3b1ee4810ed7985b86762c217678892d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b1ee4810ed7985b86762c217678892d_JaffaCakes118
Size

296KB
MD5

3b1ee4810ed7985b86762c217678892d
SHA1

8ee4d48ea83f9736f2ae8952ffe50ba0bf3ab6b5
SHA256

cdc0ecf4965150356ef5e76a623f181dff40cb07586193437407d496fdfaecbf
SHA512

b4ec9aec4a3d9f76f39889e461bcf7d13304b5c4033516dc80a3d6f9aa4496bb076b095e25def8ace2f57556169b4dd1c2d6176d284230a78cc03ec764a3b280
SSDEEP

6144:CZbM3WmAqPAJ+FwHVMeC9+2hhZ6crOn56CeuURw:SgmvqPO+FwC1Nm56Ceu0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b1ee4810ed7985b86762c217678892d_JaffaCakes118

Files

3b1ee4810ed7985b86762c217678892d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

33fff1fb9138ec6501bde2176b6464ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ShowX509EncodedCertificate
GopherGetLocatorTypeA
CommitUrlCacheEntryA
SetUrlCacheGroupAttributeW
InternetWriteFile
InternetOpenUrlA
IsUrlCacheEntryExpiredW
GetUrlCacheGroupAttributeA

shell32

ExtractAssociatedIconW
ExtractIconExA
SHEmptyRecycleBinA

kernel32

WriteConsoleW
GetFileType
GetTickCount
EnumSystemLocalesA
GetEnvironmentStringsW
GetConsoleTitleW
GetModuleHandleA
GetCommandLineW
FindResourceW
HeapSize
HeapAlloc
GetProfileSectionA
SetLastError
GetCommandLineA
IsDebuggerPresent
FlushFileBuffers
GetACP
GetModuleFileNameW
TlsAlloc
SetEnvironmentVariableA
GetOEMCP
RtlUnwind
FreeLibrary
FindNextFileA
SetCurrentDirectoryW
GetConsoleMode
RaiseException
InterlockedDecrement
ExitProcess
SetHandleCount
DeleteCriticalSection
HeapFree
SetFilePointer
GetStartupInfoW
GetStdHandle
FreeEnvironmentStringsW
CreateEventW
WriteFile
CreateEventA
DebugActiveProcess
CloseHandle
LCMapStringW
GetCurrentProcessId
WritePrivateProfileStringA
LCMapStringA
GetTimeZoneInformation
GetCurrencyFormatW
LoadLibraryA
WriteConsoleA
GetUserDefaultLangID
WideCharToMultiByte
GetCalendarInfoW
DeleteFileW
GetEnvironmentStrings
InterlockedExchange
CreateMutexA
GetCurrentProcess
GetDiskFreeSpaceExW
GetUserDefaultLCID
ReadFile
GetDateFormatA
CreateFileA
TlsSetValue
GetCurrentThreadId
GlobalAlloc
GetConsoleCP
InitializeCriticalSection
InterlockedIncrement
QueryPerformanceCounter
HeapReAlloc
SetVolumeLabelW
TlsFree
GetLocaleInfoA
HeapCreate
FreeResource
IsValidCodePage
GetProcessHeap
CompareStringA
VirtualAlloc
lstrlenW
DeleteFiber
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetThreadTimes
CompareStringW
GetStringTypeW
LeaveCriticalSection
VirtualQuery
TerminateProcess
MultiByteToWideChar
GetCPInfo
GetLastError
SetStdHandle
GetSystemTimeAsFileTime
GetTimeFormatA
OpenMutexA
GetVersionExA
GlobalAddAtomA
SetConsoleMode
GetProcAddress
HeapDestroy
GetStringTypeA
GetLocaleInfoW
GetCurrentThread
GetConsoleOutputCP
TlsGetValue
UnhandledExceptionFilter
Sleep
SetUnhandledExceptionFilter
IsValidLocale
SetConsoleCtrlHandler
EnterCriticalSection
VirtualFree
WritePrivateProfileSectionW
RemoveDirectoryW
GetTempPathW

comctl32

DrawStatusText
InitCommonControlsEx
ImageList_DragEnter
ImageList_DragMove
ImageList_Duplicate
ImageList_AddMasked
ImageList_GetImageCount
ImageList_EndDrag
ImageList_Add
ImageList_GetBkColor
ImageList_BeginDrag
CreateToolbarEx
ImageList_SetFlags
CreatePropertySheetPage
ImageList_Replace
DrawStatusTextW
ImageList_GetFlags

advapi32

RegSetValueW
CryptEncrypt
RegQueryInfoKeyA
CryptGetDefaultProviderA
RegQueryMultipleValuesW
DuplicateTokenEx
RegQueryMultipleValuesA
LookupSecurityDescriptorPartsA
CryptContextAddRef
RegQueryValueExA
CryptSetProviderExW
RegSetValueExW
CryptSetProviderExA
RegDeleteValueW
CryptDecrypt
LookupPrivilegeValueW
RegRestoreKeyA
RegReplaceKeyW
CreateServiceW
CryptDestroyHash
RegQueryInfoKeyW
CryptGenRandom
DuplicateToken
InitiateSystemShutdownA

gdi32

GetClipRgn
GetNearestPaletteIndex
GetDIBColorTable
ResetDCA
CreateDCA
GetCharacterPlacementW
PlgBlt
CheckColorsInGamut
GetObjectA
GetStretchBltMode
GetDeviceCaps
FloodFill
ArcTo
EnableEUDC
GetKerningPairsA
CreateBitmap
DeleteDC
SetColorSpace
GetWindowExtEx
AngleArc
GetColorSpace
SetTextJustification
StrokePath
WidenPath
CombineRgn
GetObjectW
IntersectClipRect

user32

GetUserObjectInformationA
EndDialog
SetMenuDefaultItem
ScrollWindow
MessageBoxW
SendMessageTimeoutW
GetMenuStringA
MenuItemFromPoint
CreateWindowExA
DestroyWindow
GetListBoxInfo
IsCharUpperW
GetMenuItemID
InsertMenuA
DefMDIChildProcW
CharNextA
BeginPaint
InvalidateRgn
GetKeyNameTextA
RegisterClassA
SendDlgItemMessageA
GetWindowContextHelpId
MsgWaitForMultipleObjectsEx
CallMsgFilterW
DestroyCaret
SetDeskWallpaper
ShowWindow
SetWindowWord
OpenDesktopW
DefWindowProcA
InSendMessage
CharPrevExA
DefDlgProcA
SetDlgItemTextW
EnumDesktopWindows
RegisterClassExA
SetClipboardData
TabbedTextOutW

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33fff1fb9138ec6501bde2176b6464ff

Headers

File Characteristics

Imports

wininet

shell32

kernel32

comctl32

advapi32

gdi32

user32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 79KB - Virtual size: 78KB

.data Size: 88KB - Virtual size: 118KB

.rsrc Size: 44KB - Virtual size: 44KB

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 79KB - Virtual size: 78KB

.data
Size: 88KB - Virtual size: 118KB

.rsrc
Size: 44KB - Virtual size: 44KB