8213271ed6f127291af46cc07ab7a7f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8213271ed6f127291af46cc07ab7a7f1_JaffaCakes118
Size

576KB
MD5

8213271ed6f127291af46cc07ab7a7f1
SHA1

a61f5a359cf38c2b3b68acf252e8dcb6521fdba3
SHA256

4f93d57e6086f726bb5ef75e714e4ef2fa4e28852fc20a91cec7e8f53c46594d
SHA512

ac3a6b023627f7467bcb1fac06c2c0321b4db8a885e78dc468e6bb76ba0a94671c0ce462054820cd767a92012babe5cf9ebf11111499e51d54aed4401163a534
SSDEEP

12288:lIplOkokgkqdfsu6WaXFnMc0IHlP9c35BJ4Mk4ob/UuesLP:lIjp0EXW659sk4o1esL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8213271ed6f127291af46cc07ab7a7f1_JaffaCakes118

Files

8213271ed6f127291af46cc07ab7a7f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5537bb31a09ee052a986bfefc2e53bc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextA

comctl32

InitMUILanguage
ImageList_LoadImage
InitCommonControlsEx
CreateToolbar
CreateStatusWindowA
ImageList_BeginDrag
DrawInsert
CreateStatusWindow
ImageList_SetOverlayImage
ImageList_GetIconSize
ImageList_DragMove

shell32

RealShellExecuteExA
ExtractIconA
RealShellExecuteA

kernel32

ContinueDebugEvent
GetStringTypeW
CreateMutexA
UnhandledExceptionFilter
FormatMessageA
HeapAlloc
WriteProfileStringA
SetConsoleCP
CreateDirectoryA
DeleteCriticalSection
EnumResourceNamesA
lstrcpy
GetACP
SetFileTime
IsValidLocale
GlobalLock
WriteConsoleW
GetSystemTimeAdjustment
WriteConsoleA
WriteConsoleOutputCharacterW
GetCommandLineW
FindAtomA
IsBadWritePtr
CompareStringW
TerminateProcess
GetCurrentThread
GetEnvironmentVariableW
FlushFileBuffers
WideCharToMultiByte
GetCPInfo
GetCurrentThreadId
GetTimeFormatA
RtlMoveMemory
WriteConsoleInputW
LCMapStringA
SetPriorityClass
ReadFile
GetEnvironmentStrings
GetConsoleCP
RtlUnwind
GlobalFree
CreateFileA
WriteFile
GetDateFormatA
HeapDestroy
GetProfileIntA
GetLocaleInfoA
MoveFileA
EnterCriticalSection
GetTempPathW
GetModuleHandleA
FreeEnvironmentStringsW
GetLastError
InterlockedExchange
InterlockedExchangeAdd
EnumSystemLocalesA
GetModuleHandleW
HeapReAlloc
SetLastError
LCMapStringW
SetHandleCount
MoveFileExA
InitializeCriticalSectionAndSpinCount
LockResource
CompareStringA
GetTickCount
QueryPerformanceCounter
FileTimeToSystemTime
VirtualFree
OpenMutexA
GetLongPathNameW
AddAtomA
GetCurrentProcessId
GetStringTypeA
ReadConsoleOutputCharacterA
SetFilePointer
SetConsoleCtrlHandler
GetTimeZoneInformation
VirtualQuery
HeapSize
GetCurrentProcess
TlsSetValue
SetEnvironmentVariableA
TlsAlloc
InterlockedIncrement
GetProcAddress
GetFileType
GetLocaleInfoW
WriteConsoleOutputCharacterA
GetConsoleMode
CreateToolhelp32Snapshot
FillConsoleOutputAttribute
Sleep
CloseHandle
GetCommandLineA
GetOEMCP
GetConsoleTitleW
SetStdHandle
SetUnhandledExceptionFilter
GetStartupInfoW
GetCompressedFileSizeA
VirtualAlloc
ExitProcess
IsDebuggerPresent
GetUserDefaultLCID
MultiByteToWideChar
GetFileTime
GlobalSize
GetStartupInfoA
GetStdHandle
lstrcmpA
GetVersionExW
LoadLibraryA
GetModuleFileNameW
FreeLibrary
GetEnvironmentStringsW
CopyFileExA
LeaveCriticalSection
HeapFree
InterlockedDecrement
TlsGetValue
TlsFree
IsValidCodePage
lstrlen
CommConfigDialogA
VirtualAllocEx
VirtualFreeEx
SetEnvironmentVariableW
FreeLibraryAndExitThread
GetSystemTimeAsFileTime
WritePrivateProfileSectionW
GetConsoleOutputCP
GetModuleFileNameA
HeapCreate

user32

SetThreadDesktop
EmptyClipboard
GetLastActivePopup
DlgDirListA
IsCharLowerA
DdeQueryConvInfo
BeginDeferWindowPos
EnableMenuItem
LoadCursorA
EndMenu
LoadStringA
MessageBoxW
DefMDIChildProcA
PostThreadMessageA
DrawMenuBar
CallMsgFilterA
GetFocus
ReplyMessage
GetMenuState
GetCursorInfo
SetSystemCursor
BeginPaint
IsCharUpperW
SwapMouseButton
GetMessageTime
GetSystemMenu
DefWindowProcW
TranslateAcceleratorW
GetUpdateRgn
GetClassNameA
ScrollWindowEx
GetKeyState
InsertMenuW
SwitchDesktop
DdeDisconnect
RegisterClassExA
FlashWindowEx
GetAncestor
SetWindowTextA
ScrollWindow
SetCursorPos
SetLastErrorEx
CharUpperW
DestroyWindow
EndPaint
ShowWindow
SendInput
SetMenuItemInfoA
CharToOemBuffW
DdeCreateStringHandleW
LoadImageW
GetMenuStringW
CheckMenuItem
FreeDDElParam
UnhookWindowsHook
GetScrollInfo
RealChildWindowFromPoint
SetParent
CreateWindowExA
InsertMenuItemW
GetTabbedTextExtentW
RegisterClassA

wininet

SetUrlCacheEntryInfoA
InternetTimeFromSystemTimeA
InternetQueryOptionW
InternetLockRequestFile
InternetConnectA

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5537bb31a09ee052a986bfefc2e53bc6

Headers

File Characteristics

Imports

comdlg32

comctl32

shell32

kernel32

user32

wininet

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 116KB - Virtual size: 135KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 116KB - Virtual size: 135KB

.rsrc
Size: 28KB - Virtual size: 25KB