338d33bf986592b0a66151a2ba423e0a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

338d33bf986592b0a66151a2ba423e0a_JaffaCakes118
Size

363KB
MD5

338d33bf986592b0a66151a2ba423e0a
SHA1

62a7424dfe327a337c8812867005070e0a856874
SHA256

eea0bea0f726007ec835e1da5fe06259b210082cc8d307a470f6d928f32336ae
SHA512

f3813e37f32d320fa676ee5cd9b3c66e13f302835a4299d41be6ccca926725c7a7f2b754284ba1e121049ea6a8593bb5cea9bc4878f2c9975deca28e5bafc7c3
SSDEEP

6144:VfH1WHucvmi3krQw66XvrxXW8C2SSNP8XfyvC45DAV1ywoE:Vf0mjrf22PVu/gDAVzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338d33bf986592b0a66151a2ba423e0a_JaffaCakes118

Files

338d33bf986592b0a66151a2ba423e0a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dabb559eca9d1f6a2ff3aa3dec8625e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DlgDirSelectExW
CharPrevA
OemKeyScan
GetIconInfo
DdeNameService
DestroyWindow
RegisterClassExA
DrawFocusRect
GetSubMenu
CreateWindowExA
MapDialogRect
RegisterClassA
GetMenuItemRect
MessageBoxA
ShowWindow
ClipCursor
ShowCursor
CharUpperBuffW
DeferWindowPos
DefMDIChildProcW
DdeGetData
GetShellWindow
SetUserObjectSecurity
DefWindowProcW
IsWindow
DdeCreateStringHandleA
EnumDisplayMonitors
LoadAcceleratorsA
GetSystemMetrics

wininet

HttpAddRequestHeadersA
ShowCertificate
GetUrlCacheConfigInfoA
InternetFortezzaCommand
GopherCreateLocatorA
FindFirstUrlCacheEntryA
InternetGetConnectedStateExA

advapi32

CryptAcquireContextW
RegOpenKeyExA
RegCreateKeyA
RegQueryValueExW
CryptGetKeyParam
RegQueryValueExA
RegDeleteValueA
RegSaveKeyA
RegEnumKeyA
RegEnumValueA
RegQueryInfoKeyW
CreateServiceA
RegOpenKeyExW
RegNotifyChangeKeyValue
RegSetValueExW
RegOpenKeyA
DuplicateToken
CryptEncrypt
RegReplaceKeyA
CryptSetHashParam
RegQueryInfoKeyA
RegSetValueW
LookupPrivilegeNameW
LogonUserA
CryptEnumProvidersA

kernel32

VirtualQuery
TlsAlloc
GetOEMCP
CreateDirectoryA
CloseHandle
VirtualFree
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetUserDefaultLCID
GetLocaleInfoA
GetStringTypeA
GetStartupInfoW
HeapFree
GetLastError
SetEnvironmentVariableA
GetModuleFileNameA
WriteFile
GetCurrentThread
EnumSystemLocalesA
GetEnvironmentStrings
TlsSetValue
DeleteCriticalSection
GetStdHandle
ExitProcess
GetFileType
QueryPerformanceCounter
GetTickCount
ReadFile
FreeEnvironmentStringsA
GetProcAddress
GetCurrentProcessId
TlsGetValue
GlobalFindAtomA
FindNextFileA
GetACP
GetTimeFormatA
TerminateProcess
SetStdHandle
HeapDestroy
LoadLibraryA
FreeEnvironmentStringsW
GetTimeZoneInformation
IsValidCodePage
GetCommandLineA
GetCurrentThreadId
OutputDebugStringW
SetLastError
HeapCreate
GetModuleHandleA
CompareStringW
LCMapStringA
GetLocaleInfoW
GetCPInfo
GetSystemTimeAsFileTime
FlushFileBuffers
GetModuleFileNameW
GetStartupInfoA
GetEnvironmentStringsW
HeapSize
GetStringTypeW
TlsFree
EnterCriticalSection
UnhandledExceptionFilter
InterlockedExchange
CompareStringA
VirtualProtect
GetCommandLineW
GetCurrentProcess
GetSystemInfo
IsValidLocale
VirtualAlloc
InitializeCriticalSection
GetDateFormatA
SetHandleCount
CreateMutexA
GetVersionExA
SetFilePointer
OpenMutexA
CreateSemaphoreW
LeaveCriticalSection
HeapReAlloc
RtlUnwind
HeapAlloc
IsBadWritePtr

gdi32

CreateSolidBrush
GetDIBits
GetFontLanguageInfo
ChoosePixelFormat
GetPolyFillMode
CreateDCA
SetBkColor
ColorMatchToTarget
GetObjectW
CancelDC
CreateEllipticRgn
CreateScalableFontResourceW
CloseEnhMetaFile
GetNearestPaletteIndex
MoveToEx
GetDeviceCaps
DeleteDC
SetLayout
SetPaletteEntries
SelectObject
GetEnhMetaFilePaletteEntries

shell32

RealShellExecuteW
SHChangeNotify
DragFinish

comctl32

ImageList_SetOverlayImage
CreateToolbarEx
ImageList_DrawIndirect
ImageList_EndDrag
DrawInsert
InitCommonControlsEx

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dabb559eca9d1f6a2ff3aa3dec8625e1

Headers

File Characteristics

Imports

user32

wininet

advapi32

kernel32

gdi32

shell32

comctl32

Sections

.text Size: 131KB - Virtual size: 130KB

.rdata Size: 58KB - Virtual size: 65KB

.data Size: 91KB - Virtual size: 90KB

.rsrc Size: 82KB - Virtual size: 81KB

.text
Size: 131KB - Virtual size: 130KB

.rdata
Size: 58KB - Virtual size: 65KB

.data
Size: 91KB - Virtual size: 90KB

.rsrc
Size: 82KB - Virtual size: 81KB