73377916de2934cb21e2e918fbb526e9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

73377916de2934cb21e2e918fbb526e9_JaffaCakes118
Size

280KB
MD5

73377916de2934cb21e2e918fbb526e9
SHA1

4b5eadfa49acad86078cab5a4b7cef30d3015a25
SHA256

0c2659acfa099dbddce53477221d75194e7420df1d0ab943bba1401879b139c3
SHA512

12d008beb7f695250ae41fbeb6d63d14b7998a1b342c9b6993a36c593be536c7c302bc4014b4bf1c8c867e6be959aa49365c96cb5305c12a96b1fc64b95f497c
SSDEEP

6144:MgXiHomvG4ouMFAb4atslrX2zAeo0TYTiQs:9woudXstIo0TEs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73377916de2934cb21e2e918fbb526e9_JaffaCakes118

Files

73377916de2934cb21e2e918fbb526e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee11cc2dcbe344e58dfc7071a7e995b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathFindFileNameA
StrStrA
SHDeleteKeyA
PathAppendA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetOpenA

kernel32

TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
SetErrorMode
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
WritePrivateProfileStringA
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
LeaveCriticalSection
VirtualAlloc
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
LocalAlloc
GetCurrentProcessId
GlobalAddAtomA
WaitForSingleObject
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
FreeLibrary
GlobalDeleteAtom
GlobalGetAtomNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
SetLastError
ReleaseSemaphore
CreateSemaphoreA
GetVersion
CompareStringA
InterlockedExchange
MultiByteToWideChar
CompareStringW
DeleteFileA
CopyFileA
GetSystemTimeAsFileTime
GetCurrentProcess
WriteFile
Sleep
ExitProcess
lstrcmpA
GetLastError
LockResource
WideCharToMultiByte
LoadLibraryA
GetProcAddress
GetModuleHandleA
CreateFileA
SizeofResource
LoadResource
FindResourceA
GetModuleFileNameA
lstrlenA
CloseHandle
GetEnvironmentStrings
FreeEnvironmentStringsA

user32

ShowWindow
UnregisterClassA
DestroyMenu
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
SetWindowTextA
GetWindowTextA
LoadCursorA
GetSysColorBrush
UnhookWindowsHookEx
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
DispatchMessageA
TranslateMessage
RegisterWindowMessageA
CreateWindowExA
PostQuitMessage
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
DefWindowProcA
MessageBoxA
CharUpperA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
GetSystemMetrics
PostMessageA
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA
EnableMenuItem

gdi32

SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

oleaut32

VariantInit
VariantClear
VariantChangeType

Sections

.text
Size: 192KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee11cc2dcbe344e58dfc7071a7e995b3

Headers

File Characteristics

Imports

shlwapi

wininet

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

oleaut32

Sections

.text Size: 192KB - Virtual size: 189KB

.rdata Size: 56KB - Virtual size: 52KB

.data Size: 8KB - Virtual size: 27KB

.rsrc Size: 20KB - Virtual size: 16KB

.text
Size: 192KB - Virtual size: 189KB

.rdata
Size: 56KB - Virtual size: 52KB

.data
Size: 8KB - Virtual size: 27KB

.rsrc
Size: 20KB - Virtual size: 16KB