496013e115b977f03fb46c063de13002_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

496013e115b977f03fb46c063de13002_JaffaCakes118
Size

500KB
MD5

496013e115b977f03fb46c063de13002
SHA1

94edb3a7928ac435b573ff6daef399c0eaeebb1e
SHA256

ebabfba84b4897531fb5cdcca10389bb28c71e8b8362a1c1ca03a3d23515ee0c
SHA512

f0da6fbec90c57d28fc6a10b32b76aff016e1a1fb9d7a4cea09afe353017cd029c4b58f9aff88ef6e646e0abc9e0510ac8d7fe81a5e86cd8928b9ef579626812
SSDEEP

12288:+0d70KZMG6w6pjP/+om9JYwDf8JY1nUzw4M+Y:do4MJw6p7/ZxA4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
496013e115b977f03fb46c063de13002_JaffaCakes118

Files

496013e115b977f03fb46c063de13002_JaffaCakes118
.exe windows:4 windows x86 arch:x86

929c5a3cbb2163d34707c5a4d76b6c8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\nolhps

Imports

wininet

InternetQueryOptionW
InternetCombineUrlA
FtpPutFileW
InternetCrackUrlW
HttpQueryInfoA
CreateUrlCacheGroup
InternetGetConnectedStateExW
InternetGetConnectedState
FtpGetFileEx

kernel32

FindResourceA
GetFileType
WriteConsoleOutputCharacterA
GetUserDefaultLCID
GetVersion
HeapAlloc
GetACP
TerminateProcess
GetOEMCP
EnumSystemLocalesA
VirtualAlloc
ReadConsoleW
IsValidCodePage
GetLocaleInfoW
QueryPerformanceCounter
SetEnvironmentVariableA
MultiByteToWideChar
GetCurrentThread
SetPriorityClass
LockResource
GetCPInfo
GetCurrentProcessId
VirtualFree
GetStringTypeA
GetLocaleInfoA
GetStdHandle
SetEnvironmentVariableW
ReadConsoleOutputAttribute
OpenMutexA
GetEnvironmentStrings
CreateProcessW
LoadModule
CreateWaitableTimerW
GetProfileIntA
IsValidLocale
LoadLibraryA
GetTickCount
InterlockedExchange
HeapSize
GetStartupInfoA
GetProcAddress
GetSystemTimeAsFileTime
RtlUnwind
HeapCreate
HeapFree
ResumeThread
GetProcessShutdownParameters
VirtualQuery
FreeEnvironmentStringsW
CreateMutexA
HeapDestroy
GetStringTypeW
EnterCriticalSection
GetTimeZoneInformation
SetTimeZoneInformation
ReadFile
IsBadWritePtr
SetStdHandle
GetCurrentThreadId
FlushFileBuffers
DeleteFileW
WideCharToMultiByte
SetLastError
GetLastError
GetEnvironmentStringsW
FindClose
GetCurrentProcess
ExitProcess
GetTimeFormatW
lstrcpynW
SetFilePointer
GetVersionExA
GetStartupInfoW
HeapReAlloc
UnhandledExceptionFilter
DeleteCriticalSection
CloseHandle
LCMapStringA
MoveFileExW
GetSystemInfo
LocalLock
TlsSetValue
GetCommandLineA
GlobalFix
LCMapStringW
SetHandleCount
FreeEnvironmentStringsA
CompareStringW
TlsFree
EnumDateFormatsW
GlobalDeleteAtom
LeaveCriticalSection
GetModuleFileNameA
TlsGetValue
CompareStringA
GetModuleHandleA
GetCommandLineW
CreateMailslotA
GetTimeFormatA
GetModuleFileNameW
InitializeCriticalSection
WriteFile
VirtualProtect
TlsAlloc
GetDateFormatA
lstrcatA

comctl32

DestroyPropertySheetPage
ImageList_Destroy
InitCommonControlsEx
ImageList_GetFlags
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_GetImageRect
GetEffectiveClientRect
CreatePropertySheetPage

user32

GetClipboardViewer
GetKBCodePage
DrawAnimatedRects
SetWindowPlacement
GetDlgItemInt
AdjustWindowRectEx
DeleteMenu
PostMessageA
RegisterClassA
CharNextA
SetActiveWindow
EnumPropsW
VkKeyScanExW
InSendMessage
ChangeMenuW
SetClassWord
CreateIconIndirect
OemKeyScan
DefWindowProcW
DestroyWindow
UnregisterHotKey
PeekMessageW
OpenInputDesktop
GetClassNameA
ScreenToClient
GetTabbedTextExtentA
SetUserObjectInformationW
SetWindowLongW
SetWindowPos
GetWindowLongA
GetGUIThreadInfo
DdeCreateStringHandleA
DefWindowProcA
DefFrameProcA
GetClassWord
SetShellWindow
CreateWindowExA
AnimateWindow
GetCursor
SwapMouseButton
CharLowerW
OpenIcon
DdeDisconnect
GetMessagePos
GetTitleBarInfo
GetClassInfoExA
ShowWindow
ShowCursor
DrawCaption
GetScrollPos
CharUpperBuffA
CheckMenuRadioItem
GetMessageExtraInfo
GetCaretPos
MessageBoxA
CallWindowProcW
EnumWindows
DlgDirListW
CascadeChildWindows
IsCharAlphaA
GetKeyState
SetProcessDefaultLayout
InvertRect
RegisterClassExA
WaitForInputIdle
CheckMenuItem
MessageBoxW
GrayStringA
GetMenuCheckMarkDimensions
GetInputDesktop
GetSysColor
MapVirtualKeyA

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929c5a3cbb2163d34707c5a4d76b6c8a

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

comctl32

user32

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 108KB - Virtual size: 125KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 108KB - Virtual size: 125KB

.rsrc
Size: 36KB - Virtual size: 33KB