3fe37d712fea3090cde8e931482d38d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fe37d712fea3090cde8e931482d38d0_JaffaCakes118
Size

596KB
MD5

3fe37d712fea3090cde8e931482d38d0
SHA1

44179aeccb328cac2097a0f020fa71eb744e350b
SHA256

692cf96f0ff3c55ee77da536b693f91a5edada94668cc539a13b10bd7fe32e8f
SHA512

c89f9f76ab4daa03a7dfbb95e25515f715a498cad8d84baef112a39e2423196f35a1b9710636b50bd9d5585f850048c459832f038e1792aedd8bdba15c372b08
SSDEEP

6144:iHYAs8IAT41zbqmunSSdsoQdCKh43zP60JQ40dpchJlq3b:eYAs5AT4FbAnSSSogC1bV0nchJlq3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fe37d712fea3090cde8e931482d38d0_JaffaCakes118

Files

3fe37d712fea3090cde8e931482d38d0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e628fd66fde400e563f80f2e53095357

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wininet

HttpQueryInfoA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetCloseHandle
InternetErrorDlg
HttpSendRequestA
InternetReadFile
HttpOpenRequestA
InternetConnectA
InternetOpenA

kernel32

InterlockedIncrement
GetCPInfo
GetOEMCP
WritePrivateProfileStringA
GetCurrentDirectoryA
SetErrorMode
RtlUnwind
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
ExitThread
TlsFree
HeapSize
SetStdHandle
GetFileType
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetDriveTypeA
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
LeaveCriticalSection
EnterCriticalSection
LocalAlloc
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileA
FindClose
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
lstrcmpA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GlobalAlloc
FormatMessageA
LocalFree
InterlockedDecrement
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
lstrcpynA
MulDiv
GetModuleHandleA
GetProcAddress
SetLastError
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
CreateProcessA
Sleep
CreateFileA
WriteFile
CloseHandle
GetTickCount
VerLanguageNameA
CreateMutexA
ReleaseMutex
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetLastError
DeleteFileA
GetModuleFileNameA
CreateDirectoryA
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CreateThread

user32

MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
SetWindowContextHelpId
MapDialogRect
TranslateMessage
GetCursorPos
ValidateRect
SetCursor
PostQuitMessage
WaitMessage
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
GetNextDlgGroupItem
GetKeyState
IsWindowVisible
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
UnregisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CopyRect
GetWindow
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
SetWindowPos
GetSystemMetrics
LoadIconA
KillTimer
SetTimer
GetSystemMenu
SendMessageA
AppendMenuA
DrawIcon
wsprintfA
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
ReleaseCapture
SetCapture
SetForegroundWindow
GetLastActivePopup
FindWindowA
CharUpperA
InvalidateRect
GetDC
ScreenToClient
IsIconic
OffsetRect
LoadCursorA
GetSysColorBrush
MapWindowPoints
DestroyMenu
SetRect
PtInRect
MessageBoxA
PeekMessageA
EnableWindow
GetClientRect
GetWindowRect
SetWindowRgn
PostMessageA
LoadBitmapA
GetClassNameA
GetMessageA

gdi32

ExtSelectClipRgn
DeleteDC
CreateBitmap
TextOutA
GetDeviceCaps
CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SetBkMode
SetBkColor
RestoreDC
SaveDC
StretchBlt
GetStockObject
CreateCompatibleDC
CreateRectRgn
GetObjectA
GetMapMode
GetClipBox
SetMapMode
SetTextColor
ExtTextOutA

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCloseKey

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
ShellExecuteA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
UrlUnescapeA

oledlg

ord8

ole32

CLSIDFromString
CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID

oleaut32

SysStringLen
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysAllocStringByteLen
OleCreateFontIndirect
SysFreeString
SysAllocStringLen
VariantInit
VariantChangeType
VariantClear

ws2_32

WSAStartup
closesocket
accept
socket
select
WSACleanup
htonl
bind
WSAGetLastError
connect
sendto
recvfrom
WSASetLastError
htons
gethostbyname
inet_addr
listen
recv
send
WSAAsyncSelect

Sections

.text
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 324KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e628fd66fde400e563f80f2e53095357

Headers

File Characteristics

Imports

version

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 200KB - Virtual size: 199KB

.rdata Size: 56KB - Virtual size: 53KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 324KB - Virtual size: 320KB

.text
Size: 200KB - Virtual size: 199KB

.rdata
Size: 56KB - Virtual size: 53KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 324KB - Virtual size: 320KB