47d087915cdfd2e7d0a5b644d9c19c31_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47d087915cdfd2e7d0a5b644d9c19c31_JaffaCakes118
Size

1.2MB
MD5

47d087915cdfd2e7d0a5b644d9c19c31
SHA1

58b15a74449a29285d62a526eb766a33fb6326c6
SHA256

312f41d870cd63a37978fdad5e535a9846626788c8e323992457db53b7085148
SHA512

49baf785cf31947dde3ef4c73c89d5017444d2f8faae21a2a4b2ae82ee8bbb4d46d02d0b18a3b0be200bbb8c63b3a50f766c28199f46c90a27e133bacdab3c86
SSDEEP

6144:0oSktFPJRtb/NJ5HGkl/Lcb4VDYh7x0l64ajCuk6YEmm2IoOlFoOlyEkPXWoOlJ3:j/PJHb/Nd/M4pU7xN4SCuk6YEIC7v/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d087915cdfd2e7d0a5b644d9c19c31_JaffaCakes118

Files

47d087915cdfd2e7d0a5b644d9c19c31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90b2617d7242321df6a934d7f600797d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup

kernel32

GetWindowsDirectoryA
DeleteFileA
GetVersionExA
CreateThread
GlobalFree
GetSystemDefaultLangID
GetCommandLineA
GetLastError
FormatMessageA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapSize
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEndOfFile
InitializeCriticalSection
GetPrivateProfileStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
FlushFileBuffers
RaiseException
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
WriteFile
CreateFileA
DeleteCriticalSection
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
InterlockedDecrement
GetCurrentThreadId
GetPrivateProfileIntA
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
CreateProcessA
WaitForSingleObject
FindResourceA
SizeofResource
LoadResource
FreeResource
GetDiskFreeSpaceExA
CreateDirectoryA
MultiByteToWideChar
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
_lopen
GetFileSize
_lclose
Sleep
FindFirstFileA
FindClose
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetProcessHeap
HeapAlloc
GetFileAttributesA
GetSystemTimeAsFileTime
RtlUnwind
ReadFile
SetFilePointer
HeapFree
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
MoveFileA

user32

GetClassInfoA
GetWindowLongA
SendMessageA
WaitForInputIdle
LoadCursorA
ShowWindow
ReleaseDC
wsprintfA
GetDC
RegisterClassA
CreateWindowExA
CallWindowProcA
PostMessageA
GetParent
PeekMessageA
FindWindowA
BringWindowToTop
PostQuitMessage
GetMessageA
DispatchMessageA
TranslateMessage
UpdateWindow
LoadStringA
RegisterClassExA
DefWindowProcA
DestroyWindow
LoadIconA
SetWindowTextA
CreateDialogParamA
DialogBoxParamA
GetDlgItemTextA
SetWindowPos
SetWindowLongA
LoadBitmapA
SetRect
GetDlgItem
SendDlgItemMessageA
SetWindowRgn
EndDialog
GetClientRect
BeginPaint
EndPaint
IsDlgButtonChecked
ReleaseCapture
IsWindowVisible
MessageBoxA
GetDesktopWindow
GetWindowRect
MoveWindow
SetDlgItemTextA

gdi32

SetTextColor
GetTextExtentPoint32A
CreateFontIndirectA
GetDeviceCaps
GetObjectA
CreateRoundRectRgn
DeleteObject
SetBkMode
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
TextOutA

advapi32

RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetMalloc
SHBrowseForFolderA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CoInitialize
CoCreateInstance

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetQueryOptionA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90b2617d7242321df6a934d7f600797d

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

wininet

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 12KB - Virtual size: 49KB

.rsrc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 12KB - Virtual size: 49KB

.rsrc
Size: 1.1MB - Virtual size: 1.1MB