32f6e8647cee834f8b8629f2c1e68ebf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

32f6e8647cee834f8b8629f2c1e68ebf_JaffaCakes118
Size

128KB
MD5

32f6e8647cee834f8b8629f2c1e68ebf
SHA1

527d144f05fba1f8a1942fb7927203d34803aaab
SHA256

7bcecd22fe00a9d43da3ef1d9b7f6be69e025938e235c251540f0e31d2ff09b0
SHA512

f2a8e275e0ace2e124d354bf9dccc74220e4b5146d23dfe99246a657432a1ce8a1cd2ee4df6ae42777c7aa6dc2d87228604bf2df99c8100183b8c991888a67c4
SSDEEP

3072:kWNq3xLq6hh0xFSDu/E+yOFoFuSTyVFwoLlJ:ky6hh0LSCT610b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32f6e8647cee834f8b8629f2c1e68ebf_JaffaCakes118

Files

32f6e8647cee834f8b8629f2c1e68ebf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2792e8db7f8c01cf7c589455819663ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
WaitForSingleObject
GetFileAttributesA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetWindowsDirectoryA
GetStartupInfoA
GetSystemDirectoryA
lstrlenA
WinExec
CreateThread
CloseHandle
LocalFree
FreeLibrary
LoadLibraryA
GetProcAddress
InitializeCriticalSection
GetModuleFileNameA
DeleteCriticalSection
GetLastError
TerminateProcess
GetPrivateProfileStringA
CreateProcessA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
DuplicateHandle
GetCurrentProcess
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
lstrcpyA
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
lstrcmpiA
GetFileTime
FormatMessageA
EnterCriticalSection
LocalAlloc
LeaveCriticalSection
SetLastError
GlobalUnlock
GlobalLock
lstrcatA
lstrcmpA
GetVersion
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
ResumeThread
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
ExitThread
RaiseException
GetCommandLineA
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetACP
HeapAlloc
HeapFree
SetStdHandle
GetFileType
HeapReAlloc
HeapSize
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
Sleep
GlobalAlloc
GlobalFree
DeleteFileA
FindFirstFileA
FindClose

user32

GetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
ClientToScreen
AdjustWindowRectEx
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
TabbedTextOutA
DrawTextA
GrayStringA
GetNextDlgTabItem
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
PostQuitMessage
DestroyMenu
GetWindowTextA
GetSystemMetrics
CharUpperA
GetWindow
GetWindowRect
PtInRect
GetClassNameA
GetMenuItemCount
GetSubMenu
GetMenuState
GetMenuItemID
GetLastActivePopup
SendMessageA
MessageBoxA
UnhookWindowsHookEx
LoadStringA
GetParent
SetFocus
EnableWindow
IsWindowEnabled
SetWindowPos
SetWindowLongA
GetDlgCtrlID
SetWindowTextA
GetDlgItem
GetClientRect
PostThreadMessageA
GetWindowLongA
DispatchMessageA
PeekMessageA
RedrawWindow

advapi32

SetServiceStatus
RegOpenKeyExA
RegCloseKey
RegSetValueExA
StartServiceCtrlDispatcherA
CreateServiceA
DeleteService
RegisterServiceCtrlHandlerA
OpenSCManagerA
OpenServiceA
CloseServiceHandle

comctl32

ord17

urlmon

URLDownloadToFileA

wininet

InternetSetOptionExA
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetLastResponseInfoA
InternetSetFilePointer
InternetWriteFile
HttpQueryInfoA
InternetReadFile
InternetQueryDataAvailable
InternetSetStatusCallback

ws2_32

setsockopt
inet_addr
connect
closesocket
WSAStartup
gethostbyname
WSACleanup
socket
htons

gdi32

SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
CreateBitmap
Escape
ExtTextOutA
GetStockObject
SelectObject
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
DeleteObject
GetDeviceCaps
DeleteDC
TextOutA
RectVisible
PtVisible

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2792e8db7f8c01cf7c589455819663ae

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

urlmon

wininet

ws2_32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 27KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 27KB