322e02613d83997f31eaee71440b3b5b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

322e02613d83997f31eaee71440b3b5b_JaffaCakes118
Size

527KB
MD5

322e02613d83997f31eaee71440b3b5b
SHA1

22b89271da69bad303370d0bc189d8c893cd662c
SHA256

fb6e94bbc0701268102f81175422392538a86e2be402455fd4ef414e9360a28b
SHA512

dd4330ed76c482277cdd8fb87ed5b586079d0a0044d4b4483628a91d99d6c2554b6febe5c99202d5b294938a1a1f228047ca8d55f0d847d20011e3b1ee24403f
SSDEEP

12288:gh4s6QJinwY1HXYycCwFYnvTckcogx+lVg4Bh1va6:r1HIo7E9YVg4BJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
322e02613d83997f31eaee71440b3b5b_JaffaCakes118

Files

322e02613d83997f31eaee71440b3b5b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ca98a93a24b2dec0c382a35c4198d2b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
inet_ntoa
WSACleanup
WSAStartup

urlmon

URLOpenPullStreamA
URLDownloadToCacheFileA

wininet

InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetGetCookieA
InternetSetCookieA
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle

kernel32

GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
GetModuleHandleA
lstrlenA
lstrcmpiA
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
GetModuleFileNameA
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
SetLastError
DebugBreak
OutputDebugStringA
CloseHandle
WaitForSingleObject
CreateThread
LoadLibraryA
InitializeCriticalSection
GetCurrentThreadId
HeapFree
HeapAlloc
GetProcessHeap
OpenProcess
CreateProcessW
GetCurrentProcessId
LocalFree
LocalAlloc
GetCurrentProcess
ReleaseMutex
CreateMutexA
GetVersion
ReadFile
GetFileType
SetHandleCount
GetStringTypeW
GetTimeZoneInformation
Sleep
HeapSize
HeapReAlloc
IsProcessorFeaturePresent
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA
WriteConsoleW
SetEndOfFile
CompareStringW
SetEnvironmentVariableA
CreateFileW
GetStringTypeExA
LCMapStringA
UnhandledExceptionFilter
InterlockedCompareExchange
TlsFree
LoadLibraryW
InterlockedExchange
LCMapStringW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetLocalTime
GetSystemTimeAsFileTime
RtlUnwind
EncodePointer
DecodePointer
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
SetFilePointer

user32

TranslateMessage
DispatchMessageA
EnumWindows
GetClassNameA
FindWindowExA
PostMessageA
CharUpperA
DestroyWindow
SetTimer
FindWindowA
GetWindowThreadProcessId
MessageBoxA
CharLowerA
wvsprintfA
PostThreadMessageA
LoadStringA
CharNextA
GetMessageA

advapi32

RegEnumValueA
RegQueryValueExA
DuplicateTokenEx
OpenProcessToken
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
RegEnumKeyExA
RegQueryInfoKeyW
RegSetValueExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoCreateGuid
CoInitialize
CLSIDFromProgID
CoUninitialize

oleaut32

SysAllocStringLen
SysAllocString
VariantClear
VariantInit
LoadTypeLi
LoadRegTypeLi
VarUI4FromStr
SysStringLen
SysFreeString

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rrdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ca98a93a24b2dec0c382a35c4198d2b6

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

urlmon

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 372KB - Virtual size: 372KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 9KB - Virtual size: 17KB

.rsrc Size: 23KB - Virtual size: 23KB

.rrdata Size: 60KB - Virtual size: 60KB

.text
Size: 372KB - Virtual size: 372KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 9KB - Virtual size: 17KB

.rsrc
Size: 23KB - Virtual size: 23KB

.rrdata
Size: 60KB - Virtual size: 60KB