69d7b47c88b81fb682e648e2391b3b18_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69d7b47c88b81fb682e648e2391b3b18_JaffaCakes118
Size

378KB
MD5

69d7b47c88b81fb682e648e2391b3b18
SHA1

bd900a4d7eb376bdf735d56dc7ac2fb20f0bbe9a
SHA256

88833ba0322f61da7044752c504d14ce91d95b7628fb3db8b112f7414bbc8a3f
SHA512

4a81c8935a2b379bad9fa88c320febf156ea065cd8a8cefd1ec5060ccec1ab396abaed7de3312c4f12ef3ec23cbd696316437cc60cbcfa500068a64aa5cba57e
SSDEEP

6144:qMG2nEL+r1tVQtSr0gzQ3vPzQirjmo7gVbMUJA47vq+oMO1MgWqcO:RnfrXVQtSr0gzcXr6o7EPLqsO1VcO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69d7b47c88b81fb682e648e2391b3b18_JaffaCakes118

Files

69d7b47c88b81fb682e648e2391b3b18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

161d9257168ed2fcf9ac3b5d832828f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CheckMenuRadioItem
MapVirtualKeyA
SetWindowLongW
WINNLSGetEnableStatus
DdeClientTransaction
DdeQueryStringA
RegisterDeviceNotificationW
SetTimer
GetClipCursor
IsCharAlphaNumericA
GetQueueStatus
GetKeyState
CreateDesktopW
GetDlgItem
SetWindowsHookExW
EnableWindow
GetTitleBarInfo
CopyImage
RealChildWindowFromPoint
GetDlgItemTextA
FindWindowA
FrameRect
ShowOwnedPopups
DlgDirListW
CascadeWindows

gdi32

GetFontLanguageInfo
SetICMProfileW
GetCharWidth32A
CombineTransform
PolyBezier
GetTextCharsetInfo
CreateRectRgn
RealizePalette

wininet

InternetConnectW
InternetQueryDataAvailable
IsUrlCacheEntryExpiredA
InternetSetOptionExA
InternetWriteFile
UnlockUrlCacheEntryFile
RetrieveUrlCacheEntryStreamW
DeleteUrlCacheContainerW
FtpGetFileSize
DetectAutoProxyUrl
InternetShowSecurityInfoByURLA
InternetSecurityProtocolToStringW
InternetCreateUrlA
InternetWriteFileExW
InternetFortezzaCommand
FtpRenameFileA
ShowSecurityInfo
FtpGetFileA
RetrieveUrlCacheEntryFileA
InternetSetCookieA
UpdateUrlCacheContentPath
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryExW
UnlockUrlCacheEntryFileA
DeleteUrlCacheEntryA

comdlg32

FindTextA
PrintDlgW
PageSetupDlgW

kernel32

VirtualAlloc
GetFileType
GetStartupInfoA
InterlockedExchange
EnterCriticalSection
TlsFree
WriteConsoleOutputCharacterW
VirtualFree
QueryPerformanceCounter
GetCommandLineW
OpenEventW
CopyFileA
GetLastError
RemoveDirectoryA
FindFirstFileW
GetAtomNameA
GetTempFileNameA
SetLastError
FreeEnvironmentStringsA
EnumDateFormatsW
SetUnhandledExceptionFilter
SetHandleCount
GetCurrentThreadId
CreateFileW
GetEnvironmentStrings
ExitProcess
GetSystemTimeAsFileTime
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
WriteFile
TlsGetValue
GetConsoleTitleW
GetModuleFileNameW
HeapFree
IsBadWritePtr
TerminateProcess
LoadLibraryA
GetCurrentThread
GetDriveTypeA
HeapAlloc
GetStdHandle
GetEnvironmentStringsW
RtlUnwind
VirtualQuery
MultiByteToWideChar
GetCurrentProcessId
UnhandledExceptionFilter
RtlMoveMemory
GetModuleHandleA
GetProcAddress
TlsSetValue
VirtualQueryEx
ExpandEnvironmentStringsA
HeapLock
GetStartupInfoW
FindNextFileA
HeapReAlloc
GetTickCount
InitializeCriticalSection
GetCurrentProcess
GetCommandLineA
lstrcatW
GlobalUnfix
FreeEnvironmentStringsW
EnumResourceNamesA
GetModuleFileNameA
HeapCreate
GetVersion
TlsAlloc
FlushInstructionCache

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

161d9257168ed2fcf9ac3b5d832828f4

Headers

File Characteristics

Imports

user32

gdi32

wininet

comdlg32

kernel32

Sections

.text Size: 107KB - Virtual size: 106KB

.data Size: 266KB - Virtual size: 287KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 107KB - Virtual size: 106KB

.data
Size: 266KB - Virtual size: 287KB

.rsrc
Size: 4KB - Virtual size: 4KB