83288ff8316a3b4460f618965b64d07b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83288ff8316a3b4460f618965b64d07b_JaffaCakes118
Size

134KB
MD5

83288ff8316a3b4460f618965b64d07b
SHA1

4a346e93a6c60c9f7df8065fef24523e5d101a45
SHA256

22f9d536741440fcafda4774908b2de8c921a065fdd618057365888aee6a75e9
SHA512

eb52fb81dad0b83cce1f86cf499aed4a7c87188a6dcf59ebcf1026807191028dfff22818d3b71e513a4678152bae9ea73190c5250a693c1ae66d1cffb73a6c56
SSDEEP

1536:e/Fj+u1oo24FDMAU+/TduT1NcQUh+ZsrtUU5AoQDwmTcXUf462qdREF9W0Z2qTV6:kFSu4XZ+gTMosjCCUcqdGFmq/tsf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83288ff8316a3b4460f618965b64d07b_JaffaCakes118

Files

83288ff8316a3b4460f618965b64d07b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

36f11d979b8c300389585817effd61bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
GetVolumeInformationA
GetComputerNameA
CopyFileA
TerminateThread
TerminateProcess
ExpandEnvironmentStringsA
EnterCriticalSection
FreeLibrary
FormatMessageA
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
SetLastError
FindClose
FindFirstFileA
DuplicateHandle
GetCurrentProcess
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetProcAddress
GetFullPathNameA
CreateThread
lstrcmpiA
GetModuleFileNameA
GetFileAttributesA
GetFileSize
GetFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
GlobalAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
lstrcmpA
GetCurrentThreadId
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
RaiseException
SetStdHandle
GetFileType
GetTimeZoneInformation
GetACP
HeapSize
HeapReAlloc
ExitProcess
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
PeekNamedPipe
Sleep
LocalAlloc
LocalFree
lstrlenA
CreatePipe
GetStartupInfoA
CreateProcessA
WaitForSingleObject
GetTickCount
GetLastError
ReadFile
GetTempPathA
lstrcpyA
lstrcatA
CreateFileA
WriteFile
CloseHandle
lstrcpynA
GetProcessHeap
HeapAlloc
HeapFree

user32

CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindow
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
DefWindowProcA
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
GetDlgCtrlID
GetWindowTextA
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
EnableMenuItem
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
LoadStringA
CharUpperA
UnhookWindowsHookEx
GetFocus
ReleaseDC
GetDC
GetSystemMetrics
wsprintfA
GetNextDlgTabItem
GetSysColor

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
RestoreDC
SaveDC
GetObjectA
SetBkColor
DeleteDC
GetDIBits
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
GetDeviceCaps
CreateDCA
SetTextColor
GetClipBox
CreateBitmap
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible

shell32

SHGetFolderPathA

comctl32

ord17

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetQueryDataAvailable
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetOpenUrlA
InternetGetLastResponseInfoA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

urlmon

URLDownloadToFileA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36f11d979b8c300389585817effd61bc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

wininet

urlmon

winspool.drv

comdlg32

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 128KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 128KB

.reloc
Size: 13KB - Virtual size: 13KB