744af5e74e9475844e1a3957b82f9fce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

744af5e74e9475844e1a3957b82f9fce_JaffaCakes118
Size

168KB
MD5

744af5e74e9475844e1a3957b82f9fce
SHA1

31cebcf921a8a0717c1af9b898fee8d3aefa1d0c
SHA256

4422b425869c94896ffe5750f1c20e5c833c26eb7f36bb3dd7fc7bb679e31c53
SHA512

0ecef98ed82794167d26d4d772c1b2855165c525df85d25cc4b77907b88c36ebc8b4634e3dca8be6f24a550a77864df919fda65a84d872a0123cb287b31c61f5
SSDEEP

3072:KFWmc6h50Gm3eX+ITRYCL9j+kkzLZ9LS8uN4okmu0rui:KR1h/+qRYCL9jZkzLOvYQui

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
744af5e74e9475844e1a3957b82f9fce_JaffaCakes118

Files

744af5e74e9475844e1a3957b82f9fce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44b421af52531109536f7e6b982ad577

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

gethostbyname

wininet

InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetGetConnectedState

kernel32

lstrcmpA
GetModuleHandleA
InterlockedIncrement
GetTempPathA
GetLastError
CreateDirectoryA
lstrcpyA
GetFileSize
CreateFileA
DeleteFileA
FlushFileBuffers
WriteFile
GetTickCount
SetFilePointer
GetCommandLineA
GetModuleFileNameA
GetShortPathNameA
CopyFileA
GetVersion
GetFullPathNameA
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
GetProcAddress
GetDiskFreeSpaceA
CreateMutexA
MulDiv
LeaveCriticalSection
EnterCriticalSection
CreateThread
lstrcatA
Sleep
InterlockedDecrement
CloseHandle
GetModuleFileNameW
LoadLibraryA
HeapAlloc
GetSystemInfo
HeapCreate
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
FreeResource
GlobalFree
GlobalHandle
LockResource
LoadResource
FindResourceA
GlobalAlloc
lstrlenW
MultiByteToWideChar
GlobalUnlock
GlobalLock
CompareStringA
lstrcmpiA
WideCharToMultiByte
FreeLibrary
GetStartupInfoA
ExitProcess
HeapReAlloc
HeapFree
ReadFile
GetACP
GetOEMCP
GetVersionExA
lstrlenA
SetEndOfFile
LoadLibraryW
GetCurrentThreadId
SetLastError
GetModuleHandleW
GetCPInfo
GetFileAttributesW
GetStringTypeA
GetStringTypeW
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
SetUnhandledExceptionFilter
TlsGetValue
TlsSetValue
RtlUnwind
LCMapStringA
LCMapStringW
GetStdHandle
GetFileType
TerminateProcess
SetStdHandle

user32

IsDialogMessageA
MapWindowPoints
ShowWindow
SetWindowTextA
DestroyWindow
SendMessageA
CharLowerA
GetMessageA
PostQuitMessage
LoadIconA
SetCapture
IsChild
SetWindowPos
CharNextA
GetDlgItem
wvsprintfA
RedrawWindow
ReleaseCapture
wsprintfA
CreateWindowExA
CreateAcceleratorTableA
GetDesktopWindow
GetClassNameA
IsWindow
BeginPaint
FillRect
EndPaint
GetDC
ReleaseDC
GetFocus
SetWindowLongA
GetClientRect
PostMessageA
MoveWindow
InvalidateRgn
SetFocus
GetSysColor
CallWindowProcA
GetWindowTextLengthA
RegisterClassExA
DefWindowProcA
GetClassInfoExA
CreateDialogIndirectParamA
RegisterWindowMessageA
LoadCursorA
GetWindow
GetWindowLongA
GetParent
DispatchMessageA
SystemParametersInfoA
LoadStringA
GetWindowRect
InvalidateRect
GetWindowTextA

gdi32

SelectObject
GetDeviceCaps
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
DeleteDC
BitBlt
CreateCompatibleDC

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA

shell32

SHGetMalloc
SHGetSpecialFolderPathA
Shell_NotifyIconA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellExecuteA
SHFileOperationA

ole32

CoTaskMemAlloc
OleUninitialize
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoInitialize
CoUninitialize

oleaut32

SysStringLen
LoadRegTypeLi
SysAllocString
SysAllocStringLen
VariantClear
SysFreeString
OleCreateFontIndirect

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44b421af52531109536f7e6b982ad577

Headers

File Characteristics

Imports

wsock32

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 60KB - Virtual size: 56KB