62fa19034997de68207008f1c2ab4f3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

62fa19034997de68207008f1c2ab4f3d_JaffaCakes118
Size

548KB
MD5

62fa19034997de68207008f1c2ab4f3d
SHA1

c5ec08ddc845392c1e663cadc1653e94da08616c
SHA256

1739ee8de66ff508e83984b473f26aec0f9c6c3c5c932ce9c9f9b98280434944
SHA512

b6f4a29e6e1a02eebdcf63844552243adacafd84d981ff6e54efa22f9014abf91899390bf742a44714bddedd5b09bbb410feaed688908f9fd438476bceaf89a2
SSDEEP

12288:dqBCg75hRW2RrKfW2mPwFXhgXagbhGNyfkFLVtIfNEBfY:dqIg75hRW2BiW7Pa2VbhoLTrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62fa19034997de68207008f1c2ab4f3d_JaffaCakes118

Files

62fa19034997de68207008f1c2ab4f3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed5477383ab0e5ea07f10ea6fe5e9a1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoExA
InternetReadFileExA
InternetSetCookieW

shell32

ShellExecuteExW
SHGetDataFromIDListA
SHBrowseForFolderA

user32

SendDlgItemMessageA
InsertMenuW
CreateDialogParamW
EndTask
TileChildWindows
DdePostAdvise
GetFocus
RegisterClassA
CharToOemBuffW
EnumWindows
GetGUIThreadInfo
SetDebugErrorLevel
CreateCursor
VkKeyScanExA
TranslateAcceleratorW
AnimateWindow
GetWindowRect
DefFrameProcA
GetCapture
IsRectEmpty
WaitForInputIdle
SetMenuContextHelpId
MapVirtualKeyA
SendInput
CharPrevExA
RegisterClassExA
SetUserObjectSecurity
TrackPopupMenuEx
NotifyWinEvent
DdeConnect
CharNextA
CheckMenuRadioItem
DrawTextA
EnumClipboardFormats
CharUpperBuffA
IsCharLowerA
DrawEdge
GetKeyboardLayoutNameA
OemKeyScan
LoadCursorFromFileA
MapDialogRect
DdeAbandonTransaction
SetClassLongW
GetClassInfoW

comctl32

ImageList_Replace
ImageList_EndDrag
ImageList_GetFlags
ImageList_Read
_TrackMouseEvent
ImageList_Merge
InitCommonControlsEx
ImageList_SetDragCursorImage
DrawStatusTextA
CreatePropertySheetPageA
ImageList_GetImageInfo
ImageList_LoadImageA
ImageList_Write
InitMUILanguage
ImageList_AddMasked
ImageList_GetIconSize
ImageList_DragLeave
DestroyPropertySheetPage
MakeDragList
ImageList_DragEnter
ImageList_LoadImageW
ImageList_Remove

gdi32

StrokeAndFillPath
GetTextColor
GetMetaFileBitsEx
GetObjectA
CombineTransform
BeginPath
GetWindowExtEx
GetTextCharacterExtra
CreateFontIndirectA
GetGlyphOutline
CreateScalableFontResourceA
GetPath
GetMiterLimit
Arc
SetMiterLimit
GetAspectRatioFilterEx
UnrealizeObject
SetBoundsRect
GetEnhMetaFileBits
SetBkMode

kernel32

GetProcessShutdownParameters
GetCurrentProcessId
OutputDebugStringA
LocalShrink
QueryPerformanceCounter
GetLocalTime
GetTempFileNameA
FlushFileBuffers
GetEnvironmentStrings
SetHandleCount
GetExitCodeThread
WriteFile
SetThreadContext
GetStringTypeW
WaitForDebugEvent
GetTickCount
GetProfileSectionW
SetLastError
GetCurrentProcess
SetEnvironmentVariableA
FormatMessageA
GetStringTypeA
RemoveDirectoryA
WideCharToMultiByte
GetFileType
GetModuleHandleA
RtlUnwind
CompareStringA
HeapReAlloc
FreeEnvironmentStringsW
ExpandEnvironmentStringsW
GetStartupInfoW
MapViewOfFile
CreateNamedPipeW
SetConsoleMode
WriteConsoleOutputA
WriteConsoleOutputCharacterA
GetSystemTime
GetCPInfo
VirtualAlloc
LeaveCriticalSection
GetVersion
TlsFree
CreateMutexA
EnumSystemCodePagesA
CompareStringW
GetFullPathNameA
VirtualUnlock
LCMapStringA
UnmapViewOfFile
MultiByteToWideChar
WritePrivateProfileSectionW
VirtualQuery
DeleteCriticalSection
GetSystemTimeAsFileTime
GetEnvironmentStringsW
lstrlenW
GlobalLock
IsBadWritePtr
WriteConsoleW
GetModuleFileNameW
TlsSetValue
HeapValidate
TlsAlloc
FindNextFileA
SetStdHandle
OpenMutexA
FindNextFileW
UnlockFile
GetStartupInfoA
GetCurrentThread
CreateFileMappingW
GetCommandLineW
ExitProcess
GetProcAddress
InterlockedIncrement
GetStdHandle
GetSystemInfo
TlsGetValue
GetMailslotInfo
GetLastError
GetCalendarInfoW
Sleep
HeapDestroy
HeapCreate
VirtualProtectEx
InterlockedExchange
InterlockedDecrement
SetLocalTime
TerminateProcess
FreeEnvironmentStringsA
GetOEMCP
GetPrivateProfileSectionNamesW
SetTimeZoneInformation
GetTimeZoneInformation
VirtualFree
FileTimeToDosDateTime
EnterCriticalSection
WriteConsoleInputW
HeapAlloc
LoadLibraryA
GetCommandLineA
lstrlenA
SetFilePointer
DeleteFiber
GetCurrentThreadId
InitializeCriticalSection
GetLogicalDriveStringsA
EnumCalendarInfoExA
GetSystemDefaultLCID
GetModuleFileNameA
ReadFile
CloseHandle
HeapFree
MoveFileA
UnhandledExceptionFilter
LCMapStringW
GlobalUnlock
EnumSystemLocalesW

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed5477383ab0e5ea07f10ea6fe5e9a1f

Headers

File Characteristics

Imports

wininet

shell32

user32

comctl32

gdi32

kernel32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 264KB - Virtual size: 260KB

.data Size: 108KB - Virtual size: 125KB

.rsrc Size: 12KB - Virtual size: 10KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 264KB - Virtual size: 260KB

.data
Size: 108KB - Virtual size: 125KB

.rsrc
Size: 12KB - Virtual size: 10KB