59b84b92fc7059966806939e8ce3a7d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

59b84b92fc7059966806939e8ce3a7d0_JaffaCakes118
Size

1.9MB
MD5

59b84b92fc7059966806939e8ce3a7d0
SHA1

23ff1264a4e03819c0043227739250de25d01870
SHA256

1952a8fc2b05ab4bb8a4692525343aa89ef4fe719b924319b60d7fcf31c2c1e4
SHA512

37b44df832cb1e03014e8fbe281f778e384509cb1850db0298188f24c3aea7636f5f04ecf741aa55e8d55b9acee7290430f7a2fd78d1e9fb35cdf7abb863ad76
SSDEEP

49152:zvpiTbfkbVCs/2cex8CfdVY36EfrTzcZse9SG40mJpRcn9Ps5gp:zvpWfjDYKEgZCRAs5gp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59b84b92fc7059966806939e8ce3a7d0_JaffaCakes118

Files

59b84b92fc7059966806939e8ce3a7d0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

da01a2c0b27f76b87aef64c271f6afed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\hudson\jobs\ToolbarCore-1.8.0.0\workspace\build\ToolbarCore\toolbar\ie\src\toolbar\wrapper\Release\externalwrapper.pdb

Imports

shlwapi

StrStrIW
PathFileExistsW
SHDeleteValueW
StrCmpNIW

kernel32

LoadResource
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
WriteFile
WideCharToMultiByte
LoadLibraryW
SizeofResource
GetVersionExW
GetExitCodeProcess
CreateFileW
MultiByteToWideChar
lstrlenW
GetTempPathW
FreeLibrary
GetLastError
GetProcAddress
FindClose
GetLocalTime
GetSystemInfo
CloseHandle
FileTimeToLocalFileTime
DeleteFileW
CreateFileA
SetFilePointer
ReadFile
WriteConsoleW
FindResourceW
lstrlenA
GetTempFileNameW
FileTimeToDosDateTime
SetEndOfFile
GetProcessHeap
FindFirstFileA
SetUnhandledExceptionFilter
GetConsoleOutputCP
WriteConsoleA
HeapSize
FlushFileBuffers
SetStdHandle
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetStartupInfoW
RaiseException
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringA

user32

GetSystemMetrics
MessageBoxW

advapi32

RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

shell32

ShellExecuteExW

ole32

CoCreateGuid
StringFromGUID2

wininet

InternetCrackUrlW
HttpQueryInfoW
InternetOpenW
InternetReadFile
HttpOpenRequestW
HttpAddRequestHeadersA
HttpSendRequestA
HttpEndRequestW
InternetConnectW
InternetSetOptionW
InternetCloseHandle
HttpSendRequestExW

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da01a2c0b27f76b87aef64c271f6afed

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

user32

advapi32

shell32

ole32

wininet

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 14KB - Virtual size: 13KB