6213bb147daa40a1b7512cafeed44b36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6213bb147daa40a1b7512cafeed44b36_JaffaCakes118
Size

168KB
MD5

6213bb147daa40a1b7512cafeed44b36
SHA1

5728e19a3cbf9f51ea372ea41034d8eafc38ac7c
SHA256

b911eaa3436f598694a0bbad0ec8839452139eac9e9dd6a1e0f4ddbfb4bbfae4
SHA512

a30d4de146a638f50f2db7cd7dc88ded427fca8d0ada4606d70e34e0e7053449558f2623019101de769af4d0d10ad939aa296b0ec07d9e1e8ee44cf7c98d7a93
SSDEEP

3072:WPJ+1A+UlRLKoe8hvUxdEMlqDdVqWVodafLEcFx3o4Rq+xJa:QgeSvZlqmd+7TU+Pa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6213bb147daa40a1b7512cafeed44b36_JaffaCakes118

Files

6213bb147daa40a1b7512cafeed44b36_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ab8a3e8609b8d563ed6dc74e40ac6eb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

URLDownloadToFileA

kernel32

lstrcatA
lstrcmpA
GetCurrentThreadId
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
ExitProcess
TerminateProcess
CreateThread
ExitThread
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
SetStdHandle
GetFileType
GetACP
HeapSize
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFileAttributesA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FindFirstFileA
FindClose
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
FormatMessageA
LocalFree
LocalAlloc
FreeLibrary
lstrcpyA
EnterCriticalSection
GetLastError
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrcpynA
Sleep
GetPrivateProfileStringA
GetModuleFileNameA
GetPrivateProfileIntA
WaitForSingleObject
RaiseException
CloseHandle

user32

GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
SetWindowTextA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetWindowTextA
GetDlgCtrlID
DestroyWindow
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
EnableWindow
GetSystemMetrics
CharUpperA
UnhookWindowsHookEx
KillTimer
SetTimer
DefWindowProcA
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetParent
MessageBoxA
RegisterWindowMessageA

gdi32

CreateBitmap
GetObjectA
GetDeviceCaps
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetBkColor

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

comctl32

ord17

wininet

HttpOpenRequestA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetOpenA
InternetCloseHandle
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab8a3e8609b8d563ed6dc74e40ac6eb5

Headers

File Characteristics

Imports

urlmon

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 2KB