4cbed9a218d49dff6f7458e004cacaa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4cbed9a218d49dff6f7458e004cacaa2_JaffaCakes118
Size

218KB
MD5

4cbed9a218d49dff6f7458e004cacaa2
SHA1

69a2ac82edfb9e56a7c618e116470e3fc34836f0
SHA256

b40cc46c393e1bebfc72c10d0330883a93a92cd1ac63525ca49c39a891957283
SHA512

c315c1f53652a3857efe3fe346fb5c3a3b47874c27f6230ca0f5fd3e29ad0f1200b382939a46ab2bb85644edc4628da6e7f645b256f85d60db4b0ecb74bb1c33
SSDEEP

6144:nOqQLuOhnsiyOPaavh2c8rekYyzxp2/kvEgtZ2RW:n6WrekYyzxptEs4RW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cbed9a218d49dff6f7458e004cacaa2_JaffaCakes118

Files

4cbed9a218d49dff6f7458e004cacaa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db9cac903d17b27aa8e95b9872a405e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetConsoleMode
GetEnvironmentStringsW
EnumTimeFormatsA
GetTempPathA
DebugBreak
SetCurrentDirectoryW
WritePrivateProfileSectionA
SetFilePointer
LocalUnlock
GetTempPathW
WriteFileEx
DisableThreadLibraryCalls
MoveFileW
OpenSemaphoreW
VirtualProtectEx
ReadConsoleOutputW
Heap32Next
ReadProcessMemory
EnumSystemCodePagesW
GetSystemTime
GlobalHandle
ExpandEnvironmentStringsW
ReadConsoleOutputAttribute
GlobalFree
WriteFileGather
SearchPathW
DeviceIoControl
LocalFileTimeToFileTime
ReleaseMutex
GetDiskFreeSpaceW
LocalShrink
GetFileAttributesExW
GetVolumeInformationW
SetSystemTime
GetPrivateProfileIntW
RemoveDirectoryA
SetComputerNameA
GetLogicalDriveStringsA
GetDateFormatW
GetSystemDefaultLangID
ReadConsoleInputA
lstrlenW
SetFileAttributesW
SetThreadExecutionState
GetThreadContext
GetConsoleOutputCP
WideCharToMultiByte
VirtualFreeEx
EnumCalendarInfoW
WritePrivateProfileStructW
SetConsoleActiveScreenBuffer
FindClose
SearchPathA
CreatePipe
GetCalendarInfoA
GetTimeFormatA
GlobalAddAtomW
GetFullPathNameA
SetConsoleCP
GetLargestConsoleWindowSize
lstrcmpiA
LocalSize
CreateMutexW
GetWindowsDirectoryA
CreateDirectoryExA
DefineDosDeviceW
Sleep
ReadConsoleA
GetStartupInfoW
CreateEventW
EnumResourceTypesW
GetPrivateProfileSectionW
LoadLibraryW
FindFirstFileW
GetEnvironmentVariableW
MoveFileA
HeapLock
FindFirstFileExA
CreateConsoleScreenBuffer
GetEnvironmentStrings
lstrcmpA
RemoveDirectoryW
ConvertDefaultLocale
GetStringTypeW
