273a0aa607c5025bfdacbb34980b32ca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

273a0aa607c5025bfdacbb34980b32ca_JaffaCakes118
Size

728KB
MD5

273a0aa607c5025bfdacbb34980b32ca
SHA1

f05999513049a6ba18fec90822fb0db93f80176c
SHA256

33abe70e29228dee096c23827ea21f680a434d9ac0a706bff9f0ee2da7b78b93
SHA512

e752ebf6fef9b255e29efb5d2f8846ddf5fb2507e3f804e6f16b5541bf8562e2517e8b406751df824a10285b5689322f6cc57f5e60eb3fba5c99b3e1f03a9508
SSDEEP

12288:QZNjmK1Lr/gWrXRtB9rue0zN9DPC7719xCXjZiRdRD9D8IjLPJpk:8NjmMrxrBr9i59DK77PxC9iRdx9D8Io

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
273a0aa607c5025bfdacbb34980b32ca_JaffaCakes118

Files

273a0aa607c5025bfdacbb34980b32ca_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2125af766f99d9a415b15332ad4982cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\etyekgaejd\efsbqou

Imports

wininet

FtpPutFileA
InternetReadFileExA
SetUrlCacheEntryInfoA
InternetConnectW
RunOnceUrlCache

gdi32

DeviceCapabilitiesExW
SetWindowExtEx
SetAbortProc
GetLogColorSpaceA
CloseFigure
SelectClipRgn
GetSystemPaletteUse
FlattenPath
GetStretchBltMode
GetEnhMetaFileBits
SetPixel
SetStretchBltMode
CreateEllipticRgn
SetMiterLimit
Rectangle
SetViewportOrgEx
CheckColorsInGamut
GetClipBox
SetPixelV
GetTextCharacterExtra

user32

CreateAcceleratorTableW
DefWindowProcW
GetWindowDC
ShowWindow
GetClipboardSequenceNumber
CopyIcon
PeekMessageA
UnpackDDElParam
CopyAcceleratorTableW
CreateDialogIndirectParamW
DdeQueryStringA
SetScrollRange
LoadCursorFromFileW
GetListBoxInfo
OemToCharBuffW
LoadIconA
MessageBoxA
DestroyWindow
CreateWindowExW
OpenIcon
CreateWindowExA
GetClientRect
RegisterClassExA
UnionRect
RegisterClipboardFormatA
MapVirtualKeyW
DefMDIChildProcA
GetMenuContextHelpId
GetUpdateRgn
SetCursorPos
RegisterHotKey
ChangeDisplaySettingsExA
DdeFreeStringHandle
DlgDirListComboBoxA
ReleaseDC
SetMessageQueue
RegisterClassA
SetWindowsHookExW
ToUnicode
FindWindowExW
BroadcastSystemMessageA

