60aa5885301306bc1b3e1137add4fd48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

60aa5885301306bc1b3e1137add4fd48_JaffaCakes118
Size

488KB
MD5

60aa5885301306bc1b3e1137add4fd48
SHA1

2aab6a5ded4d8cf95a670fb4b5d22e8f290589cf
SHA256

8f2381e55b39aa0c8676cf5f7e96c03afcbac2a7d0907aabce157a26212015b7
SHA512

56b1017b637c89ac811c7f908abcc1b000fef0764c21468ca60f35780671b3cadee42e9456fc840b5e8ae75060b4eb3e42e165950df0d413aae1616e728525b0
SSDEEP

12288:ryIFaHtM7a4sM64DVch4NGPL2I5qsH5J:+IFae7aO64vNGT2I5qsH5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60aa5885301306bc1b3e1137add4fd48_JaffaCakes118

Files

60aa5885301306bc1b3e1137add4fd48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

995721c656dddbf7a6217181e622a965

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\meeej\zfjcuklhp.pdb

Imports

wininet

InternetWriteFileExA
InternetSetCookieW
InternetDial
HttpAddRequestHeadersW
GetUrlCacheEntryInfoExW
InternetSetOptionA
FtpCommandW
HttpOpenRequestW

kernel32

GetTimeFormatA
lstrcat
SetFileAttributesW
WriteConsoleW
InterlockedDecrement
GetModuleHandleW
GetLocaleInfoW
SetHandleCount
GetDateFormatW
SetEnvironmentVariableA
GetLastError
GetModuleHandleA
EnumSystemLocalesA
GetFileType
CreateSemaphoreA
SetStdHandle
SetUnhandledExceptionFilter
CreateMutexA
TlsSetValue
GetDateFormatA
GetACP
CompareStringA
FreeEnvironmentStringsA
WritePrivateProfileSectionA
GetLongPathNameW
SetConsoleTextAttribute
IsDebuggerPresent
GetModuleFileNameW
WideCharToMultiByte
MoveFileExA
SetFileAttributesA
UnhandledExceptionFilter
GetStringTypeW
HeapFree
LeaveCriticalSection
GetTempFileNameA
GetCurrentThread
GetVersionExA
LocalShrink
GetCommandLineW
TlsGetValue
GetLogicalDriveStringsA
HeapReAlloc
VirtualAlloc
FreeLibrary
GetEnvironmentStringsW
QueryPerformanceCounter
InterlockedIncrement
GetStartupInfoA
GetVersion
GetStdHandle
DeleteCriticalSection
TlsAlloc
GetVolumeInformationA
GetProcAddress
GetStringTypeA
HeapCreate
HeapSize
GetTickCount
MultiByteToWideChar
IsValidLocale
GlobalHandle
GetConsoleCP
WriteFile
CreateFileA
LCMapStringW
OpenWaitableTimerA
GetEnvironmentStrings
OpenMutexA
VirtualQuery
SystemTimeToFileTime
RtlUnwind
FoldStringA
SetConsoleCtrlHandler
EnterCriticalSection
CompareStringW
SetConsoleActiveScreenBuffer
GetCurrentProcessId
GetConsoleMode
GetLocaleInfoA
IsValidCodePage
VirtualFree
InterlockedExchange
ReadFile
GetFileTime
GetProcessHeap
HeapDestroy
GetCurrentThreadId
Sleep
GetUserDefaultLCID
ExitProcess
LCMapStringA
GetSystemTimeAsFileTime
SetLastError
GetOEMCP
GetCommandLineA
EnumDateFormatsW
LoadLibraryA
TlsFree
SetFilePointer
LocalCompact
TerminateProcess
HeapAlloc
InitializeCriticalSection
CloseHandle
FreeEnvironmentStringsW
GetCurrentProcess
GetConsoleOutputCP
WriteConsoleA
EnumResourceTypesA
GetCPInfo
FlushFileBuffers
GlobalAlloc
GetStartupInfoW
WritePrivateProfileStringA
GetTimeZoneInformation
GetModuleFileNameA

comdlg32

PrintDlgW
GetFileTitleW

user32

InflateRect
CreateWindowExA
DestroyWindow
CallWindowProcW
MapVirtualKeyW
GetDCEx
IsWindowUnicode
TranslateMDISysAccel
UnregisterHotKey
DrawFrame
ShowWindow
UpdateWindow
RegisterClassA
MessageBoxA
RegisterClassExA
MapVirtualKeyExW
CharLowerBuffA
GetClipboardFormatNameW
DefWindowProcA
PackDDElParam
InvertRect
ValidateRect
wsprintfA
OpenDesktopA

comctl32

ImageList_Draw
InitCommonControlsEx

advapi32

CryptSignHashA
CryptGetUserKey
RegOpenKeyA
CryptEnumProviderTypesA
RegDeleteValueA
InitializeSecurityDescriptor
CreateServiceW
CryptEnumProvidersW
LookupAccountNameW
LookupPrivilegeValueA
CryptDecrypt
CryptSetProviderW
RegDeleteKeyW
RegCloseKey
LogonUserA
RegQueryValueExA
RegDeleteKeyA
RegRestoreKeyW
StartServiceW
CryptGetDefaultProviderW
CryptGetKeyParam

gdi32

UpdateICMRegKeyA
StretchBlt
GetOutlineTextMetricsA
SetAbortProc
CreateBitmapIndirect
EndPath
PolyBezierTo
DeleteObject
CreateDCA
GetObjectW
RemoveFontResourceW
GetCharWidthFloatW
PathToRegion
GetMiterLimit
SelectPalette
GetBitmapBits
CreateEnhMetaFileA
GetDeviceCaps
GetLogColorSpaceA
Rectangle
EnumFontFamiliesA
DeleteDC

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

995721c656dddbf7a6217181e622a965

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

comdlg32

user32

comctl32

advapi32

gdi32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 140KB - Virtual size: 136KB

.data Size: 104KB - Virtual size: 129KB

.rsrc Size: 80KB - Virtual size: 79KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 104KB - Virtual size: 129KB

.rsrc
Size: 80KB - Virtual size: 79KB