280feb31cc0717d217fe627720cc1499_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

280feb31cc0717d217fe627720cc1499_JaffaCakes118
Size

184KB
MD5

280feb31cc0717d217fe627720cc1499
SHA1

9793dde99173b38d00e77875ee7b3e2678846b20
SHA256

da7b62688000d444c691fe856eea2c976ce67b887940da19c5104aa8ce9fd69d
SHA512

dcc9f84804ce81cae2449587380ab72d0e95493716dea75fb8b1106add99869aae4f5dfe78fec196778dea47d558ae3a05c3c531f0c14c47c210fe665e6578f0
SSDEEP

1536:ai8xjgOM2quFeRvvs+8YwlPVCxDk8m89ToAFUtNeGqteroetR9tRG5REQRGq4tut:ai8BRF6x8RPVbOeAFgatehRTv+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
280feb31cc0717d217fe627720cc1499_JaffaCakes118

Files

280feb31cc0717d217fe627720cc1499_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f268d37511e01860bc167968b71aa3ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
StrFormatByteSizeA

comctl32

InitCommonControlsEx

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

kernel32

SystemTimeToFileTime
LockResource
GetTempPathA
lstrcpynA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
GetThreadLocale
FindFirstFileA
SetThreadLocale
CreateFileA
lstrcmpiA
FindClose
WriteFile
CloseHandle
GetVersionExA
MultiByteToWideChar
lstrlenA
lstrcmpA
Sleep
FindNextFileA
RemoveDirectoryA
CreateProcessA
OutputDebugStringA
CreateDirectoryA
WaitForSingleObject
CopyFileA
GetExitCodeProcess
DeleteFileA
FormatMessageA
SetFilePointer
LocalFree
FlushFileBuffers
GetSystemTime
CreateThread
ReadFile
SetFileTime
GetFileType
GetCurrentDirectoryA
DosDateTimeToFileTime
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
lstrcpyA
LoadResource
GetTimeZoneInformation
RtlUnwind
InitializeCriticalSection
GetCurrentThreadId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
ExitProcess
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCommandLineA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetProcAddress
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
FindResourceA
CreateMutexA
GetLastError
GetConsoleCP
GetCurrentProcess
LoadLibraryA
lstrcatA
GetWindowsDirectoryA
GetTickCount
WriteConsoleW
CompareStringA
CompareStringW
SetLastError
HeapAlloc
GetSystemTimeAsFileTime
GetConsoleMode
SetEnvironmentVariableA
GetProcessHeap
GetStartupInfoA
RaiseException
GetCPInfo
HeapFree

user32

DestroyIcon
RegisterWindowMessageA
wsprintfA
SetDlgItemTextA
SendMessageA
MessageBoxA
CreateDialogParamA
KillTimer
GetSystemMetrics
GetClientRect
DefWindowProcA
PostQuitMessage
WaitForInputIdle
ShowWindow
SendMessageTimeoutA
DestroyWindow
SetWindowTextA
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
UpdateWindow
CreateWindowExA
RegisterClassExA
SetForegroundWindow
MoveWindow
LoadIconA
DialogBoxParamA
FindWindowA
LoadImageA
LoadStringA
CharUpperA
GetUserObjectInformationA
GetThreadDesktop
LoadCursorA
GetWindowLongA
GetParent
PostMessageA
GetDlgItem

gdi32

CreateSolidBrush

advapi32

RegCloseKey
RegDeleteKeyA
RegQueryValueExA
RegFlushKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoCreateGuid
CoInitialize
CoUninitialize
CoCreateInstance

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f268d37511e01860bc167968b71aa3ed

Headers

File Characteristics

Imports

shlwapi

comctl32

urlmon

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 23KB

.rsrc Size: 76KB - Virtual size: 72KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 23KB

.rsrc
Size: 76KB - Virtual size: 72KB