GetProcessPriorityBoost
FindCloseChangeNotification
CompareStringA
ReadConsoleOutputCharacterW
GetLocalTime
CreateNamedPipeA
Heap32ListFirst
SetLastError
CloseHandle
SetThreadLocale
CreateDirectoryA
ExitThread
AddAtomA
lstrcpynA
TlsGetValue
DeleteFileA
GlobalFindAtomW
ContinueDebugEvent
Thread32First
GetVersionExA
GetACP
GetConsoleTitleA
SetThreadPriorityBoost
GetNamedPipeHandleStateW
TlsFree
ReadConsoleW
ResetEvent
lstrcat
WriteConsoleW
ReadDirectoryChangesW
CopyFileA
WaitForDebugEvent
FreeLibrary
GetStartupInfoA
GetStringTypeA
FreeEnvironmentStringsW
VirtualProtect
CreateThread
FindNextFileW
GetThreadPriority
GetLongPathNameW
GetUserDefaultLangID
GlobalFlags
VirtualFree
FoldStringA
GetProcessHeaps
GetQueuedCompletionStatus
SetVolumeLabelW
WriteFile
CreateDirectoryExW
DeleteCriticalSection
WriteConsoleA
ExpandEnvironmentStringsA
SetConsoleCtrlHandler
HeapWalk
GlobalUnlock
EnumDateFormatsA
ReleaseSemaphore
FlushViewOfFile
TransactNamedPipe
GetModuleHandleW
GetSystemDirectoryW
GetSystemInfo
OutputDebugStringA
lstrcpyn
WritePrivateProfileStringW
WaitForMultipleObjectsEx
WritePrivateProfileSectionW
Heap32First
FindNextChangeNotification
HeapValidate
GetProfileStringA
GlobalAddAtomA
CreateFileA
WriteConsoleInputW
GetLocaleInfoA
GlobalCompact
SetEndOfFile
CreateFileMappingW
MultiByteToWideChar
OpenEventA
GetLastError
InterlockedExchangeAdd
ResetWriteWatch
TerminateThread
GetStringTypeExW
ReadConsoleInputW
SleepEx
ReadConsoleOutputCharacterA
OpenEventW
EraseTape
SetHandleCount
SetCurrentDirectoryA
GetLongPathNameA
LoadLibraryExW
WriteConsoleOutputAttribute
LocalReAlloc
GlobalSize
GetProfileSectionW
Toolhelp32ReadProcessMemory
EnumResourceLanguagesA
TlsAlloc
GetPrivateProfileStringW
FoldStringW
CreateRemoteThread
SystemTimeToTzSpecificLocalTime
IsValidLocale
MulDiv
HeapCreate
BeginUpdateResourceW
GetWindowsDirectoryW
SetThreadIdealProcessor
CreateMutexA
FileTimeToDosDateTime
WriteProcessMemory
EnumCalendarInfoA
GetTempFileNameW
GetNamedPipeInfo
UpdateResourceA
GetDiskFreeSpaceExA
WriteProfileSectionW
SetLocalTime
CreateFileMappingA
WriteConsoleOutputCharacterW
GetSystemDirectoryA
GetProcessAffinityMask
EnterCriticalSection
SetConsoleCursorPosition
GetDiskFreeSpaceExW
GetExitCodeThread

