77ccdb6bf715fa2480333c921db34c13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77ccdb6bf715fa2480333c921db34c13_JaffaCakes118
Size

226KB
MD5

77ccdb6bf715fa2480333c921db34c13
SHA1

84fbecf5d89c067ffa42289607d88a1ba991ba1d
SHA256

123182a0d499b3b72e0e4e3616839a91c4fb05eeea9409941f3793af01676f62
SHA512

084c1305bfbba169d273a7f0e25f8c9ed4f06c8b4d7787a903b051bff5962199bf67e8f0a0d19e30554a59beb6f1f26816b3806b35230c72d96fea356954f33a
SSDEEP

6144:3zbsWrJuIDMzYlmpOkIpkZ1hhTmATvSxzl6Y/TSvt0:DdRkSQ5qA7SFEmTSl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77ccdb6bf715fa2480333c921db34c13_JaffaCakes118

Files

77ccdb6bf715fa2480333c921db34c13_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eb56ff0b12ba8fed58c88a68553edb5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegQueryValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceW
RegEnumValueA
GetUserNameA

comctl32

ord17

gdi32

CreateFontA
DeleteDC
RestoreDC
DeleteObject
GetTextFaceA
SelectObject
GetTextMetricsA
GetDeviceCaps
SetMapMode
SaveDC
Polyline
CreatePen
ExtTextOutW
GetTextExtentPoint32W
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA

kernel32

GetModuleHandleA
MultiByteToWideChar
GetCommandLineA
GetCommandLineW
MapViewOfFile
ReleaseMutex
WaitForSingleObject
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetStartupInfoA
CloseHandle
CreateThread
Sleep
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
LoadLibraryA
SetUnhandledExceptionFilter
MulDiv
WideCharToMultiByte
IsBadReadPtr
GetModuleFileNameA
GetSystemDefaultLangID
GetProcAddress
GetUserDefaultLangID
GetACP
GetSystemDefaultLCID
GetVersionExA
FreeLibrary
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
lstrcpyA
GetLastError
GetProfileStringA
SetEvent
CreateSemaphoreA
CreateProcessW
ExpandEnvironmentStringsW
CreateFileMappingA
GetFileSize
CreateFileA
DeleteFileA
DeleteFileW
GetTickCount
SetEnvironmentVariableA
ReadProcessMemory
VirtualQueryEx
GetSystemInfo
GetFileAttributesA
CreateDirectoryA
WriteFile
SetFilePointer
CreateFileW
GetTempPathA
GetTempPathW
GetFileAttributesW
CreateDirectoryW
LockResource
LoadResource
FindResourceExA
GetSystemDirectoryA
SetEndOfFile
ExpandEnvironmentStringsA
IsDBCSLeadByte
CreateProcessA
SuspendThread
GetSystemTime
GetComputerNameA
CreateMutexA
TlsAlloc
TlsFree
TlsSetValue
VirtualFree
TlsGetValue
UnmapViewOfFile
SetLastError
HeapAlloc
GetLocaleInfoA
IsValidCodePage
VirtualAlloc
TerminateThread
GetCurrentThreadId
GetThreadContext
GetThreadSelectorEntry
ResumeThread
HeapFree
GetStringTypeA
GetStringTypeW
RtlUnwind
LCMapStringA
LCMapStringW

oleaut32

SysFreeString
SystemTimeToVariantTime
VariantTimeToDosDateTime
SysStringLen
SysAllocString

shell32

ShellExecuteExA
ExtractIconExA

user32

SetWindowLongA
DestroyWindow
MessageBoxA
DrawIconEx
EnableWindow
CheckDlgButton
GetSysColor
IsDlgButtonChecked
LoadIconA
DrawFocusRect
SetWindowTextW
GetWindow
LoadCursorA
DestroyIcon
GetWindowPlacement
IsIconic
wsprintfW
LoadStringW
GetWindowThreadProcessId
EnumWindows
CharPrevA
CallWindowProcA
CallWindowProcW
IsWindowUnicode
SystemParametersInfoA
GetClientRect
SendDlgItemMessageA
SetFocus
EndDialog
GetDlgItem
ShowWindow
SetCursor
InvalidateRect
DialogBoxParamW
DialogBoxParamA
CreateDialogParamW
CreateDialogParamA
SetWindowTextA
GetDC
MapWindowPoints
GetSysColorBrush
FillRect
ReleaseDC
GetSystemMetrics
SetForegroundWindow
GetWindowLongA
GetWindowRect
SetWindowPos
RegisterClassExA
CreateWindowExA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PostQuitMessage
DefWindowProcA
KillTimer
wsprintfA
SendMessageA
PostMessageA
SetScrollInfo
GetScrollInfo
SetDlgItemTextA
SetTimer

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW

wininet

InternetSetOptionA
InternetWriteFile
HttpSendRequestExA
InternetCanonicalizeUrlA
InternetReadFileExA
HttpEndRequestA
InternetOpenA
InternetSetStatusCallback
InternetAutodial
InternetGetConnectedState
InternetQueryOptionA
HttpQueryInfoA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb56ff0b12ba8fed58c88a68553edb5e

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

oleaut32

shell32

user32

version

wininet

Sections

.text Size: 140KB - Virtual size: 138KB

.data Size: 4KB - Virtual size: 30KB

.rsrc Size: 72KB - Virtual size: 72KB

.text
Size: 140KB - Virtual size: 138KB

.data
Size: 4KB - Virtual size: 30KB

.rsrc
Size: 72KB - Virtual size: 72KB