7919606a18fb16264774bac1c9fff29c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7919606a18fb16264774bac1c9fff29c_JaffaCakes118
Size

760KB
MD5

7919606a18fb16264774bac1c9fff29c
SHA1

88e509f985cf7ba3eac8987c729de8f25492d4dd
SHA256

51dfc6fbe9bcea3f5092ade9551c258a0888bb0d1345b371a1a9823be0e69b66
SHA512

eed45f1b3bf4b384e45cb4da7ad65980fe63d013172ee36b3e9b3af33a95cfac7f6ce7e99a768e8ecd48e2c76545cf3ef18c142eb07efda4dbf21a95f7818e9b
SSDEEP

12288:+yH5zOcsQYheQMYm99/bX+ScFkNDSw4V/scbQV6CNpgn0VF30HGMXP2RMzlFMI9c:+yH5zOcs/hjM19/z+SPBSwChs3g0VF3P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7919606a18fb16264774bac1c9fff29c_JaffaCakes118

Files

7919606a18fb16264774bac1c9fff29c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0e866e2b29085a014be03eb5cedca94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\abiips\xweke\alkn

Imports

wininet

InternetReadFile
InternetOpenA
InternetConnectA
InternetCanonicalizeUrlA
InternetQueryDataAvailable
HttpOpenRequestA
HttpEndRequestA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

user32

ValidateRect
LoadStringA
MessageBoxA
CreateDialogIndirectParamA
UpdateWindow
WindowFromPoint
GetClassNameA
TranslateAcceleratorA
PostThreadMessageA
ScreenToClient
IsMenu
RegisterClassExA
RemoveMenu
DestroyWindow
ShowWindow
GetSubMenu
SystemParametersInfoA
RedrawWindow
SetCapture
ClientToScreen
DefWindowProcA
CallNextHookEx
GetDC
PeekMessageA
MoveWindow
GetMessageTime
CheckMenuItem
RegisterClassA
SendMessageA
LoadBitmapA
GetWindowLongA
GetClientRect
GetWindowThreadProcessId
SetWindowsHookExA
TrackPopupMenu
DestroyCursor
GetMenuCheckMarkDimensions
CheckRadioButton
LoadIconA
GetNextDlgTabItem
UnhookWindowsHookEx
ReleaseCapture
FillRect
IntersectRect
ShowCaret
SetForegroundWindow
RegisterWindowMessageA
GetCursorPos
EndPaint
InvalidateRect
GetSystemMetrics
GetMessageA
SetMenuDefaultItem
DestroyMenu
BeginPaint
GrayStringA
InflateRect
CreateWindowExA
SetFocus
InsertMenuA
PtInRect

advapi32

CloseServiceHandle
RegQueryValueExA
RegOpenKeyA
RegEnumKeyExA
GetUserNameA
LookupPrivilegeValueA
CreateServiceA
RegSetValueExA
RegDeleteValueA
ControlService
SetSecurityDescriptorDacl
RegQueryInfoKeyA
RegOpenKeyExA
DeleteService
FreeSid
GetTokenInformation
RegCloseKey
RegEnumKeyA
OpenSCManagerA
OpenThreadToken
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
AllocateAndInitializeSid
OpenProcessToken
RegCreateKeyExA
InitializeSecurityDescriptor

kernel32

Sleep
GetCPInfo
GetConsoleOutputCP
GetStringTypeW
GetCurrentProcessId
VirtualAlloc
GetConsoleCP
GetTimeZoneInformation
TlsAlloc
SetStdHandle
LCMapStringW
InterlockedIncrement
SetFilePointer
CreateFileA
GetFileType
RaiseException
SetEnvironmentVariableA
WriteConsoleW
InitializeCriticalSection
TlsFree
GetLastError
TlsGetValue
VirtualQuery
GetCurrentProcess
GetModuleHandleA
WriteConsoleA
FreeEnvironmentStringsW
FatalAppExitA
InterlockedExchange
HeapFree
GetStartupInfoA
GetProcessHeap
FlushFileBuffers
CloseHandle
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
RtlUnwind
GetVersionExA
GetDateFormatA
GetLocaleInfoA
InterlockedDecrement
QueryPerformanceCounter
HeapSize
IsValidCodePage
ExitProcess
GetUserDefaultLCID
HeapAlloc
GetCommandLineA
GetModuleFileNameA
FreeEnvironmentStringsA
WriteFile
SetHandleCount
LCMapStringA
GetEnvironmentStringsW
EnumSystemLocalesA
HeapReAlloc
GetTickCount
UnhandledExceptionFilter
MultiByteToWideChar
GetCurrentThreadId
FreeLibrary
CompareStringW
LoadLibraryA
GetLocaleInfoW
GetOEMCP
VirtualFree
TerminateProcess
GetProcAddress
GetEnvironmentStrings
GetACP
SetConsoleCtrlHandler
GetStdHandle
GetStringTypeA
GetConsoleMode
GetTimeFormatA
HeapCreate
CompareStringA
DeleteCriticalSection
GetCurrentThread
EnterCriticalSection
LeaveCriticalSection
CreateMutexA
SetLastError
TlsSetValue
HeapDestroy
IsValidLocale
WideCharToMultiByte
GetSystemTimeAsFileTime

shlwapi

PathFindExtensionW
PathIsRelativeW
PathFindFileNameW
PathCanonicalizeW

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 460KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0e866e2b29085a014be03eb5cedca94

Headers

File Characteristics

PDB Paths

Imports

wininet

comdlg32

user32

advapi32

kernel32

shlwapi

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 460KB - Virtual size: 456KB

.data Size: 100KB - Virtual size: 98KB

.rsrc Size: 84KB - Virtual size: 80KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 460KB - Virtual size: 456KB

.data
Size: 100KB - Virtual size: 98KB

.rsrc
Size: 84KB - Virtual size: 80KB