3311f2500034e7c60f83f55045c3d1b3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3311f2500034e7c60f83f55045c3d1b3_JaffaCakes118
Size

580KB
MD5

3311f2500034e7c60f83f55045c3d1b3
SHA1

155c8be63d436dde48ab5b0eb84a1de11948878b
SHA256

c44296f14c0c2fefb32e6acc11dfff6fc461079eba7261c6bc2679d9daa39bc5
SHA512

f9ccc6eb8e69474d57b3f7988bebc31d21d2b5d21b09a46cc0cc8840780a01e79cf293d7013ddc48deeaa42dd0fa7bf1bab5640fe3ff2a4362a316daaa70754a
SSDEEP

12288:+mYyt7qUZQGOKCLF5yXxCoMpoE9KhxzSh1iL/Uyi4M:+7yNqUZQGO5/GxLCKjSTyi4M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3311f2500034e7c60f83f55045c3d1b3_JaffaCakes118

Files

3311f2500034e7c60f83f55045c3d1b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aceb0658964c734a49e00dc58de3d5d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\thmks\unalmqtniz.pdb

Imports

wininet

InternetCrackUrlA
InternetSetOptionExA
FindNextUrlCacheEntryA
LoadUrlCacheContent
InternetReadFileExA

user32

SendIMEMessageExA
GetTopWindow
MessageBoxW
GetMessageTime
RegisterClassExA
MonitorFromRect
GetDesktopWindow
LoadStringW
DdeQueryNextServer
CreateCursor
DdeConnectList
ShowScrollBar
ShowWindow
TabbedTextOutW
EnumWindows
CreateDesktopA
DdeInitializeW
GetSystemMenu
RegisterClassA
OpenWindowStationA
TrackPopupMenuEx
DestroyWindow
LoadBitmapA
EnumDisplaySettingsW
CreateWindowExA
DialogBoxParamW
DefWindowProcA
DestroyIcon

comctl32

ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_Merge
ImageList_GetDragImage
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Read
ImageList_SetFilter
ImageList_EndDrag
ImageList_GetImageCount
ImageList_DragEnter
GetEffectiveClientRect
CreateToolbar
InitMUILanguage
DrawStatusText
ImageList_LoadImageA
ImageList_Write
InitCommonControlsEx
ImageList_GetImageRect
CreatePropertySheetPageA

kernel32

GetStartupInfoW
CloseHandle
TlsGetValue
GetCurrentThread
SetConsoleCtrlHandler
CompareStringA
HeapCreate
UnhandledExceptionFilter
FlushViewOfFile
lstrcpyA
GetCommandLineW
OpenSemaphoreW
HeapReAlloc
DeleteCriticalSection
InterlockedExchange
SetEnvironmentVariableA
SetFilePointer
GetCommandLineA
GetCurrentProcess
OpenFileMappingW
FreeEnvironmentStringsW
VirtualQuery
VirtualAlloc
CreateMutexA
ReadFile
GetFileType
GetSystemTime
GetStartupInfoA
HeapDestroy
GetStdHandle
GetModuleHandleA
GetLocalTime
InterlockedDecrement
WriteFile
SetStdHandle
LCMapStringW
GetStringTypeW
MultiByteToWideChar
GetTickCount
LoadLibraryA
SetLastError
RtlUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentThreadId
IsBadWritePtr
LCMapStringA
TlsFree
InterlockedIncrement
GetProcAddress
GetCPInfo
VirtualFree
VirtualFreeEx
GetSystemTimeAsFileTime
HeapAlloc
ExitProcess
TlsSetValue
GetTimeZoneInformation
SetHandleCount
TerminateProcess
TlsAlloc
GetModuleFileNameW
HeapFree
ReadConsoleA
EnterCriticalSection
GetModuleFileNameA
GetCalendarInfoA
GetStringTypeA
FlushFileBuffers
GetVersion
QueryPerformanceCounter
GetEnvironmentStringsW
OpenMutexA
CompareStringW
GetCurrentProcessId
WideCharToMultiByte
LeaveCriticalSection
GetLastError
InitializeCriticalSection

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aceb0658964c734a49e00dc58de3d5d2

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

comctl32

kernel32

Sections

.text Size: 144KB - Virtual size: 143KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 64KB - Virtual size: 62KB

.text
Size: 144KB - Virtual size: 143KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 64KB - Virtual size: 62KB