5ff319faa0eacfa3b7b28169d869efe4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ff319faa0eacfa3b7b28169d869efe4_JaffaCakes118
Size

608KB
MD5

5ff319faa0eacfa3b7b28169d869efe4
SHA1

172bb22c249736dea42821cc78e92bac2828269c
SHA256

106d5e2bc9737712d2ebccfd4750f756c0d5db80a3f150a1342e07288f49a2c7
SHA512

05aee8469e22dbb8d4b62d6e40d661d853520f875c0f9dc2df94ed44875c201cf621ca10783a224b0fd1ebf2be6e3590c3c241adcf77a693d36756b0475588b7
SSDEEP

12288:oVnE6CRtsCxKqR0hvzUk7BG5phYISYJTcqioX+wT:KnNYxL0poMBqpoYJTZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ff319faa0eacfa3b7b28169d869efe4_JaffaCakes118

Files

5ff319faa0eacfa3b7b28169d869efe4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e082c9c6cb34c7b97a9354fefd17b60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

g:\otidgute\rexibqu

Imports

wininet

InternetQueryOptionW
FtpDeleteFileA
GopherFindFirstFileA
UrlZonesDetach

advapi32

CryptContextAddRef
LogonUserA
CryptSignHashA
StartServiceA
RegDeleteValueW
RegCreateKeyExW
LookupPrivilegeValueW
RegCreateKeyExA
RegDeleteKeyW
CryptSetProviderExA
CryptSetKeyParam
RegEnumKeyA
RegReplaceKeyA
LookupPrivilegeDisplayNameA
RegConnectRegistryA
CryptSetProvParam
CryptGetProvParam
CreateServiceA

comctl32

InitCommonControlsEx
ImageList_GetDragImage

user32

DispatchMessageA
EnumDisplaySettingsExA
RegisterClassExA
InSendMessage
CreateWindowExW
ShowWindow
CallMsgFilterW
CascadeChildWindows
GetWindowModuleFileNameA
ArrangeIconicWindows
GetDC
MessageBoxA
WINNLSGetEnableStatus
OpenDesktopW
SwapMouseButton
CharPrevA
PostThreadMessageW
DdeQueryStringA
SystemParametersInfoA
SetScrollPos
TranslateAcceleratorA
wvsprintfW
SetMenuItemInfoW
GetUserObjectInformationA
DefWindowProcW
LoadMenuW
SendNotifyMessageA
SetWindowsHookExW
GetInputState
ChangeDisplaySettingsA
DestroyWindow
LoadKeyboardLayoutW
DestroyCursor
WinHelpW
GetActiveWindow
RegisterClassA
EnableScrollBar
ExcludeUpdateRgn
SetKeyboardState
VkKeyScanExA
CharUpperBuffW
OffsetRect
UnregisterClassA
DefDlgProcW
OpenClipboard
GetScrollInfo
CreateIcon
EnumDesktopsW
GetMenuState
CheckMenuItem
MsgWaitForMultipleObjects
CheckDlgButton
GetShellWindow
DialogBoxIndirectParamW
GetMessageA
CountClipboardFormats
UnregisterDeviceNotification
GetTabbedTextExtentW
LoadStringA
GetCapture
LoadImageW
GetCaretBlinkTime
SetClipboardViewer
UnionRect
SendDlgItemMessageA
GetMenuItemCount
SetDlgItemTextW
CreateWindowStationA
MonitorFromRect
IsCharAlphaW
WindowFromPoint
IsRectEmpty
LoadCursorFromFileA
OemToCharW
ModifyMenuW
IsCharLowerW

