4a50c73cadd7c3c9da1e5bbb4d84b983_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a50c73cadd7c3c9da1e5bbb4d84b983_JaffaCakes118
Size

415KB
MD5

4a50c73cadd7c3c9da1e5bbb4d84b983
SHA1

3cd0bc340a06dfe8d3579b59102731ce133b6fa9
SHA256

e4a5e2a248bdef5af243e99fcb28f2bda8187101abdf5c3335977a92b3408ba9
SHA512

cd41411f33a21bbd8e4b35190415769946ad0557b9d9146547e6a6dbd3d7bcf5d308b19c85bde0b403fcf5ca184e54bd53cebcd07c4755bb821e3397bc22d09e
SSDEEP

6144:YPFyLsw31r/d7mw1JeVesyMw4e/NMHbJ+5UszlpphtLykGG4nOjz:YPF0sYTl6aNzPPp3ukd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a50c73cadd7c3c9da1e5bbb4d84b983_JaffaCakes118

Files

4a50c73cadd7c3c9da1e5bbb4d84b983_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f395d51477f0f84299c8cafa435859d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
LocalUnlock
FindResourceA
FindResourceExA
WaitCommEvent
GetEnvironmentVariableA
GetThreadSelectorEntry
GetVolumeInformationA
FindAtomA
GlobalWire
GlobalAddAtomW
GetEnvironmentStrings
FillConsoleOutputAttribute
CreateToolhelp32Snapshot
CreateProcessA
ExitThread
MoveFileExA
GetProcessHeap
GetLogicalDriveStringsA
Thread32Next
FillConsoleOutputCharacterA
GetConsoleTitleW
GetLongPathNameA
GetNumberOfConsoleInputEvents
GetNumberFormatA
WriteConsoleOutputCharacterW
GetProcAddress
GetACP
GetFileAttributesW
LoadModule
SetThreadAffinityMask
GetThreadTimes
GetSystemTime
ReadConsoleOutputCharacterA
WriteConsoleInputA
GetProcessTimes
FreeResource
GetConsoleScreenBufferInfo
ReadConsoleOutputA
SetSystemTimeAdjustment
EnumResourceLanguagesA
lstrcmpiA
SetLastError
lstrcpyA
InitializeCriticalSectionAndSpinCount
GlobalFindAtomW
WaitForMultipleObjectsEx
GetStdHandle
LoadLibraryW
GetModuleFileNameW
GetTempPathA
FlushViewOfFile
FreeEnvironmentStringsW
ReleaseMutex
SetEnvironmentVariableW
FindAtomW
GetPrivateProfileStructW
FoldStringA
InterlockedDecrement
CreateMailslotA
FindNextChangeNotification
GetNumberFormatW
GetHandleInformation
GlobalFindAtomA
GlobalHandle
ReadFile
SetLocalTime
GetProfileIntW
GetThreadLocale
GetSystemDefaultLCID
EnumResourceLanguagesW
LocalFree
GetProfileSectionA
FindResourceExW
RtlZeroMemory
WriteConsoleInputW
WriteFileGather
FindClose
GetWindowsDirectoryA
Toolhelp32ReadProcessMemory
GetStartupInfoW
GetThreadPriorityBoost
EnumResourceTypesA
SystemTimeToFileTime
SetConsoleCtrlHandler
MulDiv
EnumSystemLocalesW
AddAtomW
lstrcpyW
SetConsoleTitleA
TlsSetValue
EnumDateFormatsExA
SearchPathA
GlobalFree
CreateDirectoryExA
FormatMessageW
GetConsoleCP
GetPrivateProfileSectionA
GetNamedPipeInfo
SetLocaleInfoA
SetThreadContext
MultiByteToWideChar
SetComputerNameA
CreateProcessW
InterlockedCompareExchange
FreeEnvironmentStringsA
CopyFileA
GetVersion
GetLocalTime
GetFullPathNameA
lstrlen
WaitForMultipleObjects
EnumSystemCodePagesA
MapViewOfFile
SetPriorityClass
GetNamedPipeHandleStateW
EnumCalendarInfoW
InitializeCriticalSection
GetCurrentThread
HeapCreate
GetStringTypeExA
CreateMutexW
ReadFileScatter
SetEvent
GetProfileStringA
FreeConsole
FileTimeToSystemTime
GetTimeFormatA
GlobalSize

