2e11adafb41dabba5bb4a5e6902d9544_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e11adafb41dabba5bb4a5e6902d9544_JaffaCakes118
Size

776KB
MD5

2e11adafb41dabba5bb4a5e6902d9544
SHA1

a026f1516eafed1099911482520f2e87dd97cc46
SHA256

b1120e32461173e9a66fdf97f8a61b8936cbc4a8edfa6634ce1263b4fbed6d83
SHA512

ced6c51ed9770638f1fb3c9fcd09432eb192b32374ded5f6bb488eba88c78ee6b30ac9b6fdd29f7282c6f97ad0cac6708c3a49b558c93aa1f4e36f984435ab8d
SSDEEP

12288:x02/R9V4s8eM3FT6TFP4nRf+FQ+GTJiG0KZc4yZdVnjwH2oQqcWO+anWsuBvmc:xtR9V38eDTR4nRKEJiJKZOFg2zlfsVT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e11adafb41dabba5bb4a5e6902d9544_JaffaCakes118

Files

2e11adafb41dabba5bb4a5e6902d9544_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7664e04ec7ff4695ccae493528e08ec9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoW
GetUrlCacheConfigInfoA

user32

AdjustWindowRect
PtInRect
DefWindowProcW
CreateWindowStationW
RegisterClassExW
ShowWindow
GetCaretPos
LoadImageW
InsertMenuA
ReleaseCapture
GetKBCodePage
GetKeyState
GetKeyNameTextW
MessageBoxExW
ToAscii
DragDetect
DestroyMenu
MessageBoxA
IsCharUpperA
GetWindowTextLengthW
RegisterClassExA
DrawTextW
ChangeMenuW
MenuItemFromPoint
CheckRadioButton
SetDlgItemInt
TrackMouseEvent
SetWindowRgn
CharPrevW
CreateWindowExA
ScreenToClient
ChildWindowFromPoint
CreateCaret
UnionRect
RegisterClassA
DestroyWindow

comdlg32

ReplaceTextA
GetOpenFileNameW

kernel32

CreateSemaphoreA
HeapValidate
GetCurrentDirectoryA
FreeEnvironmentStringsW
GetConsoleMode
GetThreadPriorityBoost
CompareStringW
SetConsoleScreenBufferSize
InterlockedExchange
GetDiskFreeSpaceExW
SetEnvironmentVariableW
InterlockedDecrement
ReadFileEx
GlobalAddAtomA
WriteProfileStringA
GetLocaleInfoA
WriteConsoleA
CreateFileMappingA
GetCompressedFileSizeA
CloseHandle
SetConsoleCtrlHandler
IsBadReadPtr
InterlockedIncrement
FindNextFileW
GetCurrentProcessId
GetStartupInfoA
QueryPerformanceCounter
SetLastError
lstrlenA
LocalAlloc
LockFileEx
SetTimeZoneInformation
DeleteCriticalSection
LeaveCriticalSection
CreateMutexA
VirtualQuery
EnterCriticalSection
lstrcpyW
FreeLibrary
FileTimeToLocalFileTime
GetFileAttributesExA
lstrlenW
VirtualUnlock
WriteFile
GetModuleFileNameW
GetEnvironmentStringsW
GetFileAttributesW
SetUnhandledExceptionFilter
FlushConsoleInputBuffer
FoldStringA
GetStringTypeW
FindFirstFileExW
GetLongPathNameA
GetACP
LCMapStringA
EnumCalendarInfoExA
GetCurrentThreadId
HeapFree
GetComputerNameA
GetFileType
DebugBreak
GetTimeFormatW
GetFileAttributesA
SetStdHandle
TlsFree
IsValidLocale
LoadLibraryW
OpenMutexA
LCMapStringW
HeapCreate
LoadLibraryA
UnhandledExceptionFilter
CompareStringA
LocalFree
HeapSize
lstrcmpiA
MapViewOfFileEx
lstrcpynA
GlobalLock
SetFileTime
GetProcessAffinityMask
GetStringTypeA
GetCurrentThread
GetExitCodeThread
OutputDebugStringW
DeleteFileA
GetThreadTimes
VirtualProtectEx
GetStdHandle
SetHandleCount
Sleep
RtlUnwind
GetDateFormatA
ReadConsoleInputW
MoveFileExA
lstrcpynW
GetLocaleInfoW
GetProfileStringA
GetModuleHandleA
EnumTimeFormatsW
GetCPInfo
VirtualAlloc
lstrcatW
GetPrivateProfileStructA
CreateSemaphoreW
HeapReAlloc
WriteConsoleOutputCharacterA
EnumResourceNamesA
HeapDestroy
IsValidCodePage
GetPrivateProfileSectionNamesA
FileTimeToSystemTime
SetConsoleCP
OutputDebugStringA
GetTimeFormatA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetConsoleCP
GetProcessHeap
InitializeCriticalSectionAndSpinCount
GetNumberFormatA
SetEnvironmentVariableA
ExitProcess
WaitForMultipleObjectsEx
GetProcAddress
GetShortPathNameW
SetConsoleCursorPosition
GetModuleFileNameA
WriteConsoleW
WideCharToMultiByte
TlsAlloc
GetTickCount
ReadFile
GetModuleHandleW
GetLastError
HeapAlloc
GetConsoleOutputCP
TlsSetValue
GetTimeZoneInformation
EnumSystemLocalesA
MultiByteToWideChar
GetCurrentProcess
GetOEMCP
WriteConsoleOutputA
TlsGetValue
FlushFileBuffers
GetExitCodeProcess
GetStartupInfoW
GetCommandLineW
IsDebuggerPresent
SetFilePointer
TerminateProcess
GetCommandLineA
CreateFileA
VirtualFree
EnumResourceLanguagesA
RaiseException

shell32

ExtractAssociatedIconExW
SHAppBarMessage
SHFileOperationA

gdi32

StrokePath
FrameRgn
SetArcDirection
CreateColorSpaceA
GetKerningPairs

comctl32

ImageList_Merge
ImageList_DrawEx
DrawInsert
ImageList_GetBkColor
ImageList_Replace
CreatePropertySheetPageA
ImageList_GetIcon
CreateToolbarEx
InitMUILanguage
DestroyPropertySheetPage
InitCommonControlsEx
ImageList_LoadImage
CreateStatusWindowW
ImageList_DragShowNolock
ImageList_SetFilter
ImageList_EndDrag
ImageList_Read
ImageList_GetImageRect
ImageList_SetImageCount
ImageList_DragLeave
ImageList_GetFlags
DrawStatusText

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7664e04ec7ff4695ccae493528e08ec9

Headers

File Characteristics

Imports

wininet

user32

comdlg32

kernel32

shell32

gdi32

comctl32

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 292KB - Virtual size: 289KB

.data Size: 116KB - Virtual size: 141KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 292KB - Virtual size: 289KB

.data
Size: 116KB - Virtual size: 141KB

.rsrc
Size: 64KB - Virtual size: 63KB