1aa6d6424b5bf8ce5e6b82f40b773280_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1aa6d6424b5bf8ce5e6b82f40b773280_JaffaCakes118
Size

231KB
MD5

1aa6d6424b5bf8ce5e6b82f40b773280
SHA1

be8ea49e6e84c04cbf834bb259ab6509ead29df6
SHA256

6da06fb86b3b305170fba558c30c050e6271f978fefcb6d19a7ce4c6262cfd15
SHA512

d8f0393924962f7ed80aff939f1d31d38fe24506cc46060e889c45aac0b8f4b8d824883357b96126b7487f903bdfd672b0444d145182a0eeb9bf6139bb089e68
SSDEEP

6144:4FXOP4+wiRiiMJLHlIPO/Rh9nvUGCC+GCXQ:4S4+wiQiMJLFIm/B8GCC+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aa6d6424b5bf8ce5e6b82f40b773280_JaffaCakes118

Files

1aa6d6424b5bf8ce5e6b82f40b773280_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9b8dca7369a34fd3d5582a58b4a18173

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDesktopA
FlashWindowEx
GetFocus
ChangeDisplaySettingsExW
SetCursor
FillRect
GetClassInfoExW
CharUpperW
DdeAddData
LoadMenuIndirectA
GetForegroundWindow
ChangeDisplaySettingsW

comdlg32

PrintDlgW
PageSetupDlgW
PrintDlgA
FindTextW
GetFileTitleW
ChooseFontA
FindTextA
GetFileTitleA
LoadAlterBitmap
ChooseColorW
GetSaveFileNameA
ChooseFontW
GetSaveFileNameW
PageSetupDlgA
GetOpenFileNameW
ReplaceTextA
ReplaceTextW
ChooseColorA

wininet

FtpCommandW
GetUrlCacheEntryInfoExA
InternetCloseHandle
FtpRemoveDirectoryW
FtpOpenFileA
InternetConfirmZoneCrossingW
RetrieveUrlCacheEntryStreamA
UnlockUrlCacheEntryStream
FtpFindFirstFileW
ShowClientAuthCerts
GetUrlCacheEntryInfoExW
InternetGetCertByURL
FtpRenameFileA
ShowX509EncodedCertificate
InternetConnectA
InternetSetFilePointer
FindFirstUrlCacheEntryExW
InternetGetLastResponseInfoA
SetUrlCacheConfigInfoA
GopherOpenFileA
FindNextUrlCacheEntryW
InternetOpenA
FreeUrlCacheSpaceA

advapi32

LogonUserA
RegQueryMultipleValuesA
LookupPrivilegeNameW
RegQueryValueExW
RegEnumValueA
RegQueryInfoKeyW
LogonUserW
CryptExportKey
CryptDuplicateKey
InitializeSecurityDescriptor
CryptReleaseContext
CryptSetHashParam

kernel32

InterlockedExchange
GetStringTypeA
FreeEnvironmentStringsW
LeaveCriticalSection
GetEnvironmentStringsW
TlsFree
HeapFree
GetProcAddress
ExitProcess
RtlUnwind
InterlockedIncrement
GetDateFormatA
GetModuleFileNameA
CompareStringW
SetUnhandledExceptionFilter
DeleteCriticalSection
VirtualFree
HeapReAlloc
HeapDestroy
SetEnvironmentVariableA
GetStringTypeW
WideCharToMultiByte
EnumSystemLocalesA
GetLocaleInfoA
GetTickCount
SetHandleCount
HeapAlloc
CompareStringA
FreeLibrary
GetFileType
GetTimeZoneInformation
FindFirstFileW
SetLastError
Sleep
GetCommandLineA
GetCPInfo
VirtualAlloc
TlsAlloc
GetModuleHandleW
FreeEnvironmentStringsA
LCMapStringA
HeapSize
TlsGetValue
InterlockedDecrement
UnhandledExceptionFilter
HeapCreate
GetCurrentThreadId
CreateEventA
GetSystemTimeAsFileTime
GetStdHandle
GetTimeFormatA
MultiByteToWideChar
GetOEMCP
EnterCriticalSection
SetConsoleCtrlHandler
GetLastError
GetEnvironmentStrings
WriteFile
GetLocaleInfoW
LCMapStringW
WriteConsoleOutputW
GetCurrentThread
VirtualQuery
QueryPerformanceCounter
GetModuleHandleA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
GetUserDefaultLCID
LoadLibraryA
IsDebuggerPresent
IsValidLocale
TerminateProcess
GetStartupInfoA
IsValidCodePage
FormatMessageW
GetACP
GetCurrentProcessId
TlsSetValue

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b8dca7369a34fd3d5582a58b4a18173

Headers

File Characteristics

Imports

user32

comdlg32

wininet

advapi32

kernel32

Sections

.text Size: 110KB - Virtual size: 110KB

.data Size: 112KB - Virtual size: 118KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 110KB - Virtual size: 110KB

.data
Size: 112KB - Virtual size: 118KB

.rsrc
Size: 8KB - Virtual size: 7KB