38f3d6d66993969573cbe9dc2f2b4f37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38f3d6d66993969573cbe9dc2f2b4f37_JaffaCakes118
Size

328KB
MD5

38f3d6d66993969573cbe9dc2f2b4f37
SHA1

a52866265e816629b33c0601aa5a874e6ebb2b13
SHA256

26694414b72c4c274dab784c684822b56d36ad8e1034ecd4fafa302c36615cc7
SHA512

457092f909669a8935b134573334e9bd80d22a816e91f60d040474520776da7064a6d5d6c433f8dc9807a5eee7d3092c27f994d60736668ca6029ce70f6cdfbc
SSDEEP

6144:9njDbdW7PCSGoo7baD6839lZtXyUk50Jp0:lndW77jo7baP3Jt0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38f3d6d66993969573cbe9dc2f2b4f37_JaffaCakes118

Files

38f3d6d66993969573cbe9dc2f2b4f37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c34f77a165b0a983a774f44f117f021

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\togj

Imports

wininet

ReadUrlCacheEntryStream
GopherGetAttributeA
InternetGetCookieW
InternetSetDialState
IsUrlCacheEntryExpiredA
InternetGoOnlineW
GopherFindFirstFileA
InternetReadFileExW
InternetGetCertByURL

comctl32

InitCommonControlsEx
CreateStatusWindow
CreateStatusWindowW
ImageList_Draw
DestroyPropertySheetPage
DrawStatusText
ImageList_EndDrag
ImageList_Add
ImageList_Create
_TrackMouseEvent
CreateStatusWindowA
DrawStatusTextA
MakeDragList
ImageList_Remove
CreatePropertySheetPageA
ImageList_DragShowNolock
ImageList_GetImageCount
ImageList_LoadImageW
ImageList_GetIcon
ImageList_DrawIndirect
ImageList_SetIconSize
ImageList_ReplaceIcon

advapi32

LookupAccountNameW
RegRestoreKeyA
CryptImportKey
GetUserNameW
CryptHashSessionKey
CryptSetKeyParam
RegQueryMultipleValuesW
CryptEnumProvidersW
CryptReleaseContext
CryptEnumProviderTypesA
LookupAccountSidA
RegCloseKey
RegOpenKeyW
CryptSignHashA
LookupPrivilegeNameW
RegCreateKeyW
StartServiceW
StartServiceA
RegSaveKeyA
RegFlushKey
CryptSetProviderW
InitializeSecurityDescriptor
RegQueryValueExA
RegSetValueExA
RegLoadKeyA

comdlg32

PrintDlgW
GetFileTitleA
ChooseFontA

kernel32

SetLocaleInfoA
CreateDirectoryExW
ReleaseSemaphore
FreeEnvironmentStringsA
FoldStringA
lstrlen
CreateMutexA
HeapSize
FreeEnvironmentStringsW
GetFileAttributesW
GetPrivateProfileSectionNamesA
CreateProcessW
CreateNamedPipeA
SetThreadContext
GetACP
GetCPInfo
VirtualQueryEx
CompareFileTime
ReadConsoleInputA
SetEnvironmentVariableW
EnumSystemLocalesA
GetFileAttributesExA
IsBadWritePtr
GetEnvironmentStringsW
VirtualFree
GetOEMCP
HeapFree
SetWaitableTimer
LocalAlloc
FindFirstFileExA
HeapReAlloc
TerminateProcess
GetTickCount
GetModuleFileNameW
GetTempPathA
CompareStringW
EnterCriticalSection
EnumDateFormatsA
GetConsoleCursorInfo
GetModuleHandleA
GetPrivateProfileIntW
WriteConsoleA
QueryPerformanceCounter
GetCommandLineA
AddAtomW
GetCommandLineW
LCMapStringW
SetHandleCount
lstrcatA
GetCurrentProcess
HeapAlloc
GetFileSize
RtlUnwind
VirtualProtect
WriteFile
TlsGetValue
GetVersionExA
GetCurrentThreadId
GetStartupInfoW
SetConsoleTitleW
MultiByteToWideChar
LCMapStringA
GetCompressedFileSizeW
GetDateFormatA
GetStringTypeA
MoveFileExW
IsValidLocale
GlobalFlags
GetDriveTypeW
WritePrivateProfileStringW
VirtualQuery
FlushFileBuffers
CommConfigDialogW
GetCompressedFileSizeA
InterlockedCompareExchange
GetCurrentDirectoryA
LeaveCriticalSection
HeapCreate
GetTimeZoneInformation
GetCurrentThread
GetThreadTimes
CreatePipe
GetPrivateProfileSectionA
DebugBreak
InitializeCriticalSection
LoadLibraryA
SetStdHandle
ReadFile
GetEnvironmentStrings
WaitForDebugEvent
GetStartupInfoA
CreateFileMappingW
IsValidCodePage
TlsAlloc
GetStringTypeW
SetFilePointer
GetSystemInfo
CompareStringA
GetStdHandle
lstrcatW
GetTimeFormatA
GetFileType
UnhandledExceptionFilter
GetSystemTimeAsFileTime
SetThreadLocale
GetModuleFileNameA
SetEnvironmentVariableA
SetLastError
MapViewOfFile
TlsFree
GetLastError
InterlockedExchange
GetExitCodeThread
GetLocaleInfoA
GlobalFix
FoldStringW
GlobalGetAtomNameW
GetProcAddress
CloseHandle
OpenMutexA
GetCurrentDirectoryW
Sleep
lstrcmpi
DeleteCriticalSection
HeapDestroy
GetUserDefaultLCID
InterlockedDecrement
lstrlenA
SetConsoleOutputCP
FreeLibrary
GetLocaleInfoW
GetCurrentProcessId
VirtualAlloc
ExitProcess
CreateFileMappingA
WritePrivateProfileSectionA
WideCharToMultiByte
TlsSetValue

user32

SetWindowsHookW
DdeQueryStringA
GetDlgItemTextW
GetWindowContextHelpId
BroadcastSystemMessage
EnumDesktopsA
GetClassNameW
SendInput
RegisterClassExA
GetProcessWindowStation
GetWindowTextLengthW
CallWindowProcW
SetDeskWallpaper
InternalGetWindowText
OemToCharBuffW
GetClipboardData
SetWindowLongA
ShowWindow
ScrollWindowEx
RemovePropW
DdeAccessData
WinHelpW
GetKeyNameTextW
SetMenuDefaultItem
CharNextW
CreateWindowExW
RealChildWindowFromPoint
DestroyWindow
DrawEdge
GetUserObjectInformationA
PostQuitMessage
LoadMenuIndirectA
IsDialogMessageA
EndMenu
SetWindowLongW
LoadCursorFromFileW
DdeAbandonTransaction
GetKeyboardLayoutList
ExcludeUpdateRgn
ChangeMenuA
MessageBoxExW
TranslateAcceleratorA
TranslateMessage
MessageBoxW
LoadAcceleratorsA
CheckDlgButton
SetCaretBlinkTime
HideCaret
CountClipboardFormats
DefWindowProcW
SetSysColors
GetMenuContextHelpId
GetAncestor
SetMenuContextHelpId
SetKeyboardState
AnimateWindow
RegisterClassA
DrawCaption
MsgWaitForMultipleObjects
CloseWindowStation

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c34f77a165b0a983a774f44f117f021

Headers

File Characteristics

PDB Paths

Imports

wininet

comctl32

advapi32

comdlg32

kernel32

user32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 112KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 112KB

.rsrc
Size: 76KB - Virtual size: 74KB