37242272978994fd55979ef6f9108f5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37242272978994fd55979ef6f9108f5f_JaffaCakes118
Size

460KB
MD5

37242272978994fd55979ef6f9108f5f
SHA1

df5766a5a9199cead0379e7c7fe37831626c45cb
SHA256

1a94bb72004681ab0afb30fbf48d253df08ed4c2407f5c32659431d182a6a97b
SHA512

df65a2991f264ce4385e98b3d1fd188c64e134c97ab6b559f329670d388ad8921269ba1f6403e56b550f22de31e835fd4cf00a37c4504987521fd7e6465d15be
SSDEEP

6144:tFa7n8kPmBv453yOTVFgsF2HZef9HC5mA9da0aY1egXDWNu8cbYTpTspkYWrWa43:Wj1u/OQ4A/aAj8lck3Wa4nMMnMMMMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37242272978994fd55979ef6f9108f5f_JaffaCakes118

Files

37242272978994fd55979ef6f9108f5f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

227ec2c6e273d75204a66a007dda51b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateFreeThreadedMarshaler
CoUninitialize
PropVariantClear
ProgIDFromCLSID
CoCreateGuid
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc

wininet

InternetCombineUrlA
InternetCrackUrlA

kernel32

GetCurrentProcess
IsDBCSLeadByteEx
GetFileTime
CopyFileA
GetOverlappedResult
GetThreadLocale
GetDateFormatA
HeapAlloc
FormatMessageW
FlushFileBuffers
GetTickCount
SetUnhandledExceptionFilter
ExitProcess
CreateFileW
InterlockedIncrement
GetCurrentThread
CreateFileA
GetLocaleInfoW
InterlockedDecrement
GetSystemInfo
GetTimeZoneInformation
FindClose
GetTimeFormatA
lstrcpynA
HeapFree
CompareFileTime
UnhandledExceptionFilter
DeleteCriticalSection
GetSystemDefaultLangID
Sleep
GetTempPathA
LoadResource
GetLocaleInfoA
IsValidCodePage
FormatMessageA
GetSystemTimeAsFileTime
VirtualProtect
GetDateFormatW
HeapCreate
SetFileAttributesA
ReadFile
GetLastError
SystemTimeToFileTime
GetProcAddress
GetStringTypeW
FreeLibrary
IsDBCSLeadByte
TerminateProcess
IsBadReadPtr
lstrcatA
CloseHandle
GetShortPathNameA
GetCurrentProcessId
DisableThreadLibraryCalls
GlobalReAlloc
WaitForSingleObject
FindNextFileA
lstrcmpiA
QueryPerformanceCounter
HeapDestroy
TlsAlloc
GetModuleHandleA
ResetEvent
FindFirstFileA
IsBadWritePtr
lstrcpyA
GetCurrentThreadId
LocalFree
GetACP
GlobalFree
LoadLibraryA
lstrlenA
SetEndOfFile
VirtualQuery
GlobalLock
GetTempFileNameA
GetSystemTime
SetFilePointer
LoadLibraryExA
SetEvent
GlobalHandle
TlsFree
GlobalAlloc
MultiByteToWideChar
VirtualFree
FindResourceA
InterlockedExchange
GlobalUnlock
TlsSetValue
GetVersionExA
GetTimeFormatW
EnterCriticalSection
GetUserDefaultLCID
WideCharToMultiByte
GetCPInfo
FileTimeToSystemTime
LeaveCriticalSection
GetModuleFileNameA
InitializeCriticalSection
TlsGetValue
GetFileSize
VirtualAlloc
CreateEventA
SizeofResource
lstrlenW

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

CharNextA
RegisterWindowMessageA
DispatchMessageA
wsprintfA
TranslateMessage
CallMsgFilterW
GetMessageA

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
OpenThreadToken
RevertToSelf
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegNotifyChangeKeyValue
ImpersonateLoggedOnUser
RegQueryValueExA
RegOpenKeyExA

cfgmgr32

CM_Get_Version_Ex

certmgr

DllGetClassObject

inetcomm

MimeOleSetCompatMode
MimeOleGetInternat
MimeOleInetDateToFileTime
MimeOleCreateMessage
MimeOleGetPropertySchema

urlmon

UrlMkSetSessionOption
CoInternetGetSession
CopyBindInfo
CoInternetParseUrl

shlwapi

StrCatBuffW

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 124KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227ec2c6e273d75204a66a007dda51b9

Headers

DLL Characteristics

File Characteristics

Imports

ole32

wininet

kernel32

version

user32

advapi32

cfgmgr32

certmgr

inetcomm

urlmon

shlwapi

Sections

.text Size: 155KB - Virtual size: 155KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 124KB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 142KB - Virtual size: 141KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 155KB - Virtual size: 155KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 124KB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 32KB - Virtual size: 31KB