82eda9ab349b7384afbb868ae1589120_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

82eda9ab349b7384afbb868ae1589120_JaffaCakes118
Size

612KB
MD5

82eda9ab349b7384afbb868ae1589120
SHA1

f927534ee697dfdce00cdfea39175186527f199e
SHA256

4aa3fd9384bdb72a19e6e2202fb17366d243770aff75a5363fb553c2b942fade
SHA512

8ae9bb1b7eeca2bf76f0ed3a9880747a5afb9cc8fd12ebe8654a1dc8334b1675fcc229b3439befc66ea97afe42592a440aa676737adcb641c6d92e3c0ca10993
SSDEEP

12288:b8kVIHmT1OKjgXPTl69UIOmoMvFlBIRVKVbu:Q0IGoWWl6qmbiVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82eda9ab349b7384afbb868ae1589120_JaffaCakes118

Files

82eda9ab349b7384afbb868ae1589120_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3905d0426932f05b62d689c8a9d2ddd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\vctktlky.pdb

Imports

wininet

InternetShowSecurityInfoByURLW
GetUrlCacheEntryInfoW
InternetLockRequestFile
FindNextUrlCacheEntryA
InternetGetConnectedState
FtpRenameFileA
FtpGetFileSize

shell32

DuplicateIcon

comctl32

ImageList_GetDragImage
ImageList_EndDrag
ImageList_SetOverlayImage
ImageList_ReplaceIcon
ImageList_Write
CreateToolbar
InitCommonControlsEx
ImageList_SetFilter
DestroyPropertySheetPage
ImageList_GetImageCount
CreateStatusWindowW
CreateUpDownControl

user32

ChangeDisplaySettingsExA
SetCapture
DefWindowProcA
ClipCursor
ToAscii
SetKeyboardState
CloseWindowStation
LoadStringA
MessageBoxA
DrawTextExA
DlgDirSelectExA
FindWindowExA
EnumThreadWindows
UnregisterClassA
EmptyClipboard
CharPrevW
GetCaretBlinkTime
OpenIcon
InsertMenuItemW
GetMessageTime
CallMsgFilterW
GetMessageW
PostQuitMessage
InvalidateRect
SetPropW
AnimateWindow
OemToCharBuffA
GetDialogBaseUnits
DestroyWindow
CheckMenuItem
WINNLSGetEnableStatus
AdjustWindowRectEx
GetKeyboardLayoutList
AttachThreadInput
EnumDesktopsA
SetWindowLongW
DragObject
RegisterClassA
GetKeyState
GetNextDlgTabItem
DdeFreeStringHandle
IsCharUpperA
CreateWindowExW
FindWindowW
GetCapture
EndMenu
GetWindowTextA
SendMessageTimeoutA
EnumDisplaySettingsExA
SetCursor
UnregisterHotKey
GetGUIThreadInfo
SetProcessWindowStation
RegisterClassExA
ScrollWindowEx
HideCaret
ModifyMenuA
FillRect
ShowWindow
DdeClientTransaction
GetMonitorInfoW
DeleteMenu
TabbedTextOutA
GetMenuContextHelpId
EqualRect
CallMsgFilter
GetKBCodePage
GetMenuItemID

advapi32

RegQueryValueExW
CryptCreateHash
CreateServiceW
RegConnectRegistryW
CryptDecrypt
CryptEncrypt
CryptEnumProviderTypesA
CryptSetHashParam
ReportEventA
CryptExportKey
CryptSetProvParam
LookupAccountNameA

comdlg32

FindTextA

kernel32

SetConsoleScreenBufferSize
WriteConsoleOutputW
LCMapStringW
CloseHandle
GetCurrentProcess
GetCommandLineA
GetFileType
CreateMailslotW
WriteFile
HeapReAlloc
WriteConsoleA
GetVersion
WritePrivateProfileStringA
Sleep
GetLocaleInfoA
LocalFree
GetDateFormatA
GetConsoleOutputCP
lstrlenW
CompareStringW
InitializeCriticalSection
TlsFree
lstrcmpiA
CreateProcessW
VirtualAllocEx
GetCPInfo
GetStringTypeA
lstrcpyA
GetModuleHandleA
GlobalLock
CreateFileA
GetProcAddress
InterlockedDecrement
ExitProcess
lstrcatW
GetTimeFormatA
GetStdHandle
GetProcessAffinityMask
SetUnhandledExceptionFilter
TlsAlloc
HeapFree
DebugBreak
InterlockedExchange
HeapCreate
ReadFile
GetLocaleInfoW
GetACP
GetConsoleMode
SetHandleCount
HeapDestroy
CreateDirectoryExW
WideCharToMultiByte
ReadConsoleInputW
LocalCompact
ResumeThread
FreeLibrary
EnumSystemLocalesA
GetEnvironmentStringsW
SetCurrentDirectoryW
IsValidLocale
GetCurrentThreadId
GetProcessHeap
TlsSetValue
LeaveCriticalSection
GetCurrentProcessId
LoadLibraryA
GetNamedPipeHandleStateW
GetStartupInfoA
OpenMutexA
GetEnvironmentVariableA
GetOEMCP
CompareStringA
GetAtomNameA
GetSystemTimeAsFileTime
WriteConsoleW
GetDriveTypeW
SetWaitableTimer
GetUserDefaultLCID
GetVolumeInformationA
WritePrivateProfileStringW
IsValidCodePage
CreateSemaphoreA
RtlUnwind
SetThreadLocale
TerminateProcess
MultiByteToWideChar
GetConsoleCP
QueryPerformanceCounter
FreeEnvironmentStringsW
DeleteCriticalSection
TlsGetValue
GetWindowsDirectoryA
FlushFileBuffers
OpenSemaphoreA
VirtualQuery
CopyFileExA
HeapSize
GetPrivateProfileSectionA
IsBadReadPtr
GetExitCodeThread
FreeEnvironmentStringsA
InterlockedIncrement
GetTickCount
CreateMutexA
GetStringTypeW
VirtualAlloc
SetStdHandle
LoadLibraryW
GetPrivateProfileIntW
GetTimeZoneInformation
GetVersionExA
ReadConsoleInputA
EnterCriticalSection
FreeLibraryAndExitThread
UnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
GetModuleFileNameA
GetSystemDirectoryA
GetPrivateProfileStructA
SetLastError
GetEnvironmentStrings
WriteProfileStringW
lstrlen
SetEnvironmentVariableA
HeapAlloc
SetConsoleOutputCP
SetFilePointer
GetCurrentThread
GlobalFindAtomW
GetCommandLineW
GetDiskFreeSpaceA
VirtualFree
LCMapStringA
GetLastError

Sections

.text
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3905d0426932f05b62d689c8a9d2ddd

Headers

File Characteristics

PDB Paths

Imports

wininet

shell32

comctl32

user32

advapi32

comdlg32

kernel32

Sections

.text Size: 204KB - Virtual size: 202KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 112KB - Virtual size: 125KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 204KB - Virtual size: 202KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 112KB - Virtual size: 125KB

.rsrc
Size: 28KB - Virtual size: 26KB