402778fc7ba53543b06b1b9bb3752ca7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

402778fc7ba53543b06b1b9bb3752ca7_JaffaCakes118
Size

488KB
MD5

402778fc7ba53543b06b1b9bb3752ca7
SHA1

6f738644a7a9595c1c899455a31ac73165d9c185
SHA256

a5e4480e514a54d9f26963f897104aad41dc480bcad8e7d651c1d395325770fb
SHA512

23e4b002a4d2f8fdfbf8414a11ce46ed02db7402ff47c4e6dc29b77e6a053ec7bee86f2e8ade7e00fb8ebfbb80c4bf2053c9aeca1ca88a550789abc18ed69e04
SSDEEP

12288:zwp4NCNHPyp37Fv+xEA9wSjDvmE0VgSFS+BHpLKMJC:z5wkLFv+xEAdvN0OJax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
402778fc7ba53543b06b1b9bb3752ca7_JaffaCakes118

Files

402778fc7ba53543b06b1b9bb3752ca7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bddbff098c972194fdff1a1ccb1932a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FindFirstUrlCacheEntryA
InternetSetCookieW
GopherFindFirstFileA
InternetGetConnectedStateExW

comdlg32

GetSaveFileNameW
GetOpenFileNameA
ChooseFontA
ReplaceTextW

advapi32

RegQueryValueExA
CryptDuplicateHash
CryptImportKey
CryptSetProviderW
CryptEnumProvidersW
RegOpenKeyExW
LookupPrivilegeNameA

comctl32

InitCommonControlsEx

gdi32

SetRectRgn
CreateDCA
GetTextExtentExPointW
DeleteDC
GetCharacterPlacementA
SetWindowOrgEx
GetICMProfileW
SetPixelV
Rectangle
ExtCreateRegion
RealizePalette
EnumFontFamiliesExA
GetSystemPaletteUse
CreateFontA
SwapBuffers
GetPixel
GetGraphicsMode
GetDeviceCaps

user32

CreateWindowExW
DestroyAcceleratorTable
RegisterClassA
ShowCursor
ShowWindow
GetMenuContextHelpId
TileWindows
GetScrollRange
WINNLSEnableIME
SwitchToThisWindow
InflateRect
MapVirtualKeyExW
CharLowerBuffW
GetNextDlgTabItem
RegisterClassExA
DestroyCaret
GetQueueStatus
CreateAcceleratorTableW
MessageBoxW
SetForegroundWindow
CascadeWindows
LoadStringA
GetMenuInfo
SetScrollInfo
InvertRect
SendInput
GetClassInfoW
OpenDesktopW
GetWindowPlacement

kernel32

GetStdHandle
LCMapStringW
WideCharToMultiByte
GetCurrentThreadId
LocalSize
VirtualQuery
GetTickCount
IsBadReadPtr
GlobalHandle
GetStartupInfoA
SetEnvironmentVariableA
GetCommandLineA
SetComputerNameW
OpenWaitableTimerW
ReadConsoleInputA
CreateMutexA
GetOEMCP
CloseHandle
DeleteCriticalSection
GetLocalTime
InitializeCriticalSection
FlushFileBuffers
SetHandleCount
ReadFile
GetVersionExA
LCMapStringA
MoveFileA
CompareStringW
GetSystemTime
GetEnvironmentStrings
GetProcAddress
TlsSetValue
HeapCreate
InterlockedIncrement
lstrcatA
ReadConsoleA
TlsGetValue
GetModuleHandleA
RtlUnwind
GetLogicalDriveStringsW
VirtualFree
GetCurrentThread
FreeEnvironmentStringsW
GetFileType
ExitProcess
SetStdHandle
TerminateProcess
WaitForSingleObjectEx
MultiByteToWideChar
ReadFileEx
ExitThread
VirtualAlloc
InterlockedExchange
SetLastError
WriteFile
CreateFileMappingW
GetCPInfo
GetStringTypeA
SetFilePointer
GetStringTypeW
InterlockedDecrement
GetTimeZoneInformation
LeaveCriticalSection
GetCurrentProcessId
GetDriveTypeW
LoadLibraryA
TlsFree
WriteProfileStringW
ReadConsoleOutputA
EnterCriticalSection
HeapAlloc
GetLastError
GetVersion
IsBadWritePtr
GetACP
GetEnvironmentStringsW
HeapReAlloc
GetCurrentProcess
GlobalAlloc
UnhandledExceptionFilter
GetSystemTimeAsFileTime
lstrcmpiW
QueryPerformanceCounter
GetModuleFileNameA
HeapDestroy
LocalFileTimeToFileTime
TlsAlloc
FreeEnvironmentStringsA
GlobalFix
OpenMutexA
OpenProcess
HeapFree
VirtualAllocEx
GetTempFileNameW
CompareStringA

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bddbff098c972194fdff1a1ccb1932a3

Headers

File Characteristics

Imports

wininet

comdlg32

advapi32

comctl32

gdi32

user32

kernel32

Sections

.text Size: 313KB - Virtual size: 312KB

.rdata Size: 46KB - Virtual size: 59KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 313KB - Virtual size: 312KB

.rdata
Size: 46KB - Virtual size: 59KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 12KB - Virtual size: 12KB