171b02156ac1d179cb509eda1348dd79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

171b02156ac1d179cb509eda1348dd79_JaffaCakes118
Size

321KB
MD5

171b02156ac1d179cb509eda1348dd79
SHA1

16417d86155fa32d7a07c9840aede48e90be6462
SHA256

a9b50b26389543cbf3f61c8af6bc4a5639d6fa89f10ac4b215fb60b62d964e3f
SHA512

3c84172ace3b28e528fa19e2a3902b9a0043668f68a419d8814c9724fe51b186b533ff37ce199c5c2c4a7fba081eb64e86caa5d3510f20b678ea4b4d02d2aa1d
SSDEEP

6144:OR3RoKrSoS5DUmRcfvMbQmfO8pwzRlHmE+pQnlJHZaBSID:63ZS5u01pI0d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171b02156ac1d179cb509eda1348dd79_JaffaCakes118

Files

171b02156ac1d179cb509eda1348dd79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5aa00e0b90780e4d05d5a6da6f4d9b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

LoadImageW
CallMsgFilterA
CascadeChildWindows
DialogBoxIndirectParamW
IsDialogMessageA
VkKeyScanExW
CopyRect
UnloadKeyboardLayout
EnumPropsExA
RegisterClassA
RegisterClassExA
RegisterWindowMessageA
GetClipboardOwner
GetWindowThreadProcessId

gdi32

DescribePixelFormat
Polygon
GetDIBits
AbortPath
SetBitmapDimensionEx
SetICMMode
GetICMProfileA
GetArcDirection
GetPixel
OffsetClipRgn
GetTextMetricsA
CreateDIBSection
SetColorSpace
GetMiterLimit
RealizePalette
SetTextJustification
PlgBlt
CreateDIBPatternBrushPt

wininet

InternetTimeFromSystemTimeA
CreateUrlCacheGroup
HttpSendRequestA
InternetShowSecurityInfoByURL
CreateUrlCacheEntryA
ResumeSuspendedDownload
FtpRenameFileW
InternetConfirmZoneCrossingW
InternetConnectW

advapi32

CryptSignHashA
CryptSetProviderW
RegNotifyChangeKeyValue
RegSetValueExA
DuplicateTokenEx
RegEnumKeyW
CryptGetProvParam
RegSaveKeyA
CryptVerifySignatureW
CryptSetProviderA
CryptReleaseContext
LookupPrivilegeValueA
CryptDuplicateHash
LookupPrivilegeValueW
RegOpenKeyExA
AbortSystemShutdownA
InitiateSystemShutdownA
RevertToSelf
RegSetValueExW
RegReplaceKeyA
RegSetValueW
LookupPrivilegeDisplayNameA
StartServiceW
RegOpenKeyExW

kernel32

GetProcessHeap
LoadLibraryA
GetEnvironmentStrings
WriteConsoleA
InterlockedIncrement
InterlockedDecrement
GetShortPathNameA
HeapFree
WideCharToMultiByte
GetLastError
CompareStringA
CompareStringW
GetConsoleCP
GetTickCount
LockFile
LCMapStringA
GetLocaleInfoA
GetModuleFileNameA
GetStartupInfoA
ResumeThread
SetPriorityClass
GetLocaleInfoW
TerminateProcess
IsValidLocale
GetConsoleOutputCP
OpenMutexA
VirtualFree
HeapAlloc
GetModuleHandleW
GetTimeFormatA
SetEnvironmentVariableA
FreeEnvironmentStringsW
VirtualProtect
ExitProcess
SetUnhandledExceptionFilter
GetTempPathW
GlobalUnlock
GetTimeZoneInformation
LCMapStringW
DeleteFileW
SetStdHandle
EnumSystemLocalesA
TlsSetValue
HeapReAlloc
GetCurrentThread
GetSystemTimeAsFileTime
CloseHandle
GetCurrentProcess
HeapCreate
MultiByteToWideChar
SetLastError
GetLongPathNameA
GetDateFormatA
WriteFile
EnumResourceNamesA
GetVersionExA
GetCurrentProcessId
SetConsoleCtrlHandler
HeapSize
GetModuleHandleA
SetHandleCount
VirtualQuery
WritePrivateProfileSectionA
LeaveCriticalSection
CopyFileA
FreeLibrary
CreateFileA
GetCommandLineA
VirtualAlloc
ReadFile
TlsAlloc
GetUserDefaultLCID
DeleteCriticalSection
TlsFree
GlobalGetAtomNameW
WriteConsoleW
GetCPInfo
GetStdHandle
UnhandledExceptionFilter
GetOEMCP
IsDebuggerPresent
InterlockedExchange
GetEnvironmentStringsW
FlushFileBuffers
GetFileType
GetConsoleMode
GetProcAddress
RtlUnwind
GetStringTypeA
IsValidCodePage
HeapDestroy
InitializeCriticalSection
FillConsoleOutputCharacterW
GetCurrentThreadId
GetACP
TlsGetValue
GetStringTypeW
EnterCriticalSection
Sleep
CreateSemaphoreA
QueryPerformanceCounter
CreateMutexA
SetFilePointer
GetSystemInfo
FreeEnvironmentStringsA

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5aa00e0b90780e4d05d5a6da6f4d9b8

Headers

File Characteristics

Imports

comctl32

user32

gdi32

wininet

advapi32

kernel32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 11KB - Virtual size: 19KB

.data Size: 148KB - Virtual size: 148KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 11KB - Virtual size: 19KB

.data
Size: 148KB - Virtual size: 148KB

.rsrc
Size: 4KB - Virtual size: 4KB