3733adf06fe920902f06eac803b6f7b4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3733adf06fe920902f06eac803b6f7b4_JaffaCakes118
Size

340KB
MD5

3733adf06fe920902f06eac803b6f7b4
SHA1

83bd645610c4a0ffc73fa6719fc2cafed5449522
SHA256

37d6d5d4090d2e820385f134a4f6b166cf71d6a826017c1c87507c431dda7332
SHA512

3e9ad78d6dd8f94702b58910906a1e9a177bec3d38d8dc997720ddba39172ca866d9e3a3a02ff12ea7a1ea4b3c176a7147a8070d2407e6ed5fa87fd96770b6d0
SSDEEP

6144:K0e7TcYlRGbJ/ipxhqf8aYgGWlyKzEnNFugO+jHnSAgmOkqojCJCcnST:/e7rlcd65qXhGWlz4OgOHBP3ta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3733adf06fe920902f06eac803b6f7b4_JaffaCakes118

Files

3733adf06fe920902f06eac803b6f7b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac6a0469d03dd5c7f6cdf1c6a0b80c8e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\htz\tlrztmg\

Imports

wininet

FindNextUrlCacheEntryA
FtpCreateDirectoryA
FtpGetCurrentDirectoryW
GopherGetLocatorTypeW
GetUrlCacheConfigInfoW
DeleteUrlCacheEntry
InternetConfirmZoneCrossingW
FtpDeleteFileA

shell32

SHGetMalloc
SheSetCurDrive

kernel32

WideCharToMultiByte
SetEnvironmentVariableA
GetVersion
GetStringTypeW
GetLocalTime
FreeEnvironmentStringsA
LCMapStringW
RtlUnwind
QueryPerformanceCounter
GetCurrentProcessId
GetModuleHandleA
HeapReAlloc
SetHandleCount
CloseHandle
GetModuleFileNameA
HeapAlloc
WriteFile
GetCommandLineW
InterlockedIncrement
VirtualAlloc
GetShortPathNameW
IsBadWritePtr
GetLastError
FreeEnvironmentStringsW
VirtualFree
SetFilePointer
GetStdHandle
LeaveCriticalSection
InterlockedDecrement
HeapDestroy
GetCurrentThreadId
GetStartupInfoA
GetSystemTimeAsFileTime
SetConsoleWindowInfo
GetPriorityClass
TerminateProcess
TlsAlloc
GetSystemTime
GetModuleFileNameW
GetTimeZoneInformation
OpenMutexA
LoadLibraryA
HeapFree
MapViewOfFileEx
ExitProcess
WriteConsoleInputW
GetCommandLineA
MultiByteToWideChar
GetFileType
GetStringTypeA
HeapCreate
GlobalGetAtomNameA
GetEnvironmentStringsW
GetCPInfo
InitializeCriticalSection
DeleteCriticalSection
TlsGetValue
InterlockedExchange
SetLastError
VirtualQuery
GetTickCount
CompareStringA
UnhandledExceptionFilter
GetCurrentThread
CreateDirectoryExA
ReadFile
CreateMutexA
CompareStringW
TlsFree
SetStdHandle
GetCurrentProcess
EnterCriticalSection
LCMapStringA
EnumDateFormatsW
GetProcAddress
GetEnvironmentStrings
FlushFileBuffers
TlsSetValue
GetStartupInfoW

gdi32

GetICMProfileA
StrokeAndFillPath
GetEnhMetaFileDescriptionA
GdiPlayDCScript
SetDeviceGammaRamp

comctl32

CreatePropertySheetPage
InitCommonControlsEx
_TrackMouseEvent
ImageList_DragShowNolock
CreateToolbar
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_GetBkColor
ImageList_GetImageCount
ImageList_SetBkColor
CreatePropertySheetPageW

user32

DefWindowProcA
DdeQueryNextServer
RegisterHotKey
SetClassLongW
GetMessageExtraInfo
CopyImage
IsWindowEnabled
SendMessageW
EnumDisplayDevicesA
GetPropW
GetWindow
EnumDisplaySettingsExW
DrawCaption
OffsetRect
EnumPropsW
GetWindowInfo
DdeFreeDataHandle
UnregisterDeviceNotification
SetMenuItemBitmaps
DestroyWindow
TranslateAcceleratorW
CheckMenuRadioItem
LoadMenuIndirectA
RegisterClassExA
WaitForInputIdle
SetWindowTextW
SetMenuContextHelpId
RealChildWindowFromPoint
GetComboBoxInfo
GetProcessDefaultLayout
wvsprintfA
CharNextExA
DrawIconEx
GetMenuContextHelpId
RegisterClipboardFormatA
GetClassInfoW
DdeAccessData
DeferWindowPos
SetTimer
OpenWindowStationW
SendNotifyMessageA
RedrawWindow
OpenDesktopW
DrawMenuBar
CharUpperW
LoadMenuA
SetCursor
EnumPropsA
RegisterClassA
TabbedTextOutW
SetMenu

comdlg32

ReplaceTextA

Sections

.text
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac6a0469d03dd5c7f6cdf1c6a0b80c8e

Headers

File Characteristics

PDB Paths

Imports

wininet

shell32

kernel32

gdi32

comctl32

user32

comdlg32

Sections

.text Size: 156KB - Virtual size: 152KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 96KB - Virtual size: 123KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 156KB - Virtual size: 152KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 96KB - Virtual size: 123KB

.rsrc
Size: 16KB - Virtual size: 13KB