4a57966f2021f3a52786793cfdba6ed2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a57966f2021f3a52786793cfdba6ed2_JaffaCakes118
Size

508KB
MD5

4a57966f2021f3a52786793cfdba6ed2
SHA1

dce42c39730b1c8b806fd5a86d32f4794a332703
SHA256

7fbdb4c426b81b2988d890dca35954359058ba6dfe0aa1e3cbbf0cb2a3c9afa4
SHA512

beec0ecb901df330e39f088f669be79458787d6038b087a1ce3495056d69f1b1d3d614f11829edb33ae443e426dcddc9c18abebfdbde8147f38cee903224edc2
SSDEEP

12288:MJupFefF1nQk2i3myEjAvBvNxbOiBfpVLXNMS:Woof/N2DyEwjOibtSS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a57966f2021f3a52786793cfdba6ed2_JaffaCakes118

Files

4a57966f2021f3a52786793cfdba6ed2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c976a0e85620f989b449cceddad0f60b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHLoadInProc
DragQueryFileA

kernel32

FindFirstFileExA
CompareStringA
SetEvent
GetLocaleInfoA
EnterCriticalSection
InterlockedExchange
GetUserDefaultLangID
GetProcessHeap
InterlockedDecrement
LeaveCriticalSection
FindFirstFileExW
FlushFileBuffers
ReadConsoleInputA
FindResourceA
GetStringTypeExA
GetModuleHandleW
SystemTimeToTzSpecificLocalTime
DeleteCriticalSection
CreateMutexA
DebugBreak
RtlFillMemory
GetStdHandle
CreateDirectoryW
ExpandEnvironmentStringsA
LoadLibraryA
SetStdHandle
GetCurrentProcess
TlsFree
HeapSize
GetTimeFormatA
SetLastError
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
GetDateFormatA
SetHandleCount
SetConsoleCtrlHandler
LoadLibraryW
GetCurrentThread
SetCriticalSectionSpinCount
lstrlenW
UnhandledExceptionFilter
EnumResourceTypesA
HeapValidate
RtlUnwind
CompareStringW
GetLastError
QueryPerformanceCounter
HeapCreate
MoveFileExA
GetCommandLineA
VirtualFree
OpenWaitableTimerW
SetConsoleScreenBufferSize
HeapFree
WriteFile
CreateFileMappingW
GetDateFormatW
GetUserDefaultLCID
HeapDestroy
CreateFileA
HeapAlloc
HeapReAlloc
SetCurrentDirectoryW
GetACP
lstrlenA
GetProcAddress
WaitForMultipleObjectsEx
GetFileAttributesA
GetConsoleMode
FreeEnvironmentStringsA
CommConfigDialogA
CreateDirectoryA
GetSystemTime
FreeEnvironmentStringsW
GetSystemDirectoryA
IsValidCodePage
FillConsoleOutputAttribute
GetModuleFileNameW
SetUnhandledExceptionFilter
SetVolumeLabelA
GetSystemTimeAsFileTime
GlobalFindAtomW
GetLocaleInfoW
GetFileTime
GetTickCount
GetCurrentThreadId
GetCPInfo
WriteConsoleW
VirtualAlloc
Sleep
GetTimeZoneInformation
EnumCalendarInfoExA
LCMapStringW
InterlockedCompareExchange
FileTimeToLocalFileTime
SetEnvironmentVariableA
OpenMutexA
GetEnvironmentStringsW
WideCharToMultiByte
GetFileType
SetFilePointer
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
TerminateProcess
TlsSetValue
GetModuleFileNameA
GetCurrentProcessId
EnumSystemLocalesA
GetStringTypeW
FreeLibrary
RaiseException
TlsGetValue
CloseHandle
GetConsoleOutputCP
GetCommandLineW
IsValidLocale
OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
WaitForDebugEvent
LCMapStringA
GetSystemDefaultLCID
SuspendThread
WriteConsoleA
GetStartupInfoA
IsBadReadPtr
ExitProcess
RtlMoveMemory
SetThreadPriority
CreateWaitableTimerW
GetOEMCP
GetModuleHandleA
GetTempFileNameA
GetEnvironmentStrings
ReadFile
GetConsoleCP
WriteConsoleInputW
ReadConsoleInputW

advapi32

RegQueryInfoKeyA
CryptSignHashW
AbortSystemShutdownW
RegSetValueA
LookupAccountSidA
CryptSetProvParam
CryptContextAddRef
LookupSecurityDescriptorPartsW
CryptAcquireContextA
CryptGetHashParam
RegRestoreKeyW

wininet

HttpAddRequestHeadersA
InternetCheckConnectionA
SetUrlCacheGroupAttributeA
FindFirstUrlCacheEntryA
InternetOpenA
InternetOpenW
InternetQueryOptionA
InternetConfirmZoneCrossingA

user32

BeginDeferWindowPos
RemovePropA
OpenWindowStationW
GetSysColor
CreateDesktopA
RegisterClassA
PeekMessageW
DrawIcon
UnregisterHotKey
CallWindowProcA
IsWindowEnabled
ScreenToClient
ShowWindow
FindWindowA
GetTabbedTextExtentW
DlgDirListW
DdeQueryStringW
CreateWindowExA
DefWindowProcA
GetClassLongA
TileWindows
DdeAddData
GetCursor
SetProcessDefaultLayout
SendIMEMessageExW
DrawMenuBar
SendInput
LoadStringW
SetScrollPos
DdeClientTransaction
EnumDisplaySettingsExA
RegisterClassExA
CloseWindowStation
DrawAnimatedRects
GetMenuItemRect
GetOpenClipboardWindow
RegisterHotKey
ImpersonateDdeClientWindow
GetMenuInfo
SetClipboardViewer
SubtractRect
EnumWindowStationsA
FreeDDElParam
GetKeyboardLayout
AnyPopup
CreateDialogParamW
DefDlgProcA
CopyIcon
GetShellWindow
DestroyWindow
IsCharAlphaW
IsWindowVisible
ScrollWindowEx
SystemParametersInfoA
DdeCreateDataHandle
SendNotifyMessageW
GetInputState
IsZoomed
SetUserObjectInformationW
WINNLSEnableIME
MessageBoxW
MapVirtualKeyW
SetWindowLongW
DlgDirListComboBoxW
SetMenuContextHelpId
EndMenu
DialogBoxIndirectParamA
EnumDesktopsA
GetMenuItemID

comctl32

ImageList_GetFlags
ImageList_AddIcon
ImageList_Draw
InitCommonControlsEx
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Copy
ImageList_Duplicate
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_DragShowNolock

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c976a0e85620f989b449cceddad0f60b

Headers

File Characteristics

Imports

shell32

kernel32

advapi32

wininet

user32

comctl32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 92KB - Virtual size: 110KB

.rsrc Size: 76KB - Virtual size: 74KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 92KB - Virtual size: 110KB

.rsrc
Size: 76KB - Virtual size: 74KB