4a82e1db245109cc3848e30b412cd08a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4a82e1db245109cc3848e30b412cd08a_JaffaCakes118
Size

752KB
MD5

4a82e1db245109cc3848e30b412cd08a
SHA1

195fb001ca554fe8918562ea36d4861a8c8c576e
SHA256

d228a8f77a060c1aeb03d7a6b561429e0fede38fc21878540b94e84beb515829
SHA512

251c805093a34bda83d4a18a1c8bbcc6f5ecb2a1b4b0bfb003e206f8653b157ea00d3245968a9c6e5bffbfc329c3f3554ab04e908bb3b979a2a3da6a98ead668
SSDEEP

12288:mQq4a910qUbKzJIlUkmcv7WdG/x5jUaCKpox8Ob6550WInHcIcNt0/:mpXMqUbKzJIeka8jU1KbA6550WInLcNC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a82e1db245109cc3848e30b412cd08a_JaffaCakes118

Files

4a82e1db245109cc3848e30b412cd08a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

573b6664ad7a492a0ff32b3ffbb0cef1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\aeay\xoh\otn\brliphekj.pdb

Imports

kernel32

GetCurrentThread
GetStdHandle
RtlUnwind
ReadConsoleInputW
GetLocaleInfoA
GetCurrentProcessId
SetEnvironmentVariableA
GetModuleHandleA
WritePrivateProfileSectionW
lstrcmpi
UnhandledExceptionFilter
HeapReAlloc
WriteFile
GetConsoleCP
CreateEventW
TlsGetValue
GetFileAttributesA
GetProcAddress
GetProfileSectionA
SetFilePointer
GetComputerNameW
HeapLock
GetProfileIntW
GlobalCompact
GetTempPathA
GetEnvironmentStringsW
CreateMutexA
FlushViewOfFile
InitializeCriticalSection
SetConsoleCtrlHandler
GetConsoleOutputCP
LeaveCriticalSection
TlsAlloc
HeapDestroy
GetFileAttributesW
HeapFree
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
CompareStringW
GetShortPathNameA
ReadConsoleA
InterlockedIncrement
GetNamedPipeInfo
HeapSize
OpenMutexW
GetStringTypeA
VirtualQuery
VirtualAlloc
GetExitCodeThread
EnumCalendarInfoA
GetSystemTimeAsFileTime
GetCurrentProcess
GetStartupInfoA
GetDateFormatA
GetTimeZoneInformation
TlsFree
EnumSystemLocalesA
TerminateProcess
WriteConsoleW
GetCurrencyFormatA
GetTimeFormatA
GlobalAddAtomA
FlushFileBuffers
LoadLibraryA
GetProcessHeap
WriteConsoleA
LCMapStringA
RtlFillMemory
GetLocaleInfoW
GetOEMCP
FreeEnvironmentStringsW
GetDiskFreeSpaceExW
GetCPInfo
GlobalSize
ReadFile
EnterCriticalSection
DeleteCriticalSection
GetCalendarInfoA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetProcessShutdownParameters
FreeResource
CreateFileA
SetHandleCount
GetStringTypeW
GetLongPathNameA
CreateDirectoryExW
TlsSetValue
GetCommandLineA
CreateNamedPipeA
FindAtomW
CompareStringA
WriteProfileStringW
GetLastError
GetVolumeInformationW
WaitNamedPipeW
CreateMutexW
CreateDirectoryA
GetDiskFreeSpaceExA
GetPrivateProfileSectionNamesW
HeapAlloc
SetLastError
GetVersionExA
GetAtomNameA
IsValidCodePage
InterlockedDecrement
WriteConsoleOutputCharacterW
WriteFileEx
LCMapStringW
SetStdHandle
CommConfigDialogW
TransactNamedPipe
GetSystemDefaultLangID
SetUnhandledExceptionFilter
EnumSystemLocalesW
GetUserDefaultLCID
ExitProcess
HeapCreate
GetTickCount
GetPrivateProfileIntW
GetCurrentThreadId
WritePrivateProfileStringW
SetComputerNameW
SetConsoleScreenBufferSize
GetACP
FreeLibrary
VirtualFree
CreateWaitableTimerW
OpenSemaphoreW
IsValidLocale
OpenMutexA
CloseHandle
GetConsoleMode
GetFileType
WriteConsoleOutputA
lstrcmp
QueryPerformanceCounter
Sleep
InterlockedExchange
IsDebuggerPresent

