3b70bbe442a55c9bf0fbf2f03dd57df6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b70bbe442a55c9bf0fbf2f03dd57df6_JaffaCakes118
Size

376KB
MD5

3b70bbe442a55c9bf0fbf2f03dd57df6
SHA1

4cbfbb2a0ff9c106588275184b36c010a64aae2a
SHA256

128539e3087921664459cb6eb4514b331a14822932d5e148e8bbb1b85574a818
SHA512

36520035ce85091a5ecdce2d2cf08d3decac5f64365256e3ce625119b46df5fd9077857a716d636335b95d3344ce689b0093e1f3b23aa0bcd6c9e72fb85cd29a
SSDEEP

6144:DAPkr5T+MPsgDLb7XL9XDFefUZQ/tx7HltWVnxRD01VCexkmMHoq5d6gonn+p:XyMFLbL5cfb/txZ2xRmCGMFdMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b70bbe442a55c9bf0fbf2f03dd57df6_JaffaCakes118

Files

3b70bbe442a55c9bf0fbf2f03dd57df6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

102a6e76d0e2d2d06bb7a1c84de9d837

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_SetIconSize
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_SetBkColor
DrawStatusText
DrawStatusTextA
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_Replace
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_AddIcon
ImageList_Write
CreatePropertySheetPageW
CreateToolbar
ImageList_LoadImageW

wininet

InternetDialW

comdlg32

PrintDlgA
PageSetupDlgW
ReplaceTextA

kernel32

GetCurrentThreadId
VirtualAlloc
GetCurrentProcess
GetLastError
LCMapStringA
CompareStringW
TlsSetValue
CommConfigDialogW
LCMapStringW
FreeEnvironmentStringsW
HeapFree
GetPrivateProfileStringA
GetProcessShutdownParameters
GetStdHandle
HeapDestroy
SetConsoleOutputCP
GetCurrencyFormatA
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
InterlockedExchange
CloseHandle
HeapAlloc
MoveFileW
GetStringTypeA
GetModuleHandleA
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsGetValue
GetEnvironmentStringsW
TerminateProcess
HeapReAlloc
TlsFree
SetFilePointer
GetVersion
LoadLibraryA
GetStartupInfoW
GetSystemTimeAsFileTime
SetHandleCount
InitializeCriticalSection
ExitProcess
GetPrivateProfileSectionNamesA
LeaveCriticalSection
VirtualFree
ReadFile
GetTimeZoneInformation
SetEnvironmentVariableA
VirtualQuery
FreeEnvironmentStringsA
SetStdHandle
lstrcmpi
GetEnvironmentStrings
GetFileType
GetStartupInfoA
HeapCreate
GetModuleFileNameW
GetModuleFileNameA
GetTickCount
QueryPerformanceCounter
GetSystemTime
DeleteCriticalSection
GetCurrentProcessId
OpenMutexA
CreateFileMappingA
FlushFileBuffers
GetCommandLineA
GetCurrentThread
SetThreadAffinityMask
GetCommandLineW
IsBadWritePtr
CompareStringA
WriteFile
SetLastError
InterlockedCompareExchange
RtlUnwind
InterlockedDecrement
CreateMutexA
GetLocalTime
GetCPInfo
FoldStringW
InterlockedIncrement
TlsAlloc
GetStringTypeW

user32

GetMessageTime
LoadCursorW
GetThreadDesktop
ShowOwnedPopups
ShowWindow
CallMsgFilterW
GetSystemMenu
CharUpperA
DdeSetQualityOfService
GetKeyNameTextW
PostThreadMessageA
CharLowerA
VkKeyScanExA
GetGuiResources
InvalidateRgn
DrawStateW
IsCharAlphaNumericA
GetKeyboardLayoutNameA
EnumDesktopsW
PaintDesktop
EnumDesktopWindows
InSendMessage
ShowScrollBar
EnableWindow
CopyRect
CreateWindowExA
GetMessagePos
GetMenuCheckMarkDimensions
CreateDialogParamA
DdeCreateStringHandleW
IsDialogMessageA
BringWindowToTop
wsprintfW
ModifyMenuA
DefWindowProcA
IsCharUpperW
GetClassNameA
SendNotifyMessageA
GetWindowLongW
IsWindow
SetProcessWindowStation
DdeConnectList
SetWindowTextA
CharLowerW
GetAncestor
ChangeDisplaySettingsA
DefMDIChildProcW
CopyAcceleratorTableW
RegisterWindowMessageW
GetUserObjectSecurity
SetCapture
RegisterClassA
DefWindowProcW
GetMenuItemCount
DestroyWindow
DestroyMenu
CharToOemBuffW
GetLastActivePopup
EndDeferWindowPos
CountClipboardFormats
GetWindowLongA
InvalidateRect
SendIMEMessageExW
DrawEdge
RedrawWindow
CreateDialogIndirectParamA
GetSystemMetrics
LoadIconA
TranslateMDISysAccel
ShowCaret
GetWindowTextA
SendInput
CreateWindowStationW
GetPropW
SystemParametersInfoW
SetMenuDefaultItem
DdeCmpStringHandles
IsClipboardFormatAvailable
IntersectRect
SetWindowPlacement
DdeFreeStringHandle
IsCharLowerW
ReuseDDElParam
RegisterClassExA
LoadMenuIndirectA
OpenIcon
MessageBoxW
WINNLSEnableIME
WindowFromDC
EndTask
EnumPropsA
GetCursorInfo
DrawTextExA
CharToOemW
CallWindowProcW
SetMenuItemInfoW
DrawTextW
FlashWindow
SendMessageTimeoutW
SetThreadDesktop
EqualRect

shell32

SHGetSpecialFolderPathW
SHInvokePrinterCommandW
ExtractIconW
FindExecutableW
SHGetSpecialFolderLocation

advapi32

RegRestoreKeyA
CryptDuplicateKey
RegQueryValueExW
CryptSetProviderW
CryptSignHashA
RegQueryMultipleValuesW
LookupPrivilegeDisplayNameA
RegEnumKeyW
RegCloseKey

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

102a6e76d0e2d2d06bb7a1c84de9d837

Headers

File Characteristics

Imports

comctl32

wininet

comdlg32

kernel32

user32

shell32

advapi32

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 96KB - Virtual size: 119KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 96KB - Virtual size: 119KB

.rsrc
Size: 16KB - Virtual size: 15KB