3d403ddffb3ae5ee68dd7e0c109b73ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d403ddffb3ae5ee68dd7e0c109b73ab_JaffaCakes118
Size

160KB
MD5

3d403ddffb3ae5ee68dd7e0c109b73ab
SHA1

b69fd511f9977d8056fc368c86b604c95cad448a
SHA256

ad07527cf45aa61c0c4185a22cf4df1fa036b551c8b842e86ded3a26ded26c0b
SHA512

8c6615ec43fdd720c73bb0d542d55131f38fd08fe2580ff78f503d3c70cfc727c9ddcfa3e26a219dcfbc17d572f1618d4c4e5a94a7daa58e4fbc7ac8ea9f08ae
SSDEEP

3072:r0sskeKiGwdRvz3BEk9iGzDMZDlJiRrEXpPs18z+lAs:KGwnGk9iGMsscIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d403ddffb3ae5ee68dd7e0c109b73ab_JaffaCakes118

Files

3d403ddffb3ae5ee68dd7e0c109b73ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c8225e2db69cb1efc61dac309ef83c32

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetCommandLineW
Sleep
LocalFree
LocalAlloc
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
lstrcmpW
lstrcmpiW
lstrcpyW
InterlockedIncrement
CreateProcessA
GetModuleFileNameA
InterlockedDecrement
GetVolumeInformationA
GetLastError
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LoadLibraryA
WaitForSingleObject
VirtualAlloc
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
TerminateThread
CreateFileA
ReadFile
PeekNamedPipe
CloseHandle
ExitProcess
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapSize
GetStdHandle
WriteFile
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
GetProcessHeap
HeapAlloc
lstrcpyA
lstrcatA
lstrlenA
HeapReAlloc
HeapFree
TlsGetValue
GetProcAddress
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetVersionExA
GetCommandLineA
RtlUnwind
RaiseException
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

winmm

timeGetTime

ws2_32

WSACleanup
gethostname
WSAStartup

user32

RegisterClassW
wsprintfA
PostQuitMessage
ReleaseDC
FillRect
GetDC
SetRect
wsprintfW
SetTimer
KillTimer
GetClientRect
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
SetWindowLongA
UnregisterClassW
CreateWindowExW
DefWindowProcA
GetWindowLongA

advapi32

RegSetValueExA
RegOpenKeyExA
RegEnumKeyA
RegCreateKeyExA
RegCloseKey

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen
SysStringLen
VariantInit

gdiplus

GdipFree
GdipAlloc
GdipDisposeImage
GdipSaveImageToStream
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusShutdown
GdiplusStartup
GdipCloneImage

gdi32

DeleteObject
GetStockObject
SelectObject
CreateCompatibleBitmap
DeleteDC
CreateCompatibleDC

wininet

HttpQueryInfoA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetQueryOptionA
HttpSendRequestA
InternetSetOptionA
InternetQueryDataAvailable
InternetReadFile

shell32

CommandLineToArgvW

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c8225e2db69cb1efc61dac309ef83c32

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

ws2_32

user32

advapi32

ole32

oleaut32

gdiplus

gdi32

wininet

shell32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 12KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 12KB