wininet

InternetWriteFileExA
FindFirstUrlCacheEntryA
GopherOpenFileW
FtpRenameFileA
SetUrlCacheEntryGroupA
CreateUrlCacheContainerA
HttpAddRequestHeadersA
InternetCanonicalizeUrlA
FtpDeleteFileW
FreeUrlCacheSpaceW
HttpOpenRequestW
CreateUrlCacheEntryA
InternetAttemptConnect
InternetSetOptionExW
SetUrlCacheEntryGroupW
GetUrlCacheGroupAttributeA
InternetQueryOptionW
FindNextUrlCacheGroup
FtpGetCurrentDirectoryW
InternetLockRequestFile
HttpAddRequestHeadersW
InternetConnectW
InternetCheckConnectionA
ResumeSuspendedDownload
SetUrlCacheGroupAttributeW
InternetGetCookieA
FtpCommandA
GopherGetLocatorTypeA
InternetGoOnlineW
DeleteUrlCacheContainerW
RetrieveUrlCacheEntryFileA
FtpRemoveDirectoryA
ShowSecurityInfo
SetUrlCacheEntryGroup
UpdateUrlCacheContentPath
InternetGoOnlineA
FreeUrlCacheSpaceA
InternetGetCookieW
DeleteIE3Cache
FindNextUrlCacheEntryA
InternetGetConnectedStateExW
InternetQueryDataAvailable
InternetCrackUrlW
InternetCheckConnectionW
InternetCombineUrlA
FindFirstUrlCacheContainerW
InternetSetDialState
CommitUrlCacheEntryW
InternetGetLastResponseInfoW
FindNextUrlCacheContainerW
InternetWriteFileExW
FtpGetFileA
InternetErrorDlg
InternetSetOptionA
RetrieveUrlCacheEntryStreamA
InternetSetDialStateA
InternetFortezzaCommand
InternetAutodial
InternetGetCertByURLA
SetUrlCacheConfigInfoW
HttpEndRequestA
InternetSetFilePointer
InternetReadFile
ShowX509EncodedCertificate
InternetTimeToSystemTimeW
FtpCommandW
FindFirstUrlCacheGroup
GetUrlCacheHeaderData
InternetShowSecurityInfoByURLA
DeleteUrlCacheContainerA
HttpCheckDavCompliance
InternetSecurityProtocolToStringW
HttpSendRequestA
HttpQueryInfoA
InternetAlgIdToStringA
IsUrlCacheEntryExpiredW
InternetCreateUrlW
InternetConfirmZoneCrossingA
InternetSetOptionExA
GetUrlCacheEntryInfoExA
HttpQueryInfoW
InternetConfirmZoneCrossing
FtpFindFirstFileW
FindFirstUrlCacheEntryExA
InternetInitializeAutoProxyDll
InternetGetConnectedStateEx
HttpSendRequestExW
CreateUrlCacheGroup
DeleteUrlCacheEntryW
FtpGetFileEx
FtpRemoveDirectoryW
GopherOpenFileA
GopherFindFirstFileA
FtpDeleteFileA
CreateUrlCacheContainerW
HttpOpenRequestA
FtpSetCurrentDirectoryA
InternetGetConnectedState
InternetSecurityProtocolToStringA
InternetShowSecurityInfoByURL
FindNextUrlCacheContainerA
FtpPutFileA
CommitUrlCacheEntryA
FtpGetFileW
GopherCreateLocatorW
FtpPutFileW
InternetSetCookieW
FtpFindFirstFileA
FindNextUrlCacheEntryW
UnlockUrlCacheEntryFile
InternetQueryOptionA
DeleteUrlCacheGroup
InternetHangUp
InternetOpenUrlA
InternetGetLastResponseInfoA
FtpPutFileEx
InternetQueryFortezzaStatus
FtpOpenFileA
FtpCreateDirectoryA
GopherFindFirstFileW
FtpSetCurrentDirectoryW
DeleteUrlCacheEntryA
RetrieveUrlCacheEntryStreamW
FindCloseUrlCache
ShowClientAuthCerts
InternetOpenUrlW
SetUrlCacheGroupAttributeA
InternetAlgIdToStringW
GetUrlCacheEntryInfoA
RunOnceUrlCache
GopherCreateLocatorA
InternetCreateUrlA
InternetDialW
GopherGetAttributeA
ReadUrlCacheEntryStream
InternetSetDialStateW
FtpCreateDirectoryW
GetUrlCacheGroupAttributeW
FindFirstUrlCacheContainerA
InternetConnectA
IsHostInProxyBypassList
InternetReadFileExW
InternetTimeToSystemTime
FindFirstUrlCacheEntryExW
LoadUrlCacheContent
GetUrlCacheConfigInfoA
SetUrlCacheEntryInfoW
InternetShowSecurityInfoByURLW
FtpOpenFileW
IsUrlCacheEntryExpiredA
RegisterUrlCacheNotification
InternetWriteFile

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db9cac903d17b27aa8e95b9872a405e5

Headers

File Characteristics

Imports

kernel32

wininet

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 93KB - Virtual size: 92KB

.reloc Size: 15KB - Virtual size: 15KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 93KB - Virtual size: 92KB

.reloc
Size: 15KB - Virtual size: 15KB