3f07049bd049c24cbb344da03eeeea88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f07049bd049c24cbb344da03eeeea88_JaffaCakes118
Size

268KB
MD5

3f07049bd049c24cbb344da03eeeea88
SHA1

1763fa676c479401b13fe2b2a3d9809d7d1b6bcc
SHA256

92176c8e5ae55cb9c4cb56d15bf8437127d3964887f8fdd9f5e30d4472fffc31
SHA512

9e8f0c46903c9f62704d91b8b0b1cc9d79f04b7b10b40482f714df61ddf023f3a53325f23beac8eae28e36f50b484a7a8378686217f1bd53d35ebde5e58dbfe6
SSDEEP

6144:lIDRa6kdyiG7ogMchBw53tWvNRlK5yO4dQlWQFN+:lORa6kdyB2chBU2/U+QlWS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f07049bd049c24cbb344da03eeeea88_JaffaCakes118

Files

3f07049bd049c24cbb344da03eeeea88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

70f120e4b11f8094ef216add3e9d4ff0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\z

Imports

wininet

SetUrlCacheEntryGroupA

user32

MessageBoxIndirectA
DdeCmpStringHandles
ToAsciiEx
SetSysColors
DefWindowProcW
GetMenuDefaultItem
ToAscii
GetClassInfoA
GetDlgCtrlID
RegisterClassExA
LoadBitmapW
SendDlgItemMessageW
ChangeDisplaySettingsExW
ShowWindow
CreateIconFromResource
GetQueueStatus
GetSubMenu
RegisterDeviceNotificationW
EnumWindowStationsW
DefWindowProcA
DrawTextExW
GetSystemMetrics
SetMenuInfo
RegisterClassA
EditWndProc
FlashWindowEx
GetClipCursor
ToUnicode
OemToCharA
GetWindowDC
CallMsgFilterW
MonitorFromPoint
CreateWindowExW
GetPropA
LoadImageW
ChangeDisplaySettingsExA
MessageBoxW
ValidateRect
DialogBoxIndirectParamW
CharToOemW
DrawIcon
wsprintfW
ValidateRgn
GetWindowTextA
SetRect
SetWindowPlacement
ChangeMenuW
GetCapture
GetMenuStringA
UnhookWindowsHookEx
BroadcastSystemMessageW
DdeSetUserHandle
GetClipboardViewer
UnregisterClassA
OpenWindowStationW
LoadMenuW
TranslateMDISysAccel
GetMessageExtraInfo
DestroyWindow
SetPropA
RegisterHotKey
UpdateWindow
CreateIconFromResourceEx
PackDDElParam
MessageBeep

gdi32

GdiPlayScript
GetCharacterPlacementW
GetRgnBox
ColorMatchToTarget
GetLogColorSpaceA
GetKerningPairsW
DeleteDC
GdiGetBatchLimit
PaintRgn
GetNearestColor
CreateScalableFontResourceA
GetTextFaceW
CreateICA
GetObjectA
SetTextCharacterExtra
GetCharABCWidthsA
CreatePolyPolygonRgn
DeleteObject
CreateBitmap
SetWindowOrgEx
SelectObject
CreateDCA
GetDeviceCaps

comdlg32

ChooseColorA

comctl32

ImageList_ReplaceIcon
ImageList_Remove
DrawStatusText
ImageList_Create
ImageList_BeginDrag
ImageList_SetFlags
CreateMappedBitmap
ImageList_DragMove
ImageList_GetImageInfo
ImageList_Write
ImageList_LoadImage
ImageList_Merge
InitCommonControlsEx

