2da647949934836938614d2a7e475eae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2da647949934836938614d2a7e475eae_JaffaCakes118
Size

132KB
MD5

2da647949934836938614d2a7e475eae
SHA1

ba8525f0d4e5317406e24d8ed6f94adf1accea4a
SHA256

ec56932fb0193bb30a3b28dd66cc98cd8fb25c3fb2984d542969d053b670bdf5
SHA512

e6e7ea8d4d45809f0dccadf804c1a9402530d245f500fd9d95b4a6fb4aca0926e3c1768d26d72eb883e01ba7b67998bcbe029c0d7feba7b3fb2a6c428e51f130
SSDEEP

3072:CzMjvM0y44M37AQZIWA+4mbfVwlDDzxpD:SCv244MUeIWHtGDzxp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2da647949934836938614d2a7e475eae_JaffaCakes118

Files

2da647949934836938614d2a7e475eae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e56263e8bc88af18ebeadcdbaa34dd81

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileW

kernel32

SetStdHandle
GetFileType
HeapSize
HeapReAlloc
TerminateProcess
GetTimeZoneInformation
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineA
SetHandleCount
GetStdHandle
GetStartupInfoA
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
RaiseException
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
Sleep
GetCurrentThreadId
lstrcmpiW
GetCommandLineW
lstrlenW
GetModuleFileNameW
GetLastError
CloseHandle
GetCurrentProcess
GetCurrentThread
SetFileAttributesW
GetSystemDirectoryW
GetWindowsDirectoryW
WaitForSingleObject
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
CreateEventW
SetLastError
lstrcpynW
InterlockedIncrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
LocalFree
GetProcAddress
GetModuleHandleW
lstrcpyW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
lstrcatW
ExitThread
CreateThread
ExitProcess
GetStartupInfoW
HeapAlloc
HeapFree
RtlUnwind
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
GlobalFlags
lstrcmpW
GetFileTime
GetFileSize
GetFileAttributesW
InterlockedDecrement
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
DuplicateHandle
GetProcessVersion
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetModuleHandleA
LoadLibraryA
FreeLibrary
CompareStringA

user32

GetSysColorBrush
ReleaseDC
GetDC
CharUpperW
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
LoadIconW
PostMessageW
MapWindowPoints
GetSysColor
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
EnableWindow
GetTopWindow
GetCapture
LoadCursorW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
CreateWindowExW
SetPropW
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
GetWindowLongW
SetWindowLongW
SetWindowPos
IsWindowEnabled
ShowWindow
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapW
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
TranslateMessage
GetActiveWindow
SendMessageW
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
MessageBoxW
LoadStringW
GetMessageW
DispatchMessageW
PostThreadMessageW
CharNextW
WinHelpW
SetWindowTextW
GetClassInfoW
DefWindowProcW
DestroyWindow

gdi32

CreateBitmap
GetClipBox
SetTextColor
SetBkColor
GetObjectW
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

DeleteService
OpenServiceW
OpenSCManagerW
RegCreateKeyExW
GetTokenInformation
OpenThreadToken
OpenProcessToken
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetLengthSid
CopySid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
StartServiceCtrlDispatcherW
ControlService
DeregisterEventSource
CreateServiceW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegQueryValueExW
SetServiceStatus
RegisterServiceCtrlHandlerW
RegisterEventSourceW
ReportEventW
CloseServiceHandle

comctl32

ord17

atl

ord17
ord18
ord23
ord57
ord16
ord20

ole32

CoUninitialize
CoInitializeSecurity
CoInitialize

wininet

DeleteUrlCacheEntryW

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e56263e8bc88af18ebeadcdbaa34dd81

Headers

File Characteristics

Imports

urlmon

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

atl

ole32

wininet

Sections

.text Size: 88KB - Virtual size: 84KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 88KB - Virtual size: 84KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 2KB