2ae68c6cf38ef2f79ec7855259937684_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ae68c6cf38ef2f79ec7855259937684_JaffaCakes118
Size

200KB
MD5

2ae68c6cf38ef2f79ec7855259937684
SHA1

327fb154d165c83adac22b0d806bd17be4d3ad16
SHA256

88a9693a1715db5f907f3aa00d560988d784b88c2c78dd3cdddd8ceb97decdb6
SHA512

74eb2a47f5e0870400567a9ec901b587650bf1c01af423e2441225fde4903caca14899a7914b50a6ba1b77e20552042ec56e99a346c1d10bfd5e21024981a53d
SSDEEP

3072:oPOowW+MUvA9bbqeandyewfCBNIvnBou0wp3AM0IS7obDGUA0:gGkbbqxnEe3NonX38e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae68c6cf38ef2f79ec7855259937684_JaffaCakes118

Files

2ae68c6cf38ef2f79ec7855259937684_JaffaCakes118
.exe windows:4 windows x86 arch:x86

452807465bee17739e20eede30b28a51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
lstrcatA
GetVersion
GetCurrentThreadId
lstrcmpA
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RtlUnwind
RaiseException
HeapAlloc
GetLogicalDrives
HeapFree
GetStartupInfoA
GlobalReAlloc
ExitProcess
GetACP
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
TerminateProcess
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LocalAlloc
FreeLibrary
EnterCriticalSection
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
lstrcpyA
LoadLibraryA
GetProcAddress
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
FormatMessageA
LocalFree
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
lstrcpynA
SetLastError
MultiByteToWideChar
CreateDirectoryA
GetEnvironmentVariableA
CreateMutexA
SetFileAttributesA
GetComputerNameA
TerminateThread
GetExitCodeThread
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVersionExA
RemoveDirectoryA
DeleteFileA
WinExec
CreateProcessA
WaitForSingleObject
WaitForMultipleObjects
GetDiskFreeSpaceA
CreateThread
GetDriveTypeA
GetCurrentDirectoryA
GetFileAttributesA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
Sleep
FindNextFileA
GetLastError
FindClose
GetModuleFileNameA
SetCurrentDirectoryA
WriteFile
lstrlenA
ReadFile
CreateFileA
GetFileSize
GetCommandLineA
CloseHandle

user32

GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetClientRect
CopyRect
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
RegisterClassExA
CharUpperA
GetSystemMetrics
SetWindowsHookExA
LoadStringA
UnhookWindowsHookEx
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
SetFocus
AdjustWindowRectEx
MessageBoxA
EnableWindow
GetCapture

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetStockObject
DeleteObject
SelectObject
RestoreDC
SaveDC
CreateSolidBrush
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteDC

comdlg32

GetFileTitleA
GetOpenFileNameA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetFileInfoA
ShellExecuteExA

comctl32

ord17

ws2_32

WSASocketA
inet_ntoa
gethostbyaddr
WSAConnect
inet_addr
gethostbyname
WSACleanup
WSAStartup
recv
accept
send
closesocket
htons
htonl
socket
bind
WSAAsyncSelect
connect
ioctlsocket
listen
getsockname

shlwapi

StrTrimA
PathFileExistsA

wininet

InternetGetLastResponseInfoA
HttpSendRequestExA
HttpEndRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetGetConnectedState
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA

Sections

.text
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

452807465bee17739e20eede30b28a51

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ws2_32

shlwapi

wininet

Sections

.text Size: 144KB - Virtual size: 142KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 24KB - Virtual size: 41KB

.text
Size: 144KB - Virtual size: 142KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 24KB - Virtual size: 41KB