62ff1630cfca0d898c324b2719d02746_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

62ff1630cfca0d898c324b2719d02746_JaffaCakes118
Size

152KB
MD5

62ff1630cfca0d898c324b2719d02746
SHA1

15a3002bc4be76c09e15d89b638734b9c046be31
SHA256

c110da09f576764a610f9d0802d5aa98469b5164e364e523fe8dac9c003c6e40
SHA512

bb67003cee111592f1b479e00ea640d54e49336d4c4737b692b145cc1b7d6a5f98eb54f9f3ea03f5b0de0462db21174372e66eb4aae8ff86996ab58d8b037f63
SSDEEP

3072:hzviHtCfjsdK4rAnPCqlvvyZEtyOSIHFt7Y7F9:9nfQFXIHTYx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62ff1630cfca0d898c324b2719d02746_JaffaCakes118

Files

62ff1630cfca0d898c324b2719d02746_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf47f2a0d0526ee3073765b1bc585c80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
SetStdHandle
GetFileType
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
RtlUnwind
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
ExitProcess
GetOEMCP
GetCPInfo
SetErrorMode
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFileTime
GetFileSize
GetFullPathNameA
GetVolumeInformationA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
DuplicateHandle
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcatA
WritePrivateProfileStringA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
GlobalFree
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpyA
EnterCriticalSection
lstrcpynA
SetLastError
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
CloseHandle
InterlockedIncrement
WaitForSingleObject
GetModuleFileNameA
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
FindFirstFileA
GetFileAttributesA
FindClose
FreeLibrary
CreateToolhelp32Snapshot
Process32First
TerminateProcess
Process32Next
HeapCreate
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
LoadLibraryA
LocalAlloc
LocalFree
GetVersionExA
GetModuleHandleA
GetProcAddress
WinExec
OutputDebugStringA
GetCurrentProcessId
OpenProcess
SetProcessWorkingSetSize
Sleep
FreeEnvironmentStringsW

user32

GetTopWindow
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
GetSysColorBrush
LoadStringA
CharUpperA
DestroyMenu
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
SystemParametersInfoA
IsIconic
GetWindowPlacement
ShowWindow
SetWindowPos
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
GetClassInfoA
GetMenuItemCount
wsprintfA
GetWindowTextA
SetWindowTextA
GetWindow
GetDlgCtrlID
PtInRect
GetClassNameA
ClientToScreen
LoadCursorA
GetCapture
UnhookWindowsHookEx
SetFocus
GetSystemMetrics
DestroyWindow
GetDlgItem
CopyRect
GetClientRect
GetDC
ReleaseDC
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetActiveWindow
GetKeyState
WinHelpA
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
PostQuitMessage
PostMessageA
RegisterWindowMessageA
GetWindowRect
SendMessageA
PeekMessageA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
CreateWindowExA
GetClassLongA
GetMessageA
TranslateMessage
DispatchMessageA
UnregisterClassA

gdi32

GetClipBox
ScaleWindowExtEx
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
RestoreDC
SaveDC
CreateBitmap
GetObjectA
SelectObject
DeleteObject
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

InitializeSecurityDescriptor
RegCreateKeyA
RegCreateKeyExA
AllocateAndInitializeSid
FreeSid
RegDeleteKeyA
RegGetKeySecurity
RegSetKeySecurity
LookupAccountNameA
GetLengthSid
RegOpenKeyExA
InitializeAcl
GetAce
SetSecurityDescriptorDacl
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA

comctl32

ord17

ole32

CoInitialize

wininet

InternetGetLastResponseInfoA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetStatusCallback
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf47f2a0d0526ee3073765b1bc585c80

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

ole32

wininet

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 8KB - Virtual size: 7KB