2ae9ac85c0eb483463677bd1e2ce0060_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae9ac85c0eb483463677bd1e2ce0060_JaffaCakes118
Size

199KB
MD5

2ae9ac85c0eb483463677bd1e2ce0060
SHA1

7b71c8c3c43260f4862eddd94d9c55bf950ca268
SHA256

479405b5890df6a2f40ce026078b5a24560104b18ae6ef9a51783466fe656f93
SHA512

17e06e434a48bc4f32e02f8297b29d95f0f77341ade756a84cbba28cef34dc7279f5a9aa498e9b55a7231981aa10ae94c1bb3bef57f059a067ffdd4ab603facd
SSDEEP

3072:yzGgVyhEmoMNL/ClUlJbCpqXId9LjzJxNKLBqNdMaTWHRoKjy0U56pP:lgbVMNLbl9CpWId9LjzJxILCfTWxY0rp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae9ac85c0eb483463677bd1e2ce0060_JaffaCakes118

Files

2ae9ac85c0eb483463677bd1e2ce0060_JaffaCakes118
.exe windows:5 windows x86 arch:x86

05f003e3a6f8526a37c183995c7f9f4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
SHSetValueW
PathAppendW
SHGetValueW
PathFileExistsW

wininet

HttpSendRequestW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetOpenW
InternetConnectW

advapi32

RegEnumValueW
QueryServiceStatus
RegSetValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegCloseKey
CloseServiceHandle
OpenSCManagerW
OpenServiceW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
StartServiceW
RegOpenKeyExW

kernel32

TlsFree
InterlockedDecrement
InterlockedIncrement
CompareStringW
GetVersionExA
LoadLibraryA
GlobalFindAtomW
GlobalFlags
WritePrivateProfileStringW
GetModuleHandleA
SetErrorMode
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
HeapAlloc
ExitProcess
GetFileType
HeapReAlloc
RtlUnwind
RaiseException
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
VirtualAlloc
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
DeleteCriticalSection
GetProcessHeap
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
SetEnvironmentVariableA
ReadFile
CreateFileW
CloseHandle
LoadLibraryW
CreateMutexW
CreateProcessW
CreateDirectoryW
WaitForSingleObject
GetTickCount
WideCharToMultiByte
Sleep
GetModuleFileNameW
MultiByteToWideChar
GetLastError
SetLastError
Process32NextW
CreateThread
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
LocalFree
FormatMessageW
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
GetProcAddress
GetModuleHandleW
GetConsoleMode
FreeLibrary
lstrcmpW
InterlockedExchange
CompareStringA
GetLocaleInfoW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
GetCurrentProcessId
GlobalAddAtomW
WriteFile
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
FileTimeToSystemTime
lstrlenA
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetFilePointer
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers

user32

DestroyMenu
UnregisterClassW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
ShowWindow
SetWindowTextW
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
MessageBoxW
GetSubMenu
GetMenuItemCount
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
LoadCursorW
GetDC
GetMenuItemID
GetMenuState
CheckMenuItem
EnableMenuItem
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
PostQuitMessage
PostMessageW
SetCursor
EnableWindow
IsWindowEnabled
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
GetWindowTextW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
CharUpperW
GetSystemMetrics
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup

gdi32

GetClipBox
CreateBitmap
SetTextColor
SetBkColor
DeleteObject
SaveDC
RestoreDC
SetMapMode
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

shell32

SHGetSpecialFolderPathW
ShellExecuteW

oleaut32

VariantInit
VariantClear
VariantChangeType

urlmon

URLDownloadToFileW

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05f003e3a6f8526a37c183995c7f9f4c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

wininet

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

oleaut32

urlmon

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 12KB - Virtual size: 29KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 12KB - Virtual size: 29KB

.rsrc
Size: 512B - Virtual size: 436B