4d9d7110ad12f6077d8814616e5104dc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d9d7110ad12f6077d8814616e5104dc_JaffaCakes118
Size

584KB
MD5

4d9d7110ad12f6077d8814616e5104dc
SHA1

7d2cdcaa7354ea027390b4abb894f7f4580d5e1d
SHA256

b46123ce5282830fbbed3b8294bd6c9f6614073c4c3b63a6ca24638354713374
SHA512

7003bcbae00317788b4389705e1a2437f6bec67b39529b068acb7dbd34b9d9715d9c1fcbcfa7d9267a53d3a007abdc73500939e9257bd2e480a037e16bf0b05c
SSDEEP

12288:UZCx4yDHILRMyULfpSzaY3sNa0Dibo7gBf1tMbSHLA+z1vA/XE:UZC6C9xo+xqo7QrCMpI/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d9d7110ad12f6077d8814616e5104dc_JaffaCakes118

Files

4d9d7110ad12f6077d8814616e5104dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

241e38ba7fe87c18519d14c43b8ce637

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UrlZonesDetach
InternetInitializeAutoProxyDll
InternetReadFile
FtpGetFileW
InternetGoOnlineA
InternetCheckConnectionA
HttpAddRequestHeadersA
UnlockUrlCacheEntryStream
RetrieveUrlCacheEntryStreamA

advapi32

RegCreateKeyW

comctl32

ImageList_Write
ImageList_LoadImage
ImageList_SetFilter
ImageList_Duplicate
ImageList_GetBkColor
CreateMappedBitmap
_TrackMouseEvent
ImageList_GetImageCount
ImageList_Destroy
ImageList_DragMove
DestroyPropertySheetPage
ImageList_GetIconSize
ImageList_GetIcon
ImageList_Replace
InitCommonControlsEx
ImageList_LoadImageA
ImageList_DragShowNolock

user32

ExitWindowsEx
DispatchMessageA
CreateWindowExA
CharLowerBuffW
DestroyWindow
RegisterClassA
SetRect
RegisterClassExA
ShowWindow
GetMenuItemInfoW
DdePostAdvise
LoadKeyboardLayoutW
DestroyMenu
MessageBoxA
SetMessageQueue
RegisterClipboardFormatW
CharNextExA
wsprintfA
DefWindowProcA
GetMenuItemRect
DefWindowProcW
GrayStringW

kernel32

EnumSystemLocalesA
GetCommandLineA
GetStdHandle
Sleep
InterlockedIncrement
FreeLibrary
GetModuleHandleW
IsValidCodePage
InitializeCriticalSectionAndSpinCount
SetLastError
VirtualFree
FindFirstFileExA
GetConsoleCP
HeapDestroy
VirtualAlloc
FreeEnvironmentStringsW
OpenMutexA
HeapAlloc
TlsAlloc
SetStdHandle
HeapFree
WriteFile
GetDateFormatA
GetStartupInfoA
CreateMutexA
GetOEMCP
CloseHandle
GetTickCount
GetCurrentProcessId
SetEnvironmentVariableW
GetUserDefaultLCID
SetHandleCount
GetTimeFormatA
GetTimeZoneInformation
InterlockedDecrement
GetPrivateProfileStringA
WriteConsoleA
HeapReAlloc
GetModuleHandleA
LCMapStringW
CreateFileA
VirtualQuery
SetEnvironmentVariableA
GetProcAddress
FillConsoleOutputAttribute
GetStartupInfoW
GetLocaleInfoA
TlsSetValue
CompareStringW
GetEnvironmentStringsW
CompareStringA
GetTimeFormatW
LCMapStringA
GlobalGetAtomNameA
WriteConsoleW
InterlockedExchange
UnhandledExceptionFilter
GetCurrentThread
QueryPerformanceCounter
IsValidLocale
TerminateProcess
GetLastError
IsDebuggerPresent
DeleteCriticalSection
WriteConsoleInputA
FindNextChangeNotification
GetSystemTimeAsFileTime
GetStringTypeA
LeaveCriticalSection
GetCurrentProcess
EnterCriticalSection
GetThreadTimes
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte
GetConsoleMode
GlobalFindAtomW
GetCommandLineW
SetFilePointer
TlsGetValue
MoveFileA
GetPrivateProfileStructW
GetFileType
ExitProcess
GetACP
SetConsoleCtrlHandler
FindAtomW
LoadLibraryA
WriteConsoleInputW
GetConsoleOutputCP
GetStringTypeW
ReadFile
GlobalCompact
RtlUnwind
SetUnhandledExceptionFilter
FlushFileBuffers
TlsFree
HeapCreate
SetWaitableTimer
GetModuleFileNameA
LocalFileTimeToFileTime
HeapSize
GetLocaleInfoW
GetModuleFileNameW
GetCPInfo

gdi32

CreateEnhMetaFileW
ModifyWorldTransform
CopyMetaFileA
GetCharABCWidthsA
GetTextExtentPoint32W
SetSystemPaletteUse
CancelDC
ExtTextOutA

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

241e38ba7fe87c18519d14c43b8ce637

Headers

File Characteristics

Imports

wininet

advapi32

comctl32

user32

kernel32

gdi32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 260KB - Virtual size: 258KB

.data Size: 112KB - Virtual size: 114KB

.rsrc Size: 32KB - Virtual size: 29KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 260KB - Virtual size: 258KB

.data
Size: 112KB - Virtual size: 114KB

.rsrc
Size: 32KB - Virtual size: 29KB