kernel32

ReadConsoleOutputA
UnlockFile
InterlockedIncrement
WideCharToMultiByte
HeapFree
ReadConsoleInputW
InterlockedDecrement
IsDebuggerPresent
GetLocaleInfoW
SetConsoleCtrlHandler
FindNextFileA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTickCount
GetPrivateProfileStringA
GetOEMCP
GetModuleHandleW
GetProcAddress
RtlUnwind
LoadLibraryA
UnmapViewOfFile
CreateMutexA
SetFileAttributesW
MapViewOfFileEx
WriteProfileStringW
LocalLock
WriteConsoleA
GetNumberFormatW
CreateMailslotW
CompareStringW
SetComputerNameA
VirtualAlloc
EnumTimeFormatsA
CreateFileA
CreateRemoteThread
lstrcpyW
FreeLibraryAndExitThread
HeapCreate
SetConsoleWindowInfo
FillConsoleOutputCharacterW
VirtualFree
FlushFileBuffers
GetConsoleCursorInfo
GetCurrentThreadId
GetCommandLineA
GetSystemTimeAsFileTime
OutputDebugStringA
GetPriorityClass
GetEnvironmentStringsA
GetTimeZoneInformation
GetConsoleMode
SetConsoleCP
GetVolumeInformationA
LocalUnlock
LeaveCriticalSection
WritePrivateProfileStringA
SetUnhandledExceptionFilter
EnterCriticalSection
TlsGetValue
SystemTimeToTzSpecificLocalTime
GlobalReAlloc
OutputDebugStringW
GetStdHandle
DeleteAtom
lstrcpyn
GetCPInfo
GetPrivateProfileSectionW
GetModuleHandleA
FindAtomW
QueryPerformanceCounter
HeapReAlloc
VirtualQuery
InterlockedExchange
SetEnvironmentVariableA
GetCurrentDirectoryW
FreeResource
TlsAlloc
FreeEnvironmentStringsA
WriteConsoleW
SetConsoleTitleW
GetEnvironmentStringsW
SetHandleCount
GetCurrentThread
ExitProcess
SetFilePointer
UnhandledExceptionFilter
CompareStringA
Sleep
GetModuleFileNameA
CreateDirectoryW
EnumSystemLocalesA
HeapAlloc
GetDateFormatA
GetTempFileNameW
GetCompressedFileSizeW
GetEnvironmentVariableW
IsBadReadPtr
FileTimeToSystemTime
LCMapStringA
LocalFlags
GetUserDefaultLCID
DeleteCriticalSection
CommConfigDialogW
GetConsoleCP
SetWaitableTimer
CopyFileA
GetEnvironmentVariableA
OpenMutexA
EnumResourceNamesW
CloseHandle
GetCurrentProcess
HeapSize
GetLocaleInfoA
SetLastError
WriteFileEx
ContinueDebugEvent
GetStartupInfoA
CreateFileMappingA
IsValidCodePage
lstrcmpiW
GetTimeFormatA
ReadConsoleA
GetLastError
FreeEnvironmentStringsW
ReadFile
InterlockedExchangeAdd
GetStringTypeA
CreateWaitableTimerA
GetCurrentProcessId
TerminateProcess
GetNamedPipeHandleStateW
SetVolumeLabelW
GetFileAttributesW
LoadLibraryExW
IsValidLocale
MultiByteToWideChar
GetACP
GetConsoleOutputCP
ConvertDefaultLocale
GlobalCompact
WaitForSingleObject
AllocConsole
TlsSetValue
TlsFree
ReleaseSemaphore
HeapDestroy
GetStringTypeW
GetFileType
SetStdHandle
FreeLibrary
WriteFile
OpenEventW
GetEnvironmentStrings

advapi32

CryptGenKey
CryptSetHashParam
StartServiceW
CryptDecrypt
LookupSecurityDescriptorPartsW
CryptVerifySignatureA
LookupPrivilegeValueA
CryptEnumProviderTypesA
RegEnumValueA
RegOpenKeyExA
RegCreateKeyA
DuplicateToken
RegRestoreKeyA
LookupAccountSidW
RegReplaceKeyW
CryptSetProviderExA
InitiateSystemShutdownW
LookupPrivilegeNameW
StartServiceA
RegQueryMultipleValuesA
RegCreateKeyW

comctl32

ImageList_GetImageRect
ImageList_LoadImageA
CreatePropertySheetPage
ImageList_DrawIndirect
ImageList_DragLeave
ImageList_SetIconSize
MakeDragList
ImageList_SetFilter
ImageList_EndDrag
ImageList_AddIcon
CreateStatusWindowW
ImageList_Destroy
ImageList_GetIconSize
DrawInsert
ImageList_Add
GetEffectiveClientRect
_TrackMouseEvent
InitCommonControlsEx

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2125af766f99d9a415b15332ad4982cf

Headers

File Characteristics

PDB Paths

Imports

wininet

gdi32

user32

kernel32

advapi32

comctl32

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 444KB - Virtual size: 442KB

.data Size: 136KB - Virtual size: 154KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 444KB - Virtual size: 442KB

.data
Size: 136KB - Virtual size: 154KB

.rsrc
Size: 44KB - Virtual size: 43KB