comdlg32

ChooseFontA
PageSetupDlgA
ChooseColorA
ChooseColorW

kernel32

QueryPerformanceCounter
ReadFile
GetSystemTime
GetConsoleTitleW
ExpandEnvironmentStringsA
GetUserDefaultLCID
LocalHandle
GetLocaleInfoW
SetWaitableTimer
LocalReAlloc
TlsSetValue
GetCurrentThreadId
GetProcAddress
GetEnvironmentStringsA
DeleteCriticalSection
SetUnhandledExceptionFilter
EnterCriticalSection
GetFileType
DosDateTimeToFileTime
IsValidLocale
LeaveCriticalSection
GetStdHandle
CreateMutexA
LoadLibraryA
WideCharToMultiByte
GetLastError
GetStringTypeA
RtlUnwind
GetProfileStringA
InterlockedExchange
LockFile
HeapCreate
HeapSize
GetConsoleCP
EnumSystemLocalesA
ConvertDefaultLocale
LocalCompact
GetTempPathW
HeapAlloc
GetCommandLineA
GetCurrencyFormatW
FlushFileBuffers
OpenSemaphoreA
GetTickCount
GetPrivateProfileSectionW
GetSystemTimeAsFileTime
lstrcatA
GetShortPathNameA
EnumDateFormatsW
VirtualQueryEx
InitializeCriticalSectionAndSpinCount
VirtualAlloc
GetSystemDefaultLangID
GetDiskFreeSpaceExA
ReleaseSemaphore
IsValidCodePage
GetCommandLineW
UnhandledExceptionFilter
SetFilePointer
CompareStringA
MultiByteToWideChar
GetOEMCP
GetACP
FreeLibrary
GlobalFindAtomW
OpenMutexA
LCMapStringW
Sleep
TerminateProcess
OpenFileMappingW
GetStartupInfoA
EnumSystemCodePagesW
GetProcessShutdownParameters
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetTempFileNameW
CreateNamedPipeA
InterlockedCompareExchange
GetEnvironmentStrings
HeapReAlloc
GetCurrentThread
VirtualProtect
GetCurrentDirectoryW
WriteFile
GetPrivateProfileStringW
HeapDestroy
HeapFree
VirtualQuery
CreateEventW
GlobalAlloc
GetPrivateProfileSectionNamesW
SetEvent
SetHandleCount
GetCurrentProcess
GetDriveTypeA
FoldStringA
lstrcpyA
ResumeThread
EnumResourceLanguagesW
EnumSystemLocalesW
SetThreadContext
GetProcessHeap
SetVolumeLabelW
GetFileAttributesA
GetConsoleMode
lstrcmp
CompareStringW
GetConsoleOutputCP
TlsGetValue
CreateFileA
GetDateFormatA
InterlockedDecrement
lstrcatW
WriteProfileSectionW
GetProfileIntA
LCMapStringA
InitializeCriticalSection
VirtualFree
GetCurrentProcessId
IsDebuggerPresent
GetTimeZoneInformation
TlsFree
GetLocaleInfoA
GetEnvironmentStringsW
SetLocalTime
GetCPInfo
SetConsoleCtrlHandler
FlushConsoleInputBuffer
WriteConsoleA
GetVersionExA
SetPriorityClass
WritePrivateProfileStructW
GetStringTypeW
TransmitCommChar
GlobalFree
ReadConsoleOutputA
ExitProcess
RemoveDirectoryA
WriteConsoleW
RemoveDirectoryW
OutputDebugStringA
TlsAlloc
GetTimeFormatA
InterlockedIncrement
SetEnvironmentVariableA
SetStdHandle
GetModuleHandleA
OpenSemaphoreW
SetLastError
FreeEnvironmentStringsW

gdi32

CreateICW
GetTextFaceA
SetICMProfileW
GetRasterizerCaps
GetTextExtentPoint32W
GetTextExtentExPointA
EnumMetaFile
EnumFontFamiliesA
GetPath
SetPolyFillMode
GetEnhMetaFilePaletteEntries
ResetDCA

Sections

.text
Size: 188KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e082c9c6cb34c7b97a9354fefd17b60

Headers

File Characteristics

PDB Paths

Imports

wininet

advapi32

comctl32

user32

comdlg32

kernel32

gdi32

Sections

.text Size: 188KB - Virtual size: 186KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 112KB - Virtual size: 120KB

.rsrc Size: 40KB - Virtual size: 38KB

.text
Size: 188KB - Virtual size: 186KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 112KB - Virtual size: 120KB

.rsrc
Size: 40KB - Virtual size: 38KB