32515a1395cc9c129f9099601ebd4403_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32515a1395cc9c129f9099601ebd4403_JaffaCakes118
Size

412KB
MD5

32515a1395cc9c129f9099601ebd4403
SHA1

30541ba6a1fc02f884186bb1f012d311a5e383d3
SHA256

7b51c908b9dbde92e4925e181648994302383cdbc3e7cbdecb02a43de36c7799
SHA512

0a4c5260c609793a122d2df1faa59ddcd2177f3ba2b50b1b5ec7265fd5237359f7bcd218a7dc84f4f7c7b35a97bd253a03e7028af58b1c2cfbb043aab80f27fc
SSDEEP

12288:0N5WlNUU1mGejpize1uAmqUk/LSJ8mgNwEGSxl:08UNGejpize1UBkzSmmgNHGw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32515a1395cc9c129f9099601ebd4403_JaffaCakes118

Files

32515a1395cc9c129f9099601ebd4403_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4f69aba2c6166c218c4d4e260e16081

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectClipRgn
Pie
CreateFontA
ExtCreatePen
EndPage
GetDCOrgEx
CreateDIBPatternBrushPt
EndPath
SwapBuffers
InvertRgn
PlayMetaFileRecord

comdlg32

FindTextW
ChooseColorW
PrintDlgA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleW
PageSetupDlgW
ChooseColorA
GetSaveFileNameW
GetFileTitleA
ReplaceTextA
FindTextA
PrintDlgW
LoadAlterBitmap
ChooseFontA
ReplaceTextW
GetOpenFileNameW

wininet

SetUrlCacheGroupAttributeA
InternetOpenUrlW
SetUrlCacheHeaderData
FtpRenameFileA
HttpAddRequestHeadersW
InternetGetLastResponseInfoA
GopherOpenFileA
InternetCreateUrlW
FtpSetCurrentDirectoryW
FtpOpenFileA
InternetOpenUrlA
SetUrlCacheEntryGroupA
InternetGetConnectedStateExW
ShowClientAuthCerts
CommitUrlCacheEntryA
RetrieveUrlCacheEntryStreamW
InternetFortezzaCommand
ShowX509EncodedCertificate
InternetQueryFortezzaStatus
CreateUrlCacheEntryA

user32

ReleaseCapture
IsCharAlphaNumericA
GetMenuItemInfoW
DrawTextExW
DlgDirSelectExW
SwitchDesktop
DragDetect
GetMenuState
SetClipboardViewer
TranslateAcceleratorW
GetDialogBaseUnits
CreateMenu
TranslateAcceleratorA
OemToCharW
GetKeyboardLayoutNameW
SetWindowPlacement
GetKeyboardState
GetAltTabInfo
GetClassLongA
KillTimer

kernel32

GetTimeZoneInformation
GetStartupInfoA
RtlUnwind
GetProcessHeap
TerminateProcess
VirtualFree
lstrcmpi
GetConsoleOutputCP
SetLastError
TlsSetValue
MultiByteToWideChar
OpenProcess
GetCommandLineA
CompareStringW
VirtualAlloc
GetLocaleInfoA
GetCPInfo
SetEnvironmentVariableA
GetCurrentProcess
HeapLock
GetMailslotInfo
GetOEMCP
EnterCriticalSection
GetFileType
GlobalUnfix
HeapSize
GetLocaleInfoW
GetVersionExA
GetStringTypeW
VirtualQuery
EnumSystemLocalesA
GetModuleFileNameA
LCMapStringW
GetSystemInfo
HeapAlloc
GetStdHandle
FoldStringA
WideCharToMultiByte
GetStringTypeA
GetTimeFormatA
CompareStringA
GetTickCount
VirtualFreeEx
SetHandleCount
lstrcmpiW
LeaveCriticalSection
WritePrivateProfileStringA
FlushInstructionCache
GetSystemTimeAsFileTime
WriteFile
IsValidLocale
HeapFree
GetUserDefaultLCID
GetModuleFileNameW
HeapCreate
TlsGetValue
IsValidCodePage
GetCurrentThread
GetLastError
DeleteCriticalSection
GetDateFormatA
LCMapStringA
IsBadWritePtr
FreeEnvironmentStringsA
GetCommandLineW
VirtualProtect
UnhandledExceptionFilter
GetCurrentThreadId
GetCurrentProcessId
TlsFree
GetEnvironmentStrings
GetProcAddress
CreateWaitableTimerW
QueryPerformanceCounter
GetModuleHandleA
GetACP
GetEnvironmentStringsW
LoadLibraryA
InitializeCriticalSection
TlsAlloc
FreeEnvironmentStringsW
CreateNamedPipeW
InterlockedExchange
ExitProcess
HeapReAlloc
HeapDestroy
WaitNamedPipeA
GetProfileIntA
GetStartupInfoW

advapi32

RegDeleteValueA
RegQueryMultipleValuesW
RegCloseKey
RegCreateKeyExA

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4f69aba2c6166c218c4d4e260e16081

Headers

File Characteristics

Imports

gdi32

comdlg32

wininet

user32

kernel32

advapi32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 273KB - Virtual size: 272KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 273KB - Virtual size: 272KB

.rsrc
Size: 6KB - Virtual size: 5KB