690022703fb1e108c6c53f41e91f99d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

690022703fb1e108c6c53f41e91f99d6_JaffaCakes118
Size

596KB
MD5

690022703fb1e108c6c53f41e91f99d6
SHA1

1a84770d5fe16591d28044142838339b51a98ac3
SHA256

5767a3ba9fb29ee0103bdf68e02dbd56228409722daf0d876ad2de91a56bedd8
SHA512

11f03b2c9182d0cb1d9800600d147c542a733ce6cbc387ae795793baa8ac15292426cc0f07864b501440248bca81ab678f0c2d8d9262ba9cdd8104335fbe7352
SSDEEP

12288:kdnsGmN/mjN7SOWGut0uF1kSplIpffCAoVdbX5GopIsqSb8NELt:2X3VG/yA13plIpHoVdbco+bSbgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
690022703fb1e108c6c53f41e91f99d6_JaffaCakes118

Files

690022703fb1e108c6c53f41e91f99d6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e29195f4753b9e1ef7149f2a19283eba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpCommandA
GetUrlCacheEntryInfoExA
HttpOpenRequestA
InternetReadFileExA
GetUrlCacheEntryInfoExW
InternetCloseHandle

comdlg32

ReplaceTextW
LoadAlterBitmap

advapi32

InitiateSystemShutdownA
CryptEnumProviderTypesW
InitializeSecurityDescriptor
StartServiceW
LogonUserW
RegSetValueA
CryptDecrypt
GetUserNameW
AbortSystemShutdownW
RegQueryMultipleValuesA
RegLoadKeyW
RegEnumValueA
RegCreateKeyW

kernel32

QueryPerformanceCounter
GetConsoleOutputCP
GetFileType
IsValidLocale
LeaveCriticalSection
HeapFree
CloseHandle
CopyFileExA
GetCurrentProcessId
GetStringTypeW
GetEnvironmentStrings
IsValidCodePage
WriteConsoleW
TlsFree
HeapCreate
InterlockedIncrement
SetEnvironmentVariableA
CompareStringA
GetCurrentThread
GetSystemTimeAsFileTime
GetLastError
TlsGetValue
TerminateProcess
GetVersionExA
GetStartupInfoA
lstrlenA
LCMapStringW
GetModuleFileNameW
WriteConsoleOutputA
GetProcAddress
SetStdHandle
FlushFileBuffers
FreeLibrary
CreateFileA
GetEnvironmentStringsW
IsBadReadPtr
GetCommandLineW
GetLogicalDriveStringsA
GetLocaleInfoW
GetUserDefaultLCID
GetCommandLineA
HeapDestroy
SetConsoleCtrlHandler
SetFilePointer
GetStringTypeA
SetUnhandledExceptionFilter
InterlockedDecrement
HeapAlloc
GetTimeZoneInformation
WriteFile
SetHandleCount
GlobalCompact
EnterCriticalSection
LoadLibraryW
GetConsoleMode
EnumSystemLocalesA
GetDiskFreeSpaceW
FreeEnvironmentStringsA
GetCPInfo
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
LoadLibraryA
GetCalendarInfoA
GetStartupInfoW
OutputDebugStringW
DeleteCriticalSection
LCMapStringA
GetConsoleCP
GetDateFormatA
LoadLibraryExW
TlsSetValue
HeapReAlloc
GetStdHandle
ExitProcess
HeapValidate
WriteConsoleA
SetLastError
IsDebuggerPresent
GetTimeFormatA
GetACP
TlsAlloc
OutputDebugStringA
GetCurrentProcess
VirtualQuery
RaiseException
CompareStringW
WideCharToMultiByte
GetModuleFileNameA
InterlockedExchange
RtlUnwind
VirtualFree
GetLocaleInfoA
GetSystemDirectoryA
GetModuleHandleA
GetOEMCP
VirtualAlloc
UnhandledExceptionFilter
GetTickCount
DebugBreak
GetProcessHeap
GetCurrentThreadId

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e29195f4753b9e1ef7149f2a19283eba

Headers

File Characteristics

Imports

wininet

comdlg32

advapi32

kernel32

Sections

.text Size: 262KB - Virtual size: 261KB

.rdata Size: 43KB - Virtual size: 68KB

.data Size: 284KB - Virtual size: 283KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 262KB - Virtual size: 261KB

.rdata
Size: 43KB - Virtual size: 68KB

.data
Size: 284KB - Virtual size: 283KB

.rsrc
Size: 6KB - Virtual size: 6KB