3dff328654b4fd7ed76d4cc25e5d70d5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3dff328654b4fd7ed76d4cc25e5d70d5_JaffaCakes118
Size

190KB
MD5

3dff328654b4fd7ed76d4cc25e5d70d5
SHA1

a663e23569f0dae191878766dd9580feeeb80a1d
SHA256

903b5dbeb85c211259eafb3f4df878eaebd52c4c7ac4f0755591924b14501748
SHA512

8ff7955878f599f8aef9fc1f76e5b43c70ae1430810b9b1358c085423cfc6f272f2875d3c40a59d61b7c1c0919111661e34f942124cf364e979d540275396ff4
SSDEEP

3072:iW+nya3MHm8YmIiXg2MzOTeBjRebHagJF/fe73QGDsTK5oHeYRndQGgfcY:f2xiXg2Ti8b6gj4zsTZ+YRdQgY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dff328654b4fd7ed76d4cc25e5d70d5_JaffaCakes118

Files

3dff328654b4fd7ed76d4cc25e5d70d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

643dd604331a921b3d41226a0e55b47a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
AddAtomA
GetExpandedNameW
LoadLibraryExA
GetFileAttributesW
GetFileAttributesA
GetVersion
Sleep
CreateMutexW
lstrcmpiW
GlobalGetAtomNameA
EnumTimeFormatsA
SearchPathA
CreateEventA
CreateSemaphoreW
CreateNamedPipeA
GetLongPathNameA
lstrcatA
CopyFileExA
WinExec
FatalAppExitW
GetLocaleInfoA
FileTimeToLocalFileTime
GetAtomNameW
GetShortPathNameW
SetEvent
BeginUpdateResourceW
EnumCalendarInfoW
ConnectNamedPipe
ExitProcess
OpenEventW
IsBadCodePtr
GetExitCodeThread
Beep
IsBadWritePtr
IsValidLocale
GetCPInfo
lstrlenW
GetDateFormatA
FileTimeToSystemTime
DuplicateHandle
RaiseException
GetACP
GetStringTypeA
SetCalendarInfoA
SystemTimeToFileTime
CreateNamedPipeW
CopyFileA
GetThreadPriority
MultiByteToWideChar
FindAtomW
MulDiv
SetCurrentDirectoryA
GetMailslotInfo
lstrcpyA
GetTempPathA
GetCurrentDirectoryW
GetCurrentProcessId
GetComputerNameA
GetTimeFormatW
CreateMailslotA
GetProcAddress
GetLogicalDrives
GetOEMCP
GetEnvironmentStringsA
GetStartupInfoW
ReadDirectoryChangesW
FileTimeToDosDateTime
OpenSemaphoreA
lstrcmpiA
SetLocaleInfoW
IsValidCodePage
GlobalGetAtomNameW

user32

DefWindowProcW
UnregisterClassA
SetCursor
wsprintfW
IsMenu
DialogBoxIndirectParamA
EndDialog
GetSysColorBrush
CreateDialogParamW
ShowCursor
CharPrevW
LoadCursorA
SetDlgItemTextW
GetMenu
CreateDesktopA
CreateDesktopW
CharUpperW
DialogBoxParamA
GetWindowRgn
MonitorFromPoint
GetAsyncKeyState
WaitForInputIdle
EnableMenuItem
AppendMenuW
MoveWindow
WinHelpA
CreateWindowExA
LoadMenuA
FindWindowA
PeekMessageA
MessageBoxA
CharLowerW
IsDlgButtonChecked
PostQuitMessage
SetFocus
GetSubMenu
LoadCursorW
CreatePopupMenu
GetScrollPos
mouse_event
RegisterWindowMessageW
CreateDialogIndirectParamW
InsertMenuItemA
GetClassInfoExW
IsChild
LoadImageW
ShowCaret
LoadBitmapW
wvsprintfA
SetForegroundWindow
DefWindowProcA
LoadMenuW
GetActiveWindow
GetMenuItemID
CharNextA
GetClassInfoA
GetMessageW
CharUpperA

gdi32

CreatePatternBrush
DeleteObject
CreateColorSpaceA
GetTextExtentPointW
CreateFontIndirectExA
CreatePolyPolygonRgn
AddFontResourceW
CreateBrushIndirect
StretchDIBits
GetMetaFileW
CreateFontA
SetEnhMetaFileBits
TranslateCharsetInfo
CreateICA
CreateICW
CreateBitmapIndirect
CreateDIBPatternBrushPt
CreateRectRgn
GetMetaFileA
GetTextExtentPointA
CreateCompatibleDC
CreateBitmap
SelectBrushLocal
SetWinMetaFileBits
CreateScalableFontResourceA

shell32

StrNCmpW
StrRStrW
ShellExecuteExW
StrCmpNA
SHGetFolderLocation

shlwapi

SHGetInverseCMAP
PathIsSystemFolderW
PathRemoveFileSpecW
PathStripPathA
StrCatW
StrToIntA

setupapi

SetupQuerySourceListA
SetupDiCreateDevRegKeyW
CMP_GetServerSideDeviceInstallFlags
SetupInstallServicesFromInfSectionExW

urlmon

CoInternetGetSession
URLDownloadToCacheFileW
DllRegisterServer
GetMarkOfTheWeb
RegisterMediaTypeClass
RevokeBindStatusCallback
RegisterMediaTypes
UrlMkBuildVersion
GetClassURL

wsock32

WSApSetPostRoutine
htonl

Sections

.Uo
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.C
Size: 4KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Idu
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GdrLO
Size: 5KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qU
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qBEgmk
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OJwd
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dEtjKk
Size: 11KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.D
Size: 3KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

643dd604331a921b3d41226a0e55b47a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

setupapi

urlmon

wsock32

Sections

.Uo Size: 9KB - Virtual size: 8KB

.C Size: 4KB - Virtual size: 460KB

.Idu Size: 2KB - Virtual size: 13KB

.GdrLO Size: 5KB - Virtual size: 87KB

.qU Size: 88KB - Virtual size: 88KB

.qBEgmk Size: 12KB - Virtual size: 12KB

.i Size: 5KB - Virtual size: 23KB

.OJwd Size: 92KB - Virtual size: 92KB

.dEtjKk Size: 11KB - Virtual size: 336KB

.D Size: 3KB - Virtual size: 96KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 1024B

.Uo
Size: 9KB - Virtual size: 8KB

.C
Size: 4KB - Virtual size: 460KB

.Idu
Size: 2KB - Virtual size: 13KB

.GdrLO
Size: 5KB - Virtual size: 87KB

.qU
Size: 88KB - Virtual size: 88KB

.qBEgmk
Size: 12KB - Virtual size: 12KB

.i
Size: 5KB - Virtual size: 23KB

.OJwd
Size: 92KB - Virtual size: 92KB

.dEtjKk
Size: 11KB - Virtual size: 336KB

.D
Size: 3KB - Virtual size: 96KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 1024B