393059e00a98bd749f39747767ce490b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

393059e00a98bd749f39747767ce490b_JaffaCakes118
Size

644KB
MD5

393059e00a98bd749f39747767ce490b
SHA1

57a10ff584291f92f055c82abfdd7728f1ee4c12
SHA256

065c91dec29144bcbb56811b1a1395e7f8ce0e36c3fe177b74e1db2bf6c769d5
SHA512

ebe33a507ac3fe47b1054660d5e6352e3ed521b62fda67448077ddffd40997e06d23f6d16de93f1ed3931f54ca5eb36c7ed3bcef9153e90e335382756f0cd817
SSDEEP

12288:S8/6hHc6JB0yyvikDPA2BOkqeEzhxsGbgjLVeO2x83UKt:StLJB0ywlTA2chdUjhP2xY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
393059e00a98bd749f39747767ce490b_JaffaCakes118

Files

393059e00a98bd749f39747767ce490b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

862b5f6343a35e9c031a4fda30b705e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\emf\sou.pdb

Imports

comdlg32

GetSaveFileNameA
FindTextW

wininet

HttpSendRequestA
DetectAutoProxyUrl
UnlockUrlCacheEntryStream
HttpOpenRequestA
InternetGetLastResponseInfoW
HttpSendRequestExW
InternetAlgIdToStringW

kernel32

GetCPInfo
WaitNamedPipeA
LCMapStringA
GetProcAddress
HeapAlloc
HeapFree
CreateMutexA
EnterCriticalSection
FindFirstFileExA
GetNumberFormatA
GetACP
GetComputerNameA
ReleaseSemaphore
FindAtomW
GetCurrentThreadId
OpenMutexA
GetDiskFreeSpaceA
WritePrivateProfileStringA
TerminateProcess
ReadFile
OpenSemaphoreW
InterlockedIncrement
GetTempFileNameW
GetConsoleScreenBufferInfo
IsBadReadPtr
CopyFileExA
InterlockedExchange
lstrcatW
InitializeCriticalSection
SetFileAttributesA
CompareStringA
GetModuleFileNameA
InterlockedDecrement
CompareStringW
TlsSetValue
MultiByteToWideChar
FlushFileBuffers
GetCurrentProcess
HeapValidate
SetLastError
GetSystemTimeAsFileTime
LoadLibraryA
SetFilePointer
WriteConsoleA
FindResourceExW
GetEnvironmentStrings
GetFullPathNameA
DebugBreak
FindNextFileW
UnhandledExceptionFilter
GetStringTypeW
DeleteFileW
GetOEMCP
WritePrivateProfileStringW
ExitProcess
OutputDebugStringA
VirtualAlloc
VirtualFree
CreateWaitableTimerA
WaitNamedPipeW
QueryPerformanceCounter
WideCharToMultiByte
GetSystemDirectoryA
GetProfileSectionW
MoveFileExW
SetStdHandle
GetTempPathW
FreeEnvironmentStringsW
GetStdHandle
LocalCompact
GetSystemTime
GetTickCount
HeapCreate
IsBadWritePtr
CloseHandle
GetConsoleTitleW
VirtualQuery
lstrcpyW
SetLocaleInfoW
GetThreadPriorityBoost
GetLocalTime
GetCurrentProcessId
GetLastError
LoadResource
HeapDestroy
SetComputerNameA
GetEnvironmentStringsW
SetHandleCount
GetProfileIntW
GetFileType
GetCurrentThread
WriteFile
GetCommandLineA
GetProfileIntA
DeleteCriticalSection
SetConsoleCtrlHandler
TlsGetValue
RtlUnwind
SetConsoleTitleA
FreeEnvironmentStringsA
TlsAlloc
GetProcessHeaps
LCMapStringW
lstrcmpA
TlsFree
GetVersion
HeapReAlloc
GetStringTypeA
GetModuleHandleA
LeaveCriticalSection
GetStartupInfoA
SetEnvironmentVariableA
WriteFileEx
GetTimeZoneInformation

user32

OpenDesktopW
GetDlgItemInt
DispatchMessageW
MonitorFromPoint
GetMenuState
CallMsgFilter
SystemParametersInfoW
SetThreadDesktop
SetParent
GetWindowRect
LoadStringA
ChangeClipboardChain
RegisterClassA
EnumDesktopsW
MonitorFromRect
GetOpenClipboardWindow
EndMenu
SetTimer
SetWindowContextHelpId
DialogBoxParamW
InflateRect
SetActiveWindow
LoadKeyboardLayoutW
GetSubMenu
DialogBoxIndirectParamW
RemovePropA
InSendMessage
InvertRect
RegisterClassExA
IsWindow
IsDialogMessageA
DestroyIcon
GetKeyboardLayoutList
GetTabbedTextExtentA
MessageBoxW
PostMessageA
CharNextExA
SwitchDesktop
LoadCursorFromFileA
CharNextA
BroadcastSystemMessageW
EnumDisplaySettingsExA
ToAsciiEx
DrawFrame
DlgDirListA
LockWindowUpdate
CharToOemA
DdeFreeStringHandle
GetCaretBlinkTime
NotifyWinEvent

gdi32

FillRgn
ScaleViewportExtEx
CreateColorSpaceW
GetEnhMetaFileBits
CreateMetaFileW
CreateScalableFontResourceW
GetOutlineTextMetricsW
GetMetaFileW
EnumMetaFile
EnumFontFamiliesW
SetViewportOrgEx
EnableEUDC
ColorCorrectPalette
EndPage
BitBlt
SetTextColor
GetCharacterPlacementW
CreateEnhMetaFileW
UpdateICMRegKeyA
PlayEnhMetaFileRecord
CreateDiscardableBitmap
EndPath
SetDIBColorTable
GetArcDirection
StartDocW

comctl32

ImageList_SetImageCount
ImageList_SetFlags
ImageList_SetIconSize
ImageList_Copy
ImageList_Replace
InitCommonControlsEx
ImageList_DragMove
CreatePropertySheetPageW
ImageList_SetDragCursorImage

advapi32

CryptHashData
CryptExportKey
RegSetValueA
CryptDestroyKey
RegQueryValueW
DuplicateTokenEx
RevertToSelf
RegConnectRegistryW
CryptEnumProvidersW
RegOpenKeyExA
RegSetKeySecurity
RegOpenKeyW
RegCloseKey
LookupAccountSidW
LookupPrivilegeNameA
RegCreateKeyExW
LogonUserW

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

862b5f6343a35e9c031a4fda30b705e8

Headers

File Characteristics

PDB Paths

Imports

comdlg32

wininet

kernel32

user32

gdi32

comctl32

advapi32

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 138KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 138KB

.rsrc
Size: 68KB - Virtual size: 64KB