user32

GetUpdateRect
CopyImage
DrawMenuBar
EditWndProc
RegisterClassW
DrawIconEx
LoadAcceleratorsW
DialogBoxParamW
GetClassInfoExW
SetTimer
UnregisterHotKey
DefWindowProcA
EnumDisplayMonitors
EnumWindowStationsW
ShowWindowAsync
RegisterClassA
EnumPropsA
GetMessageTime
GetWindowRect
DdeNameService
VkKeyScanExA
MessageBoxW
CheckRadioButton
CharNextW
GetSubMenu
GetTabbedTextExtentA
RegisterClassExA
CreateIconIndirect
CreateAcceleratorTableW
SetMenuContextHelpId
PostMessageW
SetKeyboardState
ChangeDisplaySettingsA
SubtractRect
CreateWindowExW
GetKeyState
VkKeyScanW
LoadImageW
ShowWindow
CreateDialogParamW
BroadcastSystemMessageA
ClipCursor
DdePostAdvise
DialogBoxIndirectParamA
CheckDlgButton
DdeCmpStringHandles
LoadMenuIndirectA
GetForegroundWindow
UnionRect
GetThreadDesktop
DrawCaption
ReuseDDElParam
GetWindowTextW
EndMenu
GetMessageW
RealGetWindowClass
MoveWindow
TrackPopupMenu
ValidateRgn
SetClassWord
TranslateMDISysAccel
IsDialogMessageW
SetUserObjectInformationA
ShowCursor
ScreenToClient
BeginPaint
GetParent
RegisterWindowMessageW
CallWindowProcW
EmptyClipboard
IsChild
OpenIcon
ChangeMenuA
MessageBoxExW
SwitchToThisWindow
FindWindowA
MonitorFromPoint
DispatchMessageA
GetWindowTextLengthA
GetMessagePos
wvsprintfW
GetScrollBarInfo
PostThreadMessageA
SetMenuDefaultItem
DrawEdge
EnumChildWindows
CheckMenuItem
GetGuiResources
MonitorFromRect
MessageBoxIndirectA
MapVirtualKeyW
SetMenuItemInfoA
SystemParametersInfoA
BroadcastSystemMessage
FlashWindowEx
DestroyWindow
EnumDisplayDevicesA
ExcludeUpdateRgn
wsprintfW
EnumPropsExA
SetSystemCursor
DlgDirSelectExA
GetCaretBlinkTime
TranslateAcceleratorA

comctl32

ImageList_GetImageInfo
ImageList_Create
ImageList_SetOverlayImage
_TrackMouseEvent
ImageList_GetIconSize
ImageList_LoadImage
ImageList_SetIconSize
CreateStatusWindow
ImageList_GetIcon
ImageList_SetFlags
ImageList_LoadImageA
InitCommonControlsEx
DrawStatusTextA
ImageList_DragEnter
CreatePropertySheetPageA
ImageList_DragMove
ImageList_DrawIndirect
ImageList_Draw
ImageList_Write
CreateMappedBitmap
ImageList_Replace
ImageList_Add
DestroyPropertySheetPage
CreateToolbarEx
CreateStatusWindowW
ImageList_AddIcon

wininet

InternetCloseHandle
FtpCreateDirectoryA
RetrieveUrlCacheEntryFileW

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

573b6664ad7a492a0ff32b3ffbb0cef1

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

wininet

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 456KB - Virtual size: 454KB

.data Size: 140KB - Virtual size: 143KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 456KB - Virtual size: 454KB

.data
Size: 140KB - Virtual size: 143KB

.rsrc
Size: 60KB - Virtual size: 56KB