78303591f42576068e313e8b5d0aaa07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

78303591f42576068e313e8b5d0aaa07_JaffaCakes118
Size

360KB
MD5

78303591f42576068e313e8b5d0aaa07
SHA1

13e64c8d27cfe8bc3cb4551c9f3467a4143e1e1b
SHA256

6bbd28437b687e61c1c83550527d07112fe5173457d77efe1a73d9ed55cd38b5
SHA512

d96f01ce264cc50168fcbec9c3158328203fc33daf3e8b6641b7a5e113910d2630c3957e10764d01f0b96f5f7c124bdd21683a2357962b84f307497d774a7d62
SSDEEP

6144:jIHLY3cjShxFma6aGFHiUDKTMEEiRcjfvNfe3IAyTdGa7:krYxhxbvGFHiUeRMFfm1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78303591f42576068e313e8b5d0aaa07_JaffaCakes118

Files

78303591f42576068e313e8b5d0aaa07_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f42196ecba04b112119717cbf6621b44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenA
InternetReadFile
InternetCloseHandle
InternetGetConnectedState
InternetConnectA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

rasapi32

RasGetEntryDialParamsA
RasSetEntryDialParamsA
RasDeleteEntryA
RasHangUpA
RasGetErrorStringA
RasSetEntryPropertiesA
RasEnumConnectionsA
RasGetConnectStatusA
RasEnumDevicesA
RasGetEntryPropertiesA
RasEnumEntriesA
RasDialA
RasEditPhonebookEntryA

kernel32

GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
TerminateProcess
OpenProcess
GetTempPathA
MultiByteToWideChar
lstrcpyA
Sleep
WinExec
lstrlenW
lstrlenA
GetShortPathNameA
GetModuleFileNameA
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
SetEvent
InterlockedDecrement
CloseHandle
WaitForSingleObject
CreateThread
CreateEventA
GetUserDefaultLCID
GetCurrentThreadId
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
GetProcAddress
LoadLibraryA
lstrcatA
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
GetCommandLineA
SetThreadLocale
LockResource
FindResourceExA
VirtualAlloc
VirtualFree
HeapCreate
HeapSize
GetCurrentProcess
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
RaiseException
ExitProcess
GetVersion
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
HeapAlloc
HeapFree
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
IsBadCodePtr
GetStdHandle
GetFileType
WriteFile
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
DeleteFileA
ReadFile
CreateFileA
InterlockedIncrement
SetEndOfFile

user32

KillTimer
GetParent
SendMessageA
SetWindowTextA
LoadAcceleratorsA
GetWindowRect
SetTimer
ScreenToClient
GetClientRect
RegisterWindowMessageA
PeekMessageA
LoadIconA
LoadBitmapA
SetFocus
GetFocus
SetWindowLongA
GetWindowLongA
IsWindowVisible
LoadCursorA
SetCursor
DestroyMenu
GetSubMenu
CheckMenuItem
BeginPaint
EndPaint
GetMenu
DrawMenuBar
GetMessageA
DispatchMessageA
PostThreadMessageA
CharNextA
IsIconic
ShowWindow
LoadImageA
MessageBoxA
EnumWindows
GetWindowThreadProcessId
GetDlgItem
CreateDialogParamA
DestroyWindow
TranslateMessage
IsDialogMessageA
TranslateAcceleratorA
GetMenuState
EnableMenuItem
ModifyMenuA
GetMenuItemID
GetWindowTextA
MoveWindow

gdi32

CreateCompatibleDC
SelectObject
GetObjectA
DeleteObject
StretchBlt
DeleteDC

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA
RegEnumKeyA
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA

shell32

SHChangeNotify
ShellExecuteA

ole32

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoRegisterClassObject
CoRevokeClassObject

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
RegisterTypeLi
LoadRegTypeLi
SysStringLen
VarUI4FromStr

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f42196ecba04b112119717cbf6621b44

Headers

File Characteristics

Imports

wininet

version

rasapi32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 28KB

.rsrc Size: 160KB - Virtual size: 159KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 28KB

.rsrc
Size: 160KB - Virtual size: 159KB