6659847dd9a2c387f2c96215f3b08d49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6659847dd9a2c387f2c96215f3b08d49_JaffaCakes118
Size

160KB
MD5

6659847dd9a2c387f2c96215f3b08d49
SHA1

b8be3dcb79a5122b7cbd4d3ba1391dba443b3ef5
SHA256

50c2d01d3f3a5899935aeddb6b09158bf670ee5f73841df088d6b717c75d2624
SHA512

58266db5856fc092ddfe38a193977a24c649640ae67cd86216356a735506fb92258bba5e0b368e1ad0beb577cf3a88abbb727b5f645cca36a6b8db4e040aa838
SSDEEP

3072:kl0y9aUlaeejQhn7N2D9/hu+04o9YMEMP0ktF77Xl+AZ:kay9avuN25/EYo9YMEuZQAZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6659847dd9a2c387f2c96215f3b08d49_JaffaCakes118

Files

6659847dd9a2c387f2c96215f3b08d49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f821d3f38d4b1b5d6ae71801db87cabd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexA
CopyFileA
GetTempFileNameA
MoveFileA
WriteFile
SizeofResource
FindResourceA
GetModuleHandleA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
LocalFree
LeaveCriticalSection
EnterCriticalSection
GetComputerNameA
SetEvent
TerminateThread
GetSystemTime
FindClose
FindFirstFileA
GetFileSize
HeapAlloc
GetProcessHeap
HeapFree
lstrcatA
MapViewOfFile
CreateFileMappingA
GetFileInformationByHandle
ResetEvent
SetFileTime
FlushFileBuffers
GlobalFree
GlobalUnlock
GlobalLock
SetThreadPriority
CreateThread
GlobalAlloc
CreateFileA
LocalAlloc
RemoveDirectoryA
GetTickCount
InitializeCriticalSection
DeleteCriticalSection
FileTimeToSystemTime
GetProcAddress
LoadLibraryA
GetVersionExA
FreeLibrary
ResumeThread
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
LCMapStringW
LCMapStringA
ReadFile
ReleaseMutex
GetLocalTime
SetFileAttributesA
CreateEventA
SystemTimeToFileTime
Sleep
GetFileAttributesA
lstrcpynA
CreateProcessA
WaitForSingleObject
CloseHandle
DeleteFileA
lstrcmpiA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetTempPathA
lstrcpyA
CreateDirectoryA
lstrlenA
MoveFileExA
GetStringTypeW
GetStringTypeA
HeapSize
GetCurrentProcess
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
RaiseException
HeapReAlloc
RtlUnwind

user32

TranslateMessage
PeekMessageA
SendMessageA
FindWindowA
PostQuitMessage
DestroyWindow
DefWindowProcA
RegisterClassExA
PostMessageA
DispatchMessageA
GetMessageA
SetTimer
CreateWindowExA
LoadStringA
IsWindow
PostThreadMessageA
wsprintfA
KillTimer
RegisterWindowMessageA

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteValueA

shell32

SHGetSpecialFolderPathA
ShellExecuteExA

ole32

CoInitialize
CoCreateInstance

oleaut32

SysStringByteLen
GetErrorInfo
SysAllocString
SysFreeString
VariantInit
VariantClear

wininet

InternetConnectA
InternetSetOptionA
InternetSetStatusCallback
InternetWriteFile
InternetOpenA
FtpGetCurrentDirectoryA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
HttpEndRequestA
InternetCanonicalizeUrlA
InternetCrackUrlA
FtpRemoveDirectoryA
FtpCreateDirectoryA
InternetGetLastResponseInfoA
FtpFindFirstFileA
FtpDeleteFileA
FtpRenameFileA
FtpOpenFileA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
HttpSendRequestExA
InternetCloseHandle
InternetSetCookieA

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f821d3f38d4b1b5d6ae71801db87cabd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 41KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 3KB