251bf72627715f1d4d3dff43a3ca257b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

251bf72627715f1d4d3dff43a3ca257b_JaffaCakes118
Size

402KB
MD5

251bf72627715f1d4d3dff43a3ca257b
SHA1

6d0259926c27a4e9984db986813d12b5609d0d72
SHA256

6c06323377608d41dec3fe3f08b5c45cb700fea084372efab6b634cfd1940869
SHA512

727d8c628875531197fc7fd4f44ba21295886b6d86a12d4550c4783255bdb85b377036db6af22626b21bf673705c9cff8ce9e14f2c92ea46207259d3b0818a75
SSDEEP

6144:F7DEDqlmbTvuJR2NnpWrCbL+dahUUO1aUIFV6Ny:F3EDqlevQRupWrCbyYyUOi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
251bf72627715f1d4d3dff43a3ca257b_JaffaCakes118

Files

251bf72627715f1d4d3dff43a3ca257b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c406949d0743e031639c6d4046706b11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestExW
FindFirstUrlCacheEntryExW
FindNextUrlCacheGroup
HttpOpenRequestW
InternetReadFileExA
InternetQueryFortezzaStatus
InternetSetFilePointer
FindNextUrlCacheEntryW

advapi32

DuplicateToken
CryptSignHashA
CryptHashData
CryptSetProviderExW
RegCreateKeyA
RegReplaceKeyW
CryptGetHashParam
LookupAccountNameA
LookupAccountSidA
GetUserNameA
RegCloseKey
CryptVerifySignatureW

comctl32

ImageList_DragShowNolock
CreateToolbarEx
ImageList_GetFlags
ImageList_BeginDrag
ImageList_EndDrag
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_AddIcon
CreateStatusWindow
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_SetDragCursorImage
CreateUpDownControl
ImageList_Add
CreatePropertySheetPage
ImageList_SetFlags
ImageList_Read
DestroyPropertySheetPage
ImageList_GetIconSize
ImageList_Draw
ImageList_SetIconSize

comdlg32

PrintDlgW
PageSetupDlgA
ChooseFontW

kernel32

FreeEnvironmentStringsA
TlsGetValue
LeaveCriticalSection
GetUserDefaultLCID
UnlockFileEx
CompareStringA
VirtualAlloc
CreateMutexA
GetOEMCP
SetHandleCount
TlsAlloc
SetFilePointer
GetSystemTimeAsFileTime
LCMapStringA
GetModuleHandleA
GetCommandLineA
HeapDestroy
MoveFileExW
HeapCreate
GetFullPathNameW
GetModuleFileNameA
CloseHandle
DeleteCriticalSection
DebugBreak
LCMapStringW
WriteFile
IsBadWritePtr
GetFileType
ExitProcess
EnterCriticalSection
SetStdHandle
LoadLibraryA
GetCurrentThread
InterlockedExchange
FreeEnvironmentStringsW
InitializeCriticalSection
GetLocaleInfoA
GetTimeFormatA
GetTimeZoneInformation
HeapSize
RtlUnwind
CreateWaitableTimerW
HeapFree
GetLocaleInfoW
TlsSetValue
GetDateFormatA
GetStartupInfoA
EnumSystemLocalesA
VirtualFree
CompareStringW
GetCurrentProcess
GetStringTypeA
GetEnvironmentStrings
GetStringTypeW
TlsFree
GetEnvironmentStringsW
UnhandledExceptionFilter
ReadFile
FlushFileBuffers
SetLastError
GetTickCount
GetStdHandle
GetCurrentDirectoryA
WideCharToMultiByte
GetProcAddress
IsValidCodePage
GetCPInfo
MultiByteToWideChar
QueryPerformanceCounter
VirtualProtect
IsValidLocale
GetVersionExA
VirtualQuery
OpenMutexA
HeapAlloc
GetACP
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapReAlloc
SetEnvironmentVariableA
GetLastError
GetCurrentThreadId

user32

CharNextW
MessageBoxA
DefMDIChildProcW
CloseWindow
CreateWindowExW
RegisterClassExA
CreateWindowExA
CharToOemBuffA
SetClassLongA
RegisterClassA
ShowWindow
HideCaret
ReleaseCapture
DefWindowProcW
ChangeDisplaySettingsExA
EnumDesktopsW
DragDetect
DestroyWindow
EnumDisplayDevicesA
GetClassNameW
ToUnicodeEx
SetUserObjectSecurity

Sections

.text
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c406949d0743e031639c6d4046706b11

Headers

File Characteristics

Imports

wininet

advapi32

comctl32

comdlg32

kernel32

user32

Sections

.text Size: 209KB - Virtual size: 208KB

.rdata Size: 26KB - Virtual size: 44KB

.data Size: 88KB - Virtual size: 87KB

.rsrc Size: 78KB - Virtual size: 77KB

.text
Size: 209KB - Virtual size: 208KB

.rdata
Size: 26KB - Virtual size: 44KB

.data
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 78KB - Virtual size: 77KB