kernel32

TlsGetValue
WritePrivateProfileStringW
InterlockedExchange
GetSystemTimeAsFileTime
GetCPInfo
GetTempFileNameA
GetPrivateProfileSectionW
LocalUnlock
HeapReAlloc
HeapDestroy
SetLastError
DeleteCriticalSection
ReadConsoleA
WritePrivateProfileStructA
CopyFileA
GetModuleHandleA
EnumCalendarInfoW
GetUserDefaultLCID
LocalFlags
GetStringTypeW
DeleteFileA
EnumResourceLanguagesA
SetEndOfFile
SetUnhandledExceptionFilter
LocalAlloc
SystemTimeToFileTime
GetEnvironmentStrings
lstrcmpiA
CompareStringW
GetMailslotInfo
EnumSystemLocalesA
PulseEvent
GetTimeFormatA
GetTimeZoneInformation
GetCurrentThread
RtlUnwind
SetConsoleScreenBufferSize
GetLocaleInfoA
RtlFillMemory
FileTimeToSystemTime
SetStdHandle
EnumDateFormatsExW
InitializeCriticalSection
TransactNamedPipe
ReadConsoleOutputA
LoadLibraryA
GetWindowsDirectoryA
SetComputerNameW
OpenFileMappingW
GetModuleFileNameA
SetCurrentDirectoryW
FindFirstFileW
WideCharToMultiByte
CreateRemoteThread
LoadLibraryExW
TlsSetValue
SetThreadPriority
ExitProcess
FindResourceExA
TryEnterCriticalSection
DebugBreak
GetLastError
TlsAlloc
LoadResource
GetLocaleInfoW
GetModuleFileNameW
SetEnvironmentVariableA
SetConsoleWindowInfo
CompareStringA
TlsFree
GetCommandLineA
UnhandledExceptionFilter
GetStartupInfoA
GetProcAddress
VirtualAllocEx
CreateMailslotW
EnterCriticalSection
VirtualFree
GetEnvironmentStringsW
HeapAlloc
ReadFile
EnumResourceTypesW
FlushViewOfFile
SetConsoleTitleW
CreateFileA
EnumResourceNamesA
GetOEMCP
LeaveCriticalSection
WriteProfileStringA
HeapCreate
GetSystemInfo
OpenMutexA
GetProcAddress
FlushFileBuffers
WaitForDebugEvent
WaitForSingleObject
GetStringTypeA
GetStringTypeExW
GetPrivateProfileStructA
ExpandEnvironmentStringsW
GetSystemDirectoryA
GetCurrentProcess
GetStdHandle
WriteFile
GetFileAttributesA
VirtualAlloc
IsValidCodePage
GetCurrentProcessId
FreeEnvironmentStringsA
VirtualProtect
HeapFree
SetFileTime
GetFileType
LCMapStringW
GlobalFlags
FindAtomW
SetEvent
SetTimeZoneInformation
CreateMutexA
FreeEnvironmentStringsW
GlobalReAlloc
GetDateFormatA
QueryPerformanceCounter
CloseHandle
GetVersionExA
LCMapStringA
TerminateProcess
IsBadWritePtr
HeapSize
GetDiskFreeSpaceExA
WriteProfileSectionW
MultiByteToWideChar
SetHandleCount
SetFilePointer
IsValidLocale
VirtualQuery
FormatMessageW
WriteConsoleA
GetCurrentThreadId
LockResource
WriteConsoleOutputCharacterA
CreateDirectoryExA
GetACP
GetTickCount
OpenSemaphoreA

advapi32

RegCreateKeyExA
DuplicateToken
RegSetValueW
CreateServiceW
RegDeleteValueW
CryptGetUserKey
RegConnectRegistryW
RegEnumValueW
CryptDuplicateHash
CryptDestroyHash
CryptGenKey
CryptExportKey

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70f120e4b11f8094ef216add3e9d4ff0

Headers

File Characteristics

PDB Paths

Imports

wininet

user32

gdi32

comdlg32

comctl32

kernel32

advapi32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 88KB - Virtual size: 107KB

.rsrc Size: 24KB - Virtual size: 20KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 88KB - Virtual size: 107KB

.rsrc
Size: 24KB - Virtual size: 20KB