advapi32

CryptGenRandom
CryptSetProviderExW
CryptGetProvParam
CryptSetProvParam
RegFlushKey
RegSaveKeyW
RegOpenKeyA
RegQueryInfoKeyW
CryptContextAddRef
CryptDeriveKey
RegEnumKeyA
LookupAccountSidA
ReportEventW
CryptDestroyKey

shell32

SheChangeDirExW
SHAddToRecentDocs
SHGetFileInfoW
ExtractIconEx
SheSetCurDrive
FindExecutableA
SHInvokePrinterCommandW

wininet

SetUrlCacheGroupAttributeW
InternetSetDialStateA
InternetCreateUrlW
InternetGetConnectedState
InternetCrackUrlW
IsUrlCacheEntryExpiredA
InternetDialA
HttpSendRequestA
SetUrlCacheHeaderData
FreeUrlCacheSpaceA
InternetCanonicalizeUrlA
GopherGetAttributeW
InternetOpenUrlA
GopherGetLocatorTypeA
SetUrlCacheEntryGroupA
ResumeSuspendedDownload
GopherOpenFileA
FtpPutFileEx
InternetTimeToSystemTimeW
RetrieveUrlCacheEntryStreamA
FtpPutFileW
GopherCreateLocatorA
ShowSecurityInfo
InternetGoOnlineA
GopherCreateLocatorW
InternetGetLastResponseInfoA
SetUrlCacheGroupAttributeA
UnlockUrlCacheEntryFileW
DeleteUrlCacheContainerW
FindFirstUrlCacheGroup
InternetOpenA
InternetGoOnlineW
FtpRemoveDirectoryW
IncrementUrlCacheHeaderData
ShowClientAuthCerts
InternetSetFilePointer
DeleteUrlCacheGroup
HttpOpenRequestA
GetUrlCacheEntryInfoA
InternetDial
InternetSetDialState
GetUrlCacheEntryInfoExA
UpdateUrlCacheContentPath
InternetTimeToSystemTime
FtpFindFirstFileW
CommitUrlCacheEntryA
FindFirstUrlCacheContainerW
InternetFindNextFileW
GetUrlCacheGroupAttributeA
FtpDeleteFileW
DeleteUrlCacheEntry
InternetShowSecurityInfoByURLW
FtpOpenFileW
InternetQueryFortezzaStatus
ShowX509EncodedCertificate
FindNextUrlCacheEntryExA
FtpCreateDirectoryA
FindNextUrlCacheContainerA
InternetWriteFile
InternetErrorDlg
InternetHangUp
SetUrlCacheEntryGroupW
InternetReadFileExW
HttpSendRequestW
GopherGetLocatorTypeW
InternetAlgIdToStringW
InternetGetCertByURLA
InternetSetOptionExW
InternetSecurityProtocolToStringW
HttpEndRequestW
FtpGetFileA
InternetTimeFromSystemTimeA
HttpOpenRequestW
InternetFindNextFileA
CreateUrlCacheContainerA
InternetSetOptionW
FtpDeleteFileA
UnlockUrlCacheEntryStream
ReadUrlCacheEntryStream
InternetAutodialHangup
InternetReadFileExA
FindNextUrlCacheEntryExW
InternetOpenW
InternetCloseHandle
FreeUrlCacheSpaceW
InternetReadFile
FindFirstUrlCacheEntryA
FindFirstUrlCacheEntryExA
InternetQueryOptionW
RunOnceUrlCache
InternetGetCertByURL
RetrieveUrlCacheEntryFileA
FtpGetCurrentDirectoryA
InternetTimeFromSystemTimeW
InternetShowSecurityInfoByURLA
UnlockUrlCacheEntryFile
InternetQueryOptionA
FtpGetFileSize
FindNextUrlCacheGroup
GetUrlCacheConfigInfoW
FtpCreateDirectoryW
InternetCombineUrlW
DetectAutoProxyUrl
IsHostInProxyBypassList
DeleteUrlCacheContainerA
InternetGetLastResponseInfoW
FindFirstUrlCacheEntryExW
FindNextUrlCacheEntryW
UnlockUrlCacheEntryFileA
InternetTimeFromSystemTime
InternetGetConnectedStateExA
CreateUrlCacheGroup
GetUrlCacheHeaderData
FindFirstUrlCacheEntryW
InternetCombineUrlA
UrlZonesDetach
InternetInitializeAutoProxyDll
HttpQueryInfoA
HttpQueryInfoW
FindNextUrlCacheEntryA
GetUrlCacheConfigInfoA
InternetGetCookieW
CreateUrlCacheContainerW
InternetConnectA
HttpCheckDavCompliance
RegisterUrlCacheNotification
FindCloseUrlCache
InternetWriteFileExA
InternetWriteFileExW
InternetLockRequestFile
HttpSendRequestExW
InternetSecurityProtocolToStringA
FtpCommandW
InternetSetCookieW
InternetSetCookieA
DeleteIE3Cache
InternetSetOptionA
InternetOpenUrlW
CreateUrlCacheEntryA
DeleteUrlCacheEntryW
FtpOpenFileA
InternetAlgIdToStringA
InternetCanonicalizeUrlW
GopherFindFirstFileW
FtpSetCurrentDirectoryA
RetrieveUrlCacheEntryFileW
LoadUrlCacheContent
FtpRenameFileW
InternetConfirmZoneCrossingA
GetUrlCacheGroupAttributeW
SetUrlCacheConfigInfoA
SetUrlCacheEntryGroup
FtpRenameFileA
InternetGetCookieA
FtpPutFileA
InternetDialW
FtpGetFileW
HttpAddRequestHeadersW
InternetGetConnectedStateExW
GetUrlCacheEntryInfoExW
RetrieveUrlCacheEntryStreamW
GopherOpenFileW
SetUrlCacheConfigInfoW
ShowCertificate
SetUrlCacheEntryInfoA
InternetCreateUrlA
HttpSendRequestExA
InternetConfirmZoneCrossingW
InternetAutodial
CommitUrlCacheEntryW
InternetUnlockRequestFile
InternetTimeToSystemTimeA

