82eaec9d77a16699eace6ec53f34ccb2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82eaec9d77a16699eace6ec53f34ccb2_JaffaCakes118
Size

420KB
MD5

82eaec9d77a16699eace6ec53f34ccb2
SHA1

6bcea53fc4f125d593ab902857dd49fd908c511e
SHA256

35c43c9268335e152421f8a91c62093ed379208f62fb41293314f2f6433e5190
SHA512

51109e72641f4191bc65125b3e9a112194fd258041c009b79c9eda4133ab258a4500b7b9c6ead564d02d8e089f4168daffed7ffab0150b1811730966c5cd7021
SSDEEP

12288:ws4Iu5o3hkLhyDK/5O1+9uyjwjnml2+Lv:wF/ESdn5O14nwqlLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82eaec9d77a16699eace6ec53f34ccb2_JaffaCakes118

Files

82eaec9d77a16699eace6ec53f34ccb2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f0ad4fe551219cd92e9cf959937ed7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\adtqopxo\di

Imports

shell32

ExtractAssociatedIconExA
SheGetDirA

wininet

InternetShowSecurityInfoByURL
HttpQueryInfoA
InternetAlgIdToStringA
HttpQueryInfoW
InternetGetConnectedStateEx
InternetAttemptConnect
CommitUrlCacheEntryA
GopherCreateLocatorW
DeleteUrlCacheContainerW

kernel32

GetModuleFileNameA
GetCurrentThread
HeapLock
GetDateFormatA
GetEnvironmentStringsW
GetProcAddress
GetTimeFormatA
GetLocaleInfoW
SetComputerNameA
LocalShrink
LCMapStringW
GetEnvironmentStringsA
SetEnvironmentVariableA
GetFileType
GetSystemInfo
FindAtomW
CreateProcessA
GetCPInfo
GetStringTypeW
DeleteCriticalSection
GetACP
UnmapViewOfFile
InitializeCriticalSection
LeaveCriticalSection
GlobalAddAtomW
GetTimeZoneInformation
SetFilePointer
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentProcess
GetStdHandle
EnterCriticalSection
RemoveDirectoryW
IsBadWritePtr
GetLocaleInfoA
MultiByteToWideChar
HeapFree
InterlockedIncrement
VirtualFree
GetUserDefaultLCID
GetNamedPipeHandleStateA
GetVersionExA
FindResourceExW
GetProcAddress
GetTickCount
WideCharToMultiByte
TlsFree
InterlockedExchange
GetCurrentThreadId
ReleaseSemaphore
FindNextChangeNotification
RemoveDirectoryA
GetCommandLineA
HeapSize
WriteConsoleW
ExitProcess
GetStartupInfoA
LocalFileTimeToFileTime
EnumSystemLocalesA
VirtualQuery
VirtualAlloc
GetCurrentProcessId
IsValidCodePage
WriteFile
SetHandleCount
EnumResourceLanguagesA
LCMapStringA
VirtualProtect
GlobalUnfix
HeapDestroy
FreeEnvironmentStringsW
FlushFileBuffers
GetModuleHandleA
ExitThread
TerminateProcess
CreateNamedPipeA
TlsSetValue
GetVolumeInformationW
ReadConsoleOutputCharacterA
GetEnvironmentStrings
CreateEventA
CompareStringW
CopyFileA
LoadLibraryA
SetConsoleWindowInfo
TlsAlloc
GetProcessAffinityMask
GlobalFree
UnhandledExceptionFilter
GetNamedPipeInfo
RtlUnwind
ReadFile
GetLogicalDrives
CreateMutexA
TlsGetValue
WaitForSingleObjectEx
GetLastError
SetLastError
IsValidLocale
GetNamedPipeHandleStateW
QueryPerformanceCounter
GetStringTypeA
HeapReAlloc
SetStdHandle
HeapCreate
FormatMessageA
CloseHandle
CompareStringA
FreeEnvironmentStringsA
GetOEMCP
OpenMutexA

advapi32

CryptGenKey
LookupPrivilegeNameW
LookupAccountNameA
CryptSignHashA

comdlg32

GetFileTitleW
ChooseColorW
ChooseFontW

user32

GetMenuItemID
ScreenToClient
LoadIconW
DlgDirListW
GetTabbedTextExtentW
GetParent
RegisterClassA
DestroyWindow
SetDlgItemTextA
DdeQueryConvInfo
GetClassInfoW
MessageBoxExA
OemToCharBuffW
GetWindowTextW
LookupIconIdFromDirectoryEx
CreateWindowStationA
DispatchMessageW
MsgWaitForMultipleObjectsEx
SendMessageTimeoutA
GetUpdateRgn
DefDlgProcW
SetUserObjectInformationW
GetQueueStatus
MsgWaitForMultipleObjects
GetScrollInfo
SetWindowTextA
RegisterClipboardFormatA
DragObject
DrawEdge
SendDlgItemMessageA
MessageBoxW
GetWindowModuleFileNameA
SendMessageW
CreateWindowExA
OpenWindowStationA
CharPrevExA
RegisterClassExA
SwitchDesktop
IsCharUpperA
SetUserObjectInformationA
SetMenuItemBitmaps
EnumThreadWindows
SetWinEventHook
GetIconInfo
DdeGetLastError
RegisterClassW
OpenInputDesktop
TrackPopupMenuEx
GetWindowLongA
DefWindowProcW
GetClassNameW
LoadAcceleratorsW
MessageBoxA
GetAsyncKeyState
SetPropA
SetWindowsHookExW
GetClassLongA
DestroyCaret
SetRect
FindWindowExW
IsWindowUnicode
GetScrollPos
GetMenuContextHelpId
CreateWindowExW
MenuItemFromPoint
ChangeMenuA
GetGUIThreadInfo
SetWindowsHookA
GetTopWindow
MapVirtualKeyExW
TabbedTextOutW
DrawIconEx
ReplyMessage
IsWindowVisible
EndPaint
TranslateAcceleratorW
UnhookWindowsHookEx
BroadcastSystemMessageW
EnumWindowStationsA
GetMenuDefaultItem
DrawStateA
wsprintfW
MapVirtualKeyA
PackDDElParam
CreateIconFromResourceEx
GetDlgCtrlID
GetKeyboardLayoutNameW
IsDlgButtonChecked
CreateCaret
DlgDirListA
DrawTextExW
CreateDialogIndirectParamW
EnumWindows
RegisterClassExW
CreateDialogParamW
ShowWindow
GetClipboardData
GetClassInfoA

comctl32

ImageList_Write
InitCommonControlsEx

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f0ad4fe551219cd92e9cf959937ed7d

Headers

File Characteristics

PDB Paths

Imports

shell32

wininet

kernel32

advapi32

comdlg32

user32

comctl32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 92KB - Virtual size: 91KB

.data Size: 96KB - Virtual size: 121KB

.rsrc Size: 88KB - Virtual size: 86KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 92KB - Virtual size: 91KB

.data
Size: 96KB - Virtual size: 121KB

.rsrc
Size: 88KB - Virtual size: 86KB