67d62487d57c8a86513c621692778921_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67d62487d57c8a86513c621692778921_JaffaCakes118
Size

111KB
MD5

67d62487d57c8a86513c621692778921
SHA1

c5b7e88b96ffd416ee8e20bae0698f0505d362a9
SHA256

0726aa567d19c37274c43623cf16688e15aeaa258b357346e377eb99f578eca8
SHA512

1cb912e8ada8ac0826333eb444036606eb97eacd44ea655cb215f61fc60a396ccf8c26481f5ef53df04678283832e41e9e65a3b62b882ab3f732d06c5a3617ea
SSDEEP

3072:d1CXFBQgbfxWsLnK0krbK6cAtHbUnb5atC:mLqrbtlboX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67d62487d57c8a86513c621692778921_JaffaCakes118

Files

67d62487d57c8a86513c621692778921_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eac6dcb68c5a205b822f5dea6fe2c979

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentThreadId
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
SetFilePointer
GetLocaleInfoA
GetShortPathNameW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
SetStdHandle
Sleep
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
GetSystemDirectoryW
ReadFile
GetSystemTime
SystemTimeToFileTime
GetModuleFileNameA
DeleteFileA
GetShortPathNameA
GetProcAddress
SearchPathA
GetModuleHandleW
GetModuleFileNameW
CreateFileW
WriteFile
CloseHandle
GetModuleHandleA
LoadResource
LockResource
LoadLibraryExW
WinExec
LoadLibraryA
SizeofResource
FindResourceA
QueryPerformanceCounter
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
RaiseException
SetLastError
HeapAlloc
GetLastError
HeapFree
RtlUnwind
GetVersionExA
GetProcessHeap
GetStartupInfoW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
GetStdHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

GetWindowRect
UpdateWindow
GetWindowDC
ShowWindow
GetDesktopWindow
SetTimer
TranslateMessage
GetThreadDesktop
CreateDesktopW
SetThreadDesktop
SwitchDesktop
CloseDesktop
GetWindowTextW
RedrawWindow
DrawTextW
LoadCursorW
RegisterClassExW
GetMessageW
FillRect
DispatchMessageW
UnregisterClassW
DefWindowProcW
KillTimer
BeginPaint
EndPaint
MessageBoxW
PostQuitMessage
GetClientRect
GetWindowLongW
CreateWindowExW
RegisterHotKey
CreateWindowExA
ReleaseDC

gdi32

CreateFontW
SetBkMode
SetTextColor
TextOutW
CreatePen
CreateSolidBrush
Rectangle
DeleteObject
MoveToEx
LineTo
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
GetDIBits
DeleteDC
SetDIBitsToDevice

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW

rpcrt4

UuidCreate
UuidToStringW
RpcStringFreeW

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetOpenW
InternetCrackUrlW
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eac6dcb68c5a205b822f5dea6fe2c979

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

rpcrt4

wininet

Sections

.text Size: 91KB - Virtual size: 90KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 91KB - Virtual size: 90KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 16B