67db6291579b66f185c3d0bfc01d5a48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67db6291579b66f185c3d0bfc01d5a48_JaffaCakes118
Size

407KB
MD5

67db6291579b66f185c3d0bfc01d5a48
SHA1

faf3969ef47e93c183fc57aa23ed5d0167faf600
SHA256

31d22b1742741625bcc7d62e4895a1fcd4e0f62e65686b53bfd26f3273a1f154
SHA512

ac56f0481c66b274733de82f1970c306a9a14cdec810d90bdb207380aa24f1be4a31ecfa5932608e95aca1554204a9debb8592fdf605196486c1aefe52776365
SSDEEP

12288:w9bUkzcHbg0CZOeDSYDZO8B/5qAtAzV7:czcq/DSYlO8BUAtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67db6291579b66f185c3d0bfc01d5a48_JaffaCakes118

Files

67db6291579b66f185c3d0bfc01d5a48_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9af268605d88b852901dfd2635a62df1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateHalftonePalette
CopyEnhMetaFileW
BeginPath
CreateFontA
GetEnhMetaFileBits
GetMapMode
GetRandomRgn
CreateDCW
SetPixelV
RemoveFontResourceA
GetEnhMetaFileW
EnumFontsW
SetColorAdjustment
DeleteMetaFile
CreatePolyPolygonRgn
PlayMetaFile

comctl32

InitCommonControlsEx

user32

LookupIconIdFromDirectoryEx
UnhookWindowsHookEx
PostQuitMessage
MonitorFromWindow
FindWindowExW
SendNotifyMessageA
CheckMenuItem
EnumPropsExA
GetDlgItemTextA
RegisterClassExA
GetDlgItemInt
EnumPropsW
ToUnicodeEx
SetDlgItemTextW
RealGetWindowClass
RegisterClassA
GetAltTabInfo
GetWindowLongA
SwapMouseButton

wininet

InternetSecurityProtocolToStringA
InternetHangUp
FtpCommandW
FreeUrlCacheSpaceA
RunOnceUrlCache
InternetCreateUrlA
ShowClientAuthCerts
InternetConfirmZoneCrossing
UrlZonesDetach

kernel32

WriteFile
LCMapStringW
GlobalGetAtomNameA
GetACP
GetCurrentProcess
HeapFree
FreeEnvironmentStringsW
LeaveCriticalSection
GetTimeZoneInformation
OpenMutexA
SetLastError
VirtualFree
GetDateFormatA
GetCurrentThread
TlsGetValue
WriteProfileSectionA
GetCPInfo
InitializeCriticalSection
GetProcAddress
SetEvent
FreeEnvironmentStringsA
VirtualQuery
GetModuleFileNameA
TlsSetValue
GetLocaleInfoA
GetLocaleInfoW
GetVersionExA
EnterCriticalSection
GetStdHandle
MultiByteToWideChar
GlobalCompact
CloseHandle
LCMapStringA
GetLastError
RtlUnwind
GetSystemTimeAsFileTime
HeapAlloc
GetStringTypeW
GetStringTypeA
SetHandleCount
GetEnvironmentStrings
CompareStringW
GetCommandLineA
ReadFile
HeapSize
GetCurrentThreadId
TlsAlloc
IsBadWritePtr
GetFileType
TlsFree
InterlockedExchange
CompareStringA
GetEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
GetCurrentProcessId
EnumSystemLocalesA
OpenSemaphoreA
VirtualAlloc
SetThreadContext
FlushFileBuffers
WideCharToMultiByte
LoadLibraryA
IsValidLocale
QueryPerformanceCounter
CreateMutexA
VirtualProtect
SetThreadLocale
HeapReAlloc
GetUserDefaultLCID
DeleteCriticalSection
HeapCreate
GetModuleHandleA
GetTickCount
GetWindowsDirectoryW
GetTimeFormatA
SetFilePointer
UnhandledExceptionFilter
LocalCompact
LoadResource
GetStartupInfoA
GlobalFlags
HeapDestroy
TerminateProcess
IsValidCodePage
GetOEMCP
GetSystemInfo
ExitProcess

comdlg32

GetOpenFileNameW

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9af268605d88b852901dfd2635a62df1

Headers

File Characteristics

Imports

gdi32

comctl32

user32

wininet

kernel32

comdlg32

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 8KB - Virtual size: 18KB

.data Size: 209KB - Virtual size: 209KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 8KB - Virtual size: 18KB

.data
Size: 209KB - Virtual size: 209KB

.rsrc
Size: 4KB - Virtual size: 3KB