user32

BroadcastSystemMessage
SetRectEmpty
GetKeyNameTextA
RegisterClipboardFormatW
EmptyClipboard
SetWindowsHookW
RegisterWindowMessageA
IsRectEmpty
EnumThreadWindows
UnhookWinEvent
GetMenuCheckMarkDimensions
DrawStateW
RemoveMenu
CharToOemBuffA
GetKBCodePage
DdeDisconnect
WinHelpW
GetSystemMenu
IsMenu
SendDlgItemMessageA
DrawStateA
GetInputDesktop
PostThreadMessageW
SetForegroundWindow
LoadMenuIndirectA
DeferWindowPos
DefDlgProcW
DdeSetQualityOfService
DdeConnectList
EnumDisplayDevicesA
DrawCaption
GetClassLongW
ShowWindow
DefFrameProcA
TabbedTextOutA
DdeClientTransaction
EnumDisplayMonitors
GetKeyboardLayout
SetWindowsHookA
EnumDisplaySettingsExA

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f395d51477f0f84299c8cafa435859d9

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

user32

Sections

.text Size: 114KB - Virtual size: 114KB

.data Size: 299KB - Virtual size: 300KB

.text
Size: 114KB - Virtual size: 114KB

.data
Size: 299KB - Virtual size: 300KB