23f9ebbef9c6a63d747eadbc8f3fd259_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

23f9ebbef9c6a63d747eadbc8f3fd259_JaffaCakes118
Size

376KB
MD5

23f9ebbef9c6a63d747eadbc8f3fd259
SHA1

5895f8723d341cad8096f3f3227891df33bb5972
SHA256

ca50bed1a1dd6f4dc1eb3e7eb2e197269c93cd962807373cdcb27cf743fc96fd
SHA512

53198cd24b0f3e413e185136aaf1cfe5a5acd850293f8b8ac1ede8c62b39ccb35714b1c94d8cc5d0151fd033771ae916795480265085a428f13a31fd82476dbb
SSDEEP

6144:F6lxeA/lT/ci9p8I3fvLNiAhA7bA/uPRncFycRfa:F6rZzci9pFvvZ7A7kGJ4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23f9ebbef9c6a63d747eadbc8f3fd259_JaffaCakes118

Files

23f9ebbef9c6a63d747eadbc8f3fd259_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a113576487e537b9b3f4a0113f33c47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

NotifyWinEvent
DrawStateA
RegisterClassA
RegisterClassExA
IsWindowEnabled
SystemParametersInfoW
SubtractRect
LoadAcceleratorsA
CloseClipboard
SendMessageTimeoutW
MapVirtualKeyExW
ModifyMenuW
ChildWindowFromPointEx
GetProcessWindowStation
EditWndProc
DialogBoxParamA
WindowFromDC
MapWindowPoints
GetUserObjectInformationA
LoadMenuIndirectA
GetWindowContextHelpId
SetCapture
GetFocus
SetPropA

wininet

CommitUrlCacheEntryA
InternetAttemptConnect
FtpRemoveDirectoryW
FindCloseUrlCache
FtpPutFileEx
InternetAutodialHangup
FindNextUrlCacheContainerW
SetUrlCacheEntryGroup
FindFirstUrlCacheEntryW

advapi32

AbortSystemShutdownA
RegSetValueExA
RegConnectRegistryA
RegQueryValueW
DuplicateTokenEx

shell32

ShellExecuteA
DragQueryPoint
SHFileOperationA
DragQueryFileW
ExtractIconA

gdi32

GetROP2
SetStretchBltMode
CreateEllipticRgn
CheckColorsInGamut
SetMapperFlags
GetCharWidth32A
RemoveFontResourceW
SelectPalette
GetMetaFileBitsEx
GetCharABCWidthsFloatW
SetTextCharacterExtra
GetBkColor
GetRasterizerCaps
SetTextAlign
CreateMetaFileA
RealizePalette
StretchDIBits
CreateFontIndirectW

comctl32

ImageList_SetIconSize
ImageList_Write
CreateToolbarEx
ImageList_SetFilter
ImageList_Destroy
CreateStatusWindowA
ImageList_EndDrag
CreatePropertySheetPage
InitMUILanguage
InitCommonControlsEx
ImageList_DragLeave
ImageList_DragEnter
ImageList_Create
DestroyPropertySheetPage
ImageList_Merge
ImageList_SetBkColor
ImageList_SetOverlayImage
CreatePropertySheetPageA

kernel32

GetCPInfo
WriteConsoleW
GetOEMCP
GetDateFormatA
GetTimeFormatA
TlsAlloc
CloseHandle
CreateRemoteThread
GetStringTypeA
FlushFileBuffers
GetModuleFileNameA
GetCurrentProcessId
HeapDestroy
ExitProcess
VirtualFree
OpenMutexA
HeapAlloc
LCMapStringA
EnterCriticalSection
ReadConsoleOutputCharacterW
DebugActiveProcess
GetLastError
TerminateProcess
DeleteCriticalSection
GetUserDefaultLCID
GetStartupInfoA
SetThreadContext
LoadLibraryA
InterlockedExchange
GetACP
GetEnvironmentStringsW
SetLastError
HeapFree
EnumResourceNamesA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetNumberFormatA
CompareStringW
CompareStringA
GetConsoleMode
GetCommandLineA
SetThreadIdealProcessor
GetCurrentThreadId
GetCurrentThread
GetStdHandle
SetHandleCount
HeapSize
TlsSetValue
CreateFileA
GetModuleFileNameW
SetStdHandle
lstrcpyn
EnumSystemLocalesA
WriteConsoleA
WriteProfileSectionW
GetLocaleInfoA
GetLocaleInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
InterlockedDecrement
VirtualQuery
SetFilePointer
GetComputerNameA
GetTickCount
GetSystemTimeAsFileTime
TlsGetValue
SetConsoleCtrlHandler
GetConsoleOutputCP
TlsFree
HeapCreate
GetCommandLineW
lstrlenA
GetExitCodeProcess
GetFileType
LCMapStringW
HeapReAlloc
GetNamedPipeHandleStateW
ReadFile
UnhandledExceptionFilter
CreateMutexA
IsValidLocale
IsDebuggerPresent
GetConsoleCP
OpenEventA
WideCharToMultiByte
GlobalDeleteAtom
InterlockedIncrement
GetModuleHandleA
IsValidCodePage
LeaveCriticalSection
GetTimeZoneInformation
GetProcAddress
GetStartupInfoW
RtlUnwind
Sleep
DosDateTimeToFileTime
MultiByteToWideChar
WriteFile
GetStringTypeW
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
VirtualAlloc
FreeLibrary

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a113576487e537b9b3f4a0113f33c47

Headers

File Characteristics

Imports

user32

wininet

advapi32

shell32

gdi32

comctl32

kernel32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 72KB - Virtual size: 69KB

.data Size: 100KB - Virtual size: 112KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 72KB - Virtual size: 69KB

.data
Size: 100KB - Virtual size: 112KB

.rsrc
Size: 24KB - Virtual size: 23KB