuitMessage
GetMenuState
ExitWindowsEx
EnableWindow
SetDlgItemInt
CheckMenuItem
ReleaseCapture
DialogBoxParamA
IsWindow
BeginPaint
EndPaint
CreateDialogParamA
UpdateWindow
ScreenToClient
CreatePopupMenu
AppendMenuA
CheckMenuRadioItem
CharLowerBuffA
GetSysColor
DestroyIcon
IsWindowEnabled
GetDlgItem
EnableMenuItem
ShowCursor
TranslateAcceleratorA
IsDialogMessageA
GetMessageA
LoadAcceleratorsA
LoadMenuA
SetCapture
SetForegroundWindow
TrackPopupMenu
DestroyMenu
SetWindowTextA
LoadIconA
DestroyWindow
SetWindowLongA
GetActiveWindow
SetFocus
IsIconic
MessageBoxA
LoadCursorA
SetCursor
EnumDisplaySettingsA
LoadBitmapA
ShowWindow
LoadStringA
GetAsyncKeyState
CallWindowProcA
SetWindowPos
GetClientRect
MoveWindow
PostMessageA
GetSystemMetrics
GetForegroundWindow
GetParent
GetWindowThreadProcessId
GetWindowTextA
IsWindowVisible
GetWindowRect
SetTimer
GetCursorPos
KillTimer
DefWindowProcA
wsprintfA
FindWindowA
SendMessageA
RegisterClassA
CreateWindowExA
EndDialog
GetWindow
GetDC
ReleaseDC
SendDlgItemMessageA
GetDlgItemTextA
SetDlgItemTextA
WinHelpA
TranslateMessage

gdi32

CreatePatternBrush
Rectangle
SetBkColor
SetTextColor
CreatePen
MoveToEx
ExtTextOutA
CreateHatchBrush
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject
DeleteObject
GetDeviceCaps
CreateFontA
GetTextExtentPointA
SetBkMode
SetDIBitsToDevice
RealizePalette
SelectPalette
UnrealizeObject
CreatePalette
CreateDIBSection
CreateSolidBrush

advapi32

CreateServiceA
CloseServiceHandle
StartServiceA
QueryServiceStatus
ControlService
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
OpenServiceA
OpenSCManagerA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
AllocateAndInitializeSid
GetUserNameA
RegSetValueExA
RegCreateKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
FreeSid

shell32

ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid

oleaut32

SysFreeString
SysAllocString
VariantClear

comctl32

ord6
ord17
PropertySheetA
ImageList_Create
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_Destroy
CreateToolbarEx

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

netapi32

NetShareEnum
NetShareDel
NetApiBufferFree

rpcrt4

UuidFromStringA
UuidToStringA

setupapi

CM_Get_Child
CM_Get_Device_IDA
SetupDiSetClassInstallParamsA
CM_Get_Parent
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiCallClassInstaller
SetupDiEnumDeviceInterfaces

hudcomm

ord2

huft

ord2

hufwalk

ord2

hulib

ord4

hulog

ord2

huregn

ord2

huuacnt

ord2

huui

ord3
ord4
ord2

huinven

ord2

huncomm

ord2

Sections

.text
Size: 400KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f521eb0a34b04373f9d44bc3224ff17

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

version

netapi32

rpcrt4

setupapi

hudcomm

huft

hufwalk

hulib

hulog

huregn

huuacnt

huui

huinven

huncomm

Sections

.text Size: 400KB - Virtual size: 396KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 68KB - Virtual size: 158KB

.rsrc Size: 8KB - Virtual size: 4KB

.text
Size: 400KB - Virtual size: 396KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 68KB - Virtual size: 158KB

.rsrc
Size: 8KB - Virtual size: 4KB