3c8508200c5aac99af7cbcc1824d661b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c8508200c5aac99af7cbcc1824d661b_JaffaCakes118
Size

172KB
MD5

3c8508200c5aac99af7cbcc1824d661b
SHA1

38725b287ed71c9a6ea8c41e4ee7daff9baf33ea
SHA256

8347025185985ff1604a22af2d5689d27380b992819afdccc111410de4d7696f
SHA512

ad669de4e34f162fdcd170ef97b93b2d12f3747a79123293831348d163bfdeb798b6f4e4f5fd419dbf7c2275b17f1d0ecf9871b44c7edd9684ae59e77a3d1937
SSDEEP

3072:0LADt0N0BAqYA/0fEVO9hWZHLAgyn348rsSRpN6/tmQjLt:0LADt0N08EHdyGAQj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c8508200c5aac99af7cbcc1824d661b_JaffaCakes118

Files

3c8508200c5aac99af7cbcc1824d661b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3b29c829cbfc7bbce74c38cef5054bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

wininet

InternetCloseHandle
InternetReadFileExA
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

kernel32

GlobalFlags
WritePrivateProfileStringA
lstrcatA
GetCurrentDirectoryA
GetModuleHandleA
GetVersion
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetFileAttributesA
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
SetStdHandle
GetFileType
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
TlsGetValue
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
DuplicateHandle
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
LocalAlloc
FreeLibrary
lstrcpyA
EnterCriticalSection
lstrcpynA
SetLastError
FormatMessageA
LocalFree
lstrlenA
InterlockedIncrement
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThreadId
GetVersionExA
CreateProcessA
WaitForSingleObject
Sleep
DeleteFileA
MultiByteToWideChar
FindFirstFileA
FindNextFileA
FindClose
InterlockedDecrement
WideCharToMultiByte
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
SetProcessPriorityBoost
CreateFileA
WriteFile
GetFileSize
CloseHandle
GetTickCount
GetModuleFileNameA
SetFilePointer
GetLastError
GetStartupInfoA

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
ClientToScreen
LoadCursorA
GetSystemMetrics
CharUpperA
wsprintfA
LoadStringA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
SendMessageA
PostQuitMessage
PostMessageA
UnregisterClassA
GetCapture

gdi32

SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetViewportExtEx
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SetTextColor
ScaleViewportExtEx
SelectObject
OffsetViewportOrgEx
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap
SetBkColor
GetStockObject
SetViewportOrgEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteExA
SHChangeNotify

comctl32

ord17

ole32

CoInitializeEx
CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeSecurity

oleaut32

SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b29c829cbfc7bbce74c38cef5054bf

Headers

File Characteristics

Imports

iphlpapi

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

oleaut32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 16KB - Virtual size: 43KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 16KB - Virtual size: 43KB

.rsrc
Size: 12KB - Virtual size: 9KB