4a2709f0252ce2855221ef7b2af6f364_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a2709f0252ce2855221ef7b2af6f364_JaffaCakes118
Size

524KB
MD5

4a2709f0252ce2855221ef7b2af6f364
SHA1

0c87f473aa35ba368825c041580dfdff02bf07c3
SHA256

b7f50b880fccafc025dcd1d8be58cb4281e69046abd1dd5c57b8733ed5c8b68b
SHA512

6af8c846754bdd8e090c4462a354b3b4769e577499615f89784cfa7f3772b4c544735808b082b8416b3354afe9d1bea0a52ec26e0fd9aef660d5d5bbbc5eb439
SSDEEP

6144:Ojc2TwbFEIdnzX3prL+MU7wYahBP0kB05WEcZ1bfo+eVLxGxfWX3r+uajcTtl:WwtnRL+X7wR/87iZ1j0GxOX7+3jcT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a2709f0252ce2855221ef7b2af6f364_JaffaCakes118

Files

4a2709f0252ce2855221ef7b2af6f364_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15ccbdccc05ae5da038e7aefc0a17fb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
LoadLibraryA
CompareFileTime
SetFileAttributesA
GetACP
GetLocaleInfoW
GetCommandLineA
TlsGetValue
GetStartupInfoW
GetEnvironmentStringsW
WaitForSingleObjectEx
VirtualAllocEx
OpenMutexA
VirtualProtect
GetModuleHandleA
TlsAlloc
EnumSystemLocalesA
SetWaitableTimer
GetProcessHeap
GetTimeZoneInformation
LocalReAlloc
SetLocalTime
HeapCreate
HeapFree
LCMapStringW
ReadFile
FreeResource
VirtualAlloc
GetCurrentThreadId
UnhandledExceptionFilter
LoadLibraryW
WriteFile
GetProcAddress
EnumCalendarInfoW
SetVolumeLabelW
GetCurrencyFormatW
ReadConsoleOutputA
EnterCriticalSection
SetConsoleCtrlHandler
HeapReAlloc
GetVersionExA
lstrlenA
SetStdHandle
GetStdHandle
GetStringTypeA
SetCurrentDirectoryW
IsDebuggerPresent
GetEnvironmentStrings
GetConsoleMode
LeaveCriticalSection
GetLastError
GetStringTypeW
SetPriorityClass
FindAtomA
DeleteFileA
FreeEnvironmentStringsA
OpenProcess
CloseHandle
GetStartupInfoA
GetCommandLineW
SetConsoleTitleA
SetUnhandledExceptionFilter
GetDriveTypeW
VirtualQuery
CreateDirectoryExW
GetFileType
InterlockedCompareExchange
LCMapStringA
CreateFileA
CompareStringW
GlobalLock
GetCurrentProcessId
lstrcpyA
InterlockedIncrement
WideCharToMultiByte
RtlZeroMemory
InterlockedDecrement
AddAtomA
GetOEMCP
FindNextFileW
SetEnvironmentVariableA
InitializeCriticalSection
GetLocaleInfoA
VirtualLock
LoadResource
CopyFileExA
HeapAlloc
GetFileTime
SetFileAttributesW
GetModuleFileNameA
FreeEnvironmentStringsW
InterlockedExchange
TerminateProcess
WriteConsoleW
GetSystemInfo
VirtualFree
MultiByteToWideChar
AddAtomW
GetConsoleOutputCP
HeapDestroy
ExitProcess
IsValidCodePage
lstrcmpA
GetCurrentProcess
CompareStringA
GetEnvironmentVariableW
GetSystemTimeAsFileTime
RtlUnwind
SetComputerNameW
CreateWaitableTimerA
QueryPerformanceCounter
GetPrivateProfileIntA
WriteProfileStringW
GetProcessShutdownParameters
FlushFileBuffers
GetConsoleCP
CreateProcessW
FreeLibrary
HeapSize
IsValidLocale
TlsFree
ConnectNamedPipe
WriteConsoleA
InitializeCriticalSectionAndSpinCount
SetLastError
SetHandleCount
GetModuleFileNameW
GetDateFormatA
EnumDateFormatsExA
GetCurrentThread
TlsSetValue
DeleteCriticalSection
GlobalAddAtomA
GetTickCount
ConvertDefaultLocale
Sleep
GetTimeFormatA
GetNumberFormatW
SetThreadLocale
GetCPInfo
GetUserDefaultLCID
CreateMutexA

