8680f67c01b0e0054d9d0007e84190d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8680f67c01b0e0054d9d0007e84190d5_JaffaCakes118
Size

564KB
MD5

8680f67c01b0e0054d9d0007e84190d5
SHA1

70368719c57474f6c6fe362830638bd068a10517
SHA256

28083da704d73d6e8694a7976d73c93aa8ad2b5860d8624bbbda1860bda25620
SHA512

5b579fd9959858c08a09d73157a1289ae4946297a6e39e8963235ac778f23401bd2cc052007c595c9fae00d45d5525245efb2ef75a79c7a2d92be136f3265179
SSDEEP

12288:zVCqkTzG+Y+X6qy53hVP5v0xiYrMfeIJAS5s7ahT1qwGISH:zVCbTFY+n87Z2pq7ASQaF1qR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8680f67c01b0e0054d9d0007e84190d5_JaffaCakes118

Files

8680f67c01b0e0054d9d0007e84190d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

60af24a513ede7b2f9c9a1b31b4c1e37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderA

gdi32

GetCharacterPlacementW
GetTextExtentExPointA
CopyMetaFileA
AngleArc
GetTextExtentExPointW
SetLayout
CreateDCW
GetTextMetricsW
GetCharacterPlacementA
PatBlt
GdiPlayJournal
SetMetaRgn
SetPaletteEntries
GetBkColor
CreateDIBitmap
GetTextColor
UpdateColors
GetLogColorSpaceW
GetWindowOrgEx
SetPixel
ColorCorrectPalette
EndDoc
GetWorldTransform
CreatePalette

advapi32

CryptExportKey
InitiateSystemShutdownA
CryptSignHashW
ReportEventA

wininet

SetUrlCacheEntryInfoA
GopherCreateLocatorA
InternetTimeFromSystemTime
UnlockUrlCacheEntryStream
HttpAddRequestHeadersW
InternetQueryFortezzaStatus
GopherOpenFileW
InternetGoOnlineW

kernel32

CompareStringA
CompareStringW
FreeResource
GetTimeZoneInformation
FlushFileBuffers
GetEnvironmentStrings
GetModuleFileNameA
FileTimeToDosDateTime
LoadLibraryA
GetStringTypeW
GlobalCompact
EnumResourceLanguagesA
LeaveCriticalSection
CreateSemaphoreA
SetConsoleMode
OpenEventA
SetUnhandledExceptionFilter
HeapFree
IsBadWritePtr
GetNumberFormatA
GetCPInfo
GetSystemDirectoryA
GetSystemTime
GetFileAttributesA
GetCurrentProcessId
CreateFileW
GetConsoleTitleA
FindNextFileW
HeapReAlloc
FindNextFileA
GetUserDefaultLCID
IsValidLocale
CopyFileExA
EnterCriticalSection
OpenEventW
SetEnvironmentVariableA
LCMapStringW
GetProcAddress
GetSystemDirectoryW
GetModuleHandleA
GetSystemTimeAsFileTime
MultiByteToWideChar
SetStdHandle
IsValidCodePage
TerminateProcess
OutputDebugStringW
VirtualProtect
GetCurrentProcess
ExitProcess
TerminateThread
GetStdHandle
CommConfigDialogW
InitializeCriticalSection
EnumSystemLocalesA
GlobalDeleteAtom
TransactNamedPipe
GetLocaleInfoA
VirtualAlloc
GetVersionExA
SetCurrentDirectoryA
FreeEnvironmentStringsA
VirtualQueryEx
GetCurrentDirectoryA
GetDateFormatA
WriteFile
SetConsoleActiveScreenBuffer
FindFirstFileA
VirtualFree
GetComputerNameW
GetEnvironmentStringsW
GetCurrentThread
ReadConsoleOutputAttribute
CreateEventW
WritePrivateProfileSectionA
DeleteFiber
GetStartupInfoA
UnhandledExceptionFilter
FreeEnvironmentStringsW
RtlUnwind
QueryPerformanceCounter
TryEnterCriticalSection
GetLastError
ReadConsoleOutputW
VirtualProtectEx
SetHandleCount
HeapSize
UnmapViewOfFile
SetConsoleTitleW
LCMapStringA
GetACP
GetCalendarInfoW
DeleteCriticalSection
GetCommandLineA
GetTickCount
GetTimeFormatA
GetLocaleInfoW
InterlockedExchange
GetPrivateProfileStringW
EnumResourceLanguagesW
ExpandEnvironmentStringsW
OpenWaitableTimerW
GetPriorityClass
SetFilePointer
OpenMutexA
WritePrivateProfileStringA
GetCompressedFileSizeA
ReadFile
SetSystemTime
GetConsoleCP
TlsFree
GetWindowsDirectoryW
SystemTimeToFileTime
TlsGetValue
GetSystemInfo
SetLastError
GetAtomNameW
GetCurrentThreadId
TlsSetValue
WideCharToMultiByte
HeapCreate
GetEnvironmentVariableA
DeleteAtom
VirtualQuery
GetThreadPriorityBoost
HeapAlloc
GetPrivateProfileSectionA
HeapDestroy
CreateMutexA
GetFileType
CloseHandle
LocalFree
PulseEvent
GetOEMCP
TlsAlloc
GetStringTypeA
SetVolumeLabelA

comctl32

ImageList_Merge
ImageList_GetBkColor
ImageList_DragEnter
CreateStatusWindow
CreateStatusWindowW
ImageList_Remove
ImageList_GetIcon
ImageList_DragShowNolock
ImageList_SetDragCursorImage
DrawStatusTextA
ImageList_AddMasked
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetBkColor
ImageList_Copy
ImageList_SetFlags
ImageList_GetImageCount
ImageList_Destroy
ImageList_Draw
DrawStatusTextW
ImageList_DragMove
ImageList_Replace
InitCommonControlsEx
ImageList_DrawEx
ImageList_GetImageRect

user32

FlashWindow
GetDlgItemTextW
GetClassWord
ModifyMenuW
CharNextW
DdeQueryStringA
RegisterClassA
SetMenuInfo
RegisterHotKey
SetUserObjectInformationA
RegisterClassExA
SetClassLongA
ImpersonateDdeClientWindow
SetWindowWord
InvalidateRgn
CreateDialogParamA
ToUnicodeEx
LoadMenuIndirectA
GetMessagePos
MessageBoxExW
BroadcastSystemMessageA
DefWindowProcW
SetMenuItemInfoW
RegisterWindowMessageA
CharUpperA
DdePostAdvise
UnionRect
GetKeyState
GetMonitorInfoW
GetAsyncKeyState
UnregisterHotKey
RegisterClassW
GetWindowLongW
DialogBoxParamW
TranslateMessage
ShowWindow
CreateWindowExW
CharToOemBuffW
CreateWindowStationW
GetSubMenu
GetKeyNameTextA
ToAscii
DlgDirSelectExW
OemToCharA
DestroyWindow
MessageBoxW
DdeFreeDataHandle
ScrollWindow
EnumWindowStationsW

Sections

.text
Size: 160KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60af24a513ede7b2f9c9a1b31b4c1e37

Headers

File Characteristics

Imports

shell32

gdi32

advapi32

wininet

kernel32

comctl32

user32

Sections

.text Size: 160KB - Virtual size: 156KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 130KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 160KB - Virtual size: 156KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 130KB

.rsrc
Size: 32KB - Virtual size: 30KB