43e0f6d39014c100b791d26ada06b5b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43e0f6d39014c100b791d26ada06b5b2_JaffaCakes118
Size

180KB
MD5

43e0f6d39014c100b791d26ada06b5b2
SHA1

153ee43067406e737051f3f44cbd2440dfe0dabc
SHA256

8fea9439c0295b2c61b0337af0c92b2ea0412717ca50a1a7efa9198aa325a989
SHA512

bed0399d54012c38047efe174e3b0a328c87a845b6965ccd67f78c8f6f93f82af9f3e0318ae16b9b3f7ef215674c939a72315a54c84bd32e01652174db220c8c
SSDEEP

3072:v8+puA/7CCpSA2RZKSG1nziH1lElILa4Iz4FCxio9yset4yEa9G0Y:v8+puA/7CCpSA2I0lOWcz4oxdjyEMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43e0f6d39014c100b791d26ada06b5b2_JaffaCakes118

Files

43e0f6d39014c100b791d26ada06b5b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a920c8930a63df7b88c64dccd8c7d447

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetErrorMode
GetCPInfo
GetOEMCP
RtlUnwind
ExitProcess
GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
VirtualFree
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetDriveTypeA
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetCurrentDirectoryA
lstrcatA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
lstrcpynA
FormatMessageA
lstrcpyA
SetLastError
WaitForSingleObject
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
FreeLibrary
MultiByteToWideChar
lstrlenA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FindFirstFileA
FindNextFileA
FindClose
GetModuleHandleA
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
OpenProcess
TerminateProcess
CloseHandle
Process32Next
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
LocalAlloc
LocalFree
GetPrivateProfileStringA
GetFileAttributesA
WritePrivateProfileStringA
GetModuleFileNameA
OutputDebugStringA
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
CopyFileA
WinExec
GetVersionExA
Sleep
LoadLibraryA
GetProcAddress
VirtualAlloc

user32

GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetTopWindow
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
CharUpperA
DestroyMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
ShowWindow
SetWindowPos
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
GetClassLongA
wsprintfA
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
PtInRect
GetClassNameA
ClientToScreen
LoadCursorA
LoadStringA
UnhookWindowsHookEx
SetFocus
GetSystemMetrics
DestroyWindow
GetDlgItem
CopyRect
GetClientRect
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
CreateWindowExA
EnableWindow
SetCursor
PostQuitMessage
PostMessageA
RegisterWindowMessageA
GetWindowRect
SendMessageA
PeekMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
GetMenuItemCount
SetForegroundWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetCapture
UnregisterClassA

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetMapMode
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetTextColor
SetBkColor
GetStockObject
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SelectObject
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoTaskMemFree
CoInitialize

url

InetIsOffline

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 120KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a920c8930a63df7b88c64dccd8c7d447

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

url

wininet

iphlpapi

Sections

.text Size: 120KB - Virtual size: 116KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 16KB - Virtual size: 30KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 120KB - Virtual size: 116KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 16KB - Virtual size: 30KB

.rsrc
Size: 12KB - Virtual size: 8KB