shell32

SHInvokePrinterCommandW
SHLoadInProc
ExtractIconA
RealShellExecuteW
SHUpdateRecycleBinIcon

gdi32

SetDIBColorTable
CreateSolidBrush
GetDeviceCaps
GetPolyFillMode
SetBkColor
CreateDCW
BitBlt
GetTextMetricsW
GetTextMetricsA
GetLogColorSpaceA
GetViewportExtEx
SetArcDirection
SetTextCharacterExtra
UpdateICMRegKeyW
SetWorldTransform
DeleteDC
ExtTextOutA
CreateFontIndirectA
PolyBezierTo
GetWorldTransform
CreateCompatibleDC
GetTextCharset
GetTextExtentExPointW
GetBoundsRect
GetObjectA
DeleteObject
GetViewportOrgEx
CreateICW

user32

DefFrameProcA
LookupIconIdFromDirectoryEx
SetDlgItemTextW
ModifyMenuW
ScrollWindow
SetSysColors
DdeReconnect
MessageBoxW
GetPropW
DefFrameProcW
DdeAccessData
GetTopWindow
wvsprintfW
PostThreadMessageA
VkKeyScanA
DdeQueryConvInfo
RegisterClassA
GetAncestor
ShowWindow
DdeNameService
GetAsyncKeyState
WinHelpW
GetQueueStatus
OpenDesktopA
DrawIconEx
AttachThreadInput
RegisterClassExA
ChildWindowFromPointEx
LoadImageA
GetMessagePos
DlgDirListA
ImpersonateDdeClientWindow
DefWindowProcA
SwapMouseButton
SetWindowWord
DrawCaption
LoadCursorFromFileA
GetWindow
GetCaretPos
GetWindowModuleFileNameA
GetWindowRgn
CharToOemBuffA
SetMessageQueue
DdePostAdvise
SetDebugErrorLevel
SetUserObjectSecurity
CreateWindowExW
EnumWindowStationsA
GetMenuItemInfoA
GetMenuCheckMarkDimensions
LoadIconW
GetWindowLongA
DialogBoxParamW
WinHelpA
DrawFocusRect
PostMessageA
EnumPropsW
SetProcessWindowStation
HideCaret
CloseWindow
GetUpdateRect
CharToOemBuffW
MonitorFromWindow
CharUpperA
WaitForInputIdle
IntersectRect
SetDlgItemInt
DrawTextExW
DrawTextA
SetWindowTextA
GetShellWindow
SetClassLongW
DdeSetQualityOfService
DestroyWindow
DdeConnect
SwitchDesktop

wininet

FtpGetCurrentDirectoryA
InternetHangUp
InternetCanonicalizeUrlA
UpdateUrlCacheContentPath
InternetSetDialStateW
FtpDeleteFileA

comdlg32

LoadAlterBitmap
GetSaveFileNameA
PageSetupDlgW
FindTextW

comctl32

ImageList_Replace
ImageList_GetImageInfo
ImageList_SetImageCount
CreatePropertySheetPage
ImageList_GetImageRect
ImageList_Add
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_Create
ImageList_DragLeave
DrawStatusTextW
InitCommonControlsEx
ImageList_DrawEx
ImageList_SetFilter
DrawStatusText
CreateStatusWindowA
InitMUILanguage
ImageList_GetDragImage
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_Merge

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

15ccbdccc05ae5da038e7aefc0a17fb6

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

wininet

comdlg32

comctl32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 260KB - Virtual size: 259KB

.data Size: 108KB - Virtual size: 111KB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 260KB - Virtual size: 259KB

.data
Size: 108KB - Virtual size: 111KB

.rsrc
Size: 40KB - Virtual size: 39KB