3f51b96138dd610fcad219d58a5e3611_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f51b96138dd610fcad219d58a5e3611_JaffaCakes118
Size

336KB
MD5

3f51b96138dd610fcad219d58a5e3611
SHA1

82e44e6162b0f4aad8e5ab843a0aae36f852645a
SHA256

9b8d83b3a696122a98a2e3a875bb843730e0e61ff6394fc9719af769cde62c2f
SHA512

d102d448bfe6079d1d295608316799cfbb2c3880807077144c272b98f56d2562c3414bb9af47a8b256e1467ade93613262939fa4e14b00055982310a3fbee261
SSDEEP

6144:xvUwM65+hMY2CGl/lGUWKR5JmWZxQVCEmzvETQX+l51Ce:13RqMzCI/MUWIe0A2EMub17

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f51b96138dd610fcad219d58a5e3611_JaffaCakes118

Files

3f51b96138dd610fcad219d58a5e3611_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0bef9350ddfe1543ebf1cf12033a1db6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

MoveToEx
GetDeviceCaps
GetTextFaceA
CreateDCA
RemoveFontResourceA
CloseMetaFile
SetFontEnumeration
StrokeAndFillPath
PlayEnhMetaFile
GetGraphicsMode
SelectObject
AngleArc
SwapBuffers
CopyEnhMetaFileW
GetObjectW
CancelDC
DeleteDC
SetWinMetaFileBits
DeleteObject

advapi32

RegSetValueExW
LogonUserW
RegNotifyChangeKeyValue
CryptSetProvParam

comdlg32

FindTextA
ChooseFontA

comctl32

ImageList_AddMasked
ImageList_AddIcon
CreateToolbar
ImageList_GetImageRect
ImageList_SetBkColor
ImageList_GetDragImage
DrawInsert
InitCommonControlsEx
ImageList_LoadImage
ImageList_Copy

user32

LoadBitmapA
MessageBoxW
GetMenuContextHelpId
LoadStringA
GetForegroundWindow
SendIMEMessageExW
GetClassLongW
GetSubMenu
DdePostAdvise
DispatchMessageW
SetLastErrorEx
SetWindowPlacement
IsRectEmpty
RegisterClassExW
EnumChildWindows
MsgWaitForMultipleObjects
DrawStateW
LoadIconA
GetCaretPos
GetMenuCheckMarkDimensions
SetUserObjectInformationW
RegisterClipboardFormatA
CharUpperW
GetWindowTextW
MonitorFromRect
CharPrevA
GetIconInfo
IsWindow
CharUpperBuffA
EnableMenuItem
DdeUnaccessData
SendIMEMessageExA
GetKeyboardType
SetScrollInfo
OffsetRect
GetKeyboardLayoutNameA
GetClipboardOwner
GetPropW
CharPrevExA
CreateMDIWindowW
GetClassLongA
MapDialogRect
RegisterClassExA
RegisterClassA
DefWindowProcW
LoadCursorW
GetCursorPos
SetMenuItemInfoW
FreeDDElParam
CreateWindowExA
MenuItemFromPoint
ClientToScreen
SetClipboardData
EmptyClipboard
GetSysColor
SendInput
DeferWindowPos
ShowCaret
DestroyWindow
FlashWindow
DdeQueryStringW
GetGuiResources
SetWindowLongW
SetForegroundWindow
DialogBoxParamA
SendMessageA
DdeFreeDataHandle
ShowWindow
GetPropA
RegisterDeviceNotificationA
IsIconic

kernel32

SetEnvironmentVariableA
CreateFileA
InterlockedDecrement
WideCharToMultiByte
HeapDestroy
GetModuleHandleA
HeapFree
TlsFree
GetCurrentThread
IsValidCodePage
HeapReAlloc
GetCurrentProcess
TlsSetValue
EnumSystemLocalesA
LoadLibraryA
HeapAlloc
SetUnhandledExceptionFilter
GetACP
IsValidLocale
GetThreadTimes
UnhandledExceptionFilter
LCMapStringW
TlsAlloc
FreeEnvironmentStringsA
QueryPerformanceCounter
lstrcmpA
ExitProcess
GetProcAddress
FindResourceW
WriteConsoleA
WriteConsoleOutputA
SetConsoleCtrlHandler
SetPriorityClass
GetTimeFormatA
GetDateFormatA
GetStringTypeExW
GetUserDefaultLCID
LCMapStringA
GetLocaleInfoW
GetConsoleMode
CompareStringW
GetLastError
ConvertDefaultLocale
DeleteFileA
SetHandleCount
GetEnvironmentStrings
CloseHandle
GetCurrentThreadId
GetStringTypeW
GetProfileSectionW
VirtualAllocEx
VirtualAlloc
DeleteCriticalSection
FreeEnvironmentStringsW
TlsGetValue
VirtualFree
FindFirstFileExA
GetConsoleCP
GetConsoleOutputCP
LockResource
GetLocaleInfoA
DeleteAtom
CompareStringA
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetThreadLocale
GetStringTypeA
GetConsoleTitleA
HeapCreate
GetConsoleCursorInfo
TerminateProcess
VirtualQuery
WriteConsoleOutputCharacterA
Sleep
GetModuleHandleW
ReadFile
LeaveCriticalSection
GetOEMCP
LocalUnlock
GetSystemTimeAsFileTime
InterlockedExchange
CommConfigDialogW
GetModuleFileNameA
SetFilePointer
GetTickCount
GetSystemDirectoryW
CreateFileW
EnterCriticalSection
GetStdHandle
GetStartupInfoA
GetTimeZoneInformation
SetStdHandle
OpenMutexA
CreateThread
TransactNamedPipe
CreateMutexA
SetLastError
HeapValidate
FlushFileBuffers
GetEnvironmentStringsW
SetConsoleTitleA
GetCommandLineA
GetFileType
CopyFileExA
WriteConsoleW
HeapSize
GetCPInfo
FindFirstFileA
FreeLibrary
IsDebuggerPresent
lstrcmpi
GetCurrentProcessId
WriteFile
SetConsoleWindowInfo
MultiByteToWideChar
GetNamedPipeHandleStateW
OutputDebugStringW
InterlockedIncrement

wininet

FindNextUrlCacheGroup
GopherGetAttributeW
FindNextUrlCacheEntryW
HttpQueryInfoA
InternetShowSecurityInfoByURLA
InternetTimeToSystemTimeA

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bef9350ddfe1543ebf1cf12033a1db6

Headers

File Characteristics

Imports

gdi32

advapi32

comdlg32

comctl32

user32

kernel32

wininet

Sections

.text Size: 100KB - Virtual size: 96KB

.rdata Size: 76KB - Virtual size: 72KB

.data Size: 92KB - Virtual size: 103KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 100KB - Virtual size: 96KB

.rdata
Size: 76KB - Virtual size: 72KB

.data
Size: 92KB - Virtual size: 103KB

.rsrc
Size: 64KB - Virtual size: 60KB