385e09f00cf98ffe1264389d7cad42a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

385e09f00cf98ffe1264389d7cad42a7_JaffaCakes118
Size

430KB
MD5

385e09f00cf98ffe1264389d7cad42a7
SHA1

11e76bab7bf740d6f609ee3dc5dfb12813e72714
SHA256

d0654481c9bc5a567e8f7a03663a1d321642f9a0f0fbd0a39ca028154af92109
SHA512

b7de9dacb00f66837e28db69d05bcf8a3c9c43eddd8faaa7a27460d2a1767226114b79191bfd6a014226485481100c3f49b2a622c4f1a5eb252b1d4424e6649e
SSDEEP

12288:GTEBgyIakgwmTmCC3FXHsAMcNyxvAApi8Y2G:GTVyIhg3TmCUpM/cNmAGi8Y2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
385e09f00cf98ffe1264389d7cad42a7_JaffaCakes118

Files

385e09f00cf98ffe1264389d7cad42a7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08571fef8fb82ccd0b4be35fc12172c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateAcceleratorTableW
SetClipboardData
WindowFromDC
GetMenuItemRect
TabbedTextOutW
DdeConnect
ChangeMenuW

wininet

InternetCloseHandle
CreateUrlCacheEntryW
InternetGoOnlineA
FindNextUrlCacheGroup
InternetTimeFromSystemTime
InternetDialW
HttpSendRequestW
UrlZonesDetach
InternetWriteFileExA
InternetInitializeAutoProxyDll
InternetSetDialStateW
FtpRenameFileW
FtpCommandW
UnlockUrlCacheEntryFileW
InternetLockRequestFile
DeleteUrlCacheEntry
HttpSendRequestExW

advapi32

RegRestoreKeyA
CryptEnumProviderTypesW
RevertToSelf
LookupPrivilegeValueW
RegFlushKey
RegDeleteKeyA
StartServiceA
GetUserNameA
CryptSetKeyParam
CryptEnumProvidersA
RegConnectRegistryA
CryptDeriveKey
RegDeleteKeyW
CryptSetProviderExW
CryptContextAddRef
CryptGenRandom
CryptDuplicateKey
LookupAccountSidW
LookupSecurityDescriptorPartsW
DuplicateTokenEx

comdlg32

FindTextW
GetFileTitleW
GetFileTitleA
ChooseFontA
FindTextA
PageSetupDlgW
ChooseColorW
LoadAlterBitmap
GetSaveFileNameW
PrintDlgA
GetSaveFileNameA
PageSetupDlgA

kernel32

GetLocaleInfoA
InterlockedIncrement
GetCPInfo
GetSystemTimeAsFileTime
GetModuleFileNameA
WideCharToMultiByte
GetEnvironmentStringsW
SetLastError
ExitProcess
VirtualFree
GetOEMCP
TlsAlloc
GetDateFormatA
GetProcAddress
EnumSystemLocalesA
SetEnvironmentVariableA
LoadLibraryA
VirtualQuery
GetUserDefaultLCID
IsValidCodePage
RtlUnwind
InterlockedDecrement
HeapReAlloc
VirtualAlloc
FreeLibrary
LCMapStringW
GetLocaleInfoW
HeapCreate
GetCurrentThreadId
GetModuleHandleW
ConnectNamedPipe
GetLastError
GetStringTypeW
TlsSetValue
GetTimeFormatA
CompareStringW
HeapDestroy
ReadConsoleOutputW
IsDebuggerPresent
GetFileType
TlsGetValue
MultiByteToWideChar
TlsFree
GetStdHandle
GetCurrentProcessId
InterlockedExchange
GetTickCount
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
CopyFileA
LocalUnlock
HeapSize
HeapAlloc
EnterCriticalSection
IsValidLocale
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
WriteFile
LCMapStringA
GetStartupInfoA
DeleteCriticalSection
HeapFree
GetStringTypeA
GetCurrentProcess
CompareStringA
QueryPerformanceCounter
LeaveCriticalSection
lstrlen
GetConsoleTitleA
GetCurrentThread
SetHandleCount
TerminateProcess
SetUnhandledExceptionFilter
FreeEnvironmentStringsW
GetCommandLineA
LoadLibraryExA
SetConsoleCtrlHandler
GetACP
Sleep
GetModuleHandleA

gdi32

EnumICMProfilesW
GetKerningPairs
CombineRgn
CopyMetaFileA
GetLayout
GetWinMetaFileBits
CloseEnhMetaFile
GetICMProfileA
EnumICMProfilesA
GetBitmapDimensionEx
Ellipse
CreatePolygonRgn
FillRgn
GetLogColorSpaceW
EnumFontsW
GetFontLanguageInfo

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08571fef8fb82ccd0b4be35fc12172c9

Headers

File Characteristics

Imports

user32

wininet

advapi32

comdlg32

kernel32

gdi32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 279KB - Virtual size: 288KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 279KB - Virtual size: 288KB

.rsrc
Size: 9KB - Virtual size: 9KB