86df4e94b85fb13e2fef430866c8dc37_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

86df4e94b85fb13e2fef430866c8dc37_JaffaCakes118
Size

565KB
MD5

86df4e94b85fb13e2fef430866c8dc37
SHA1

2955cbc2dbf635f9b0c3ab35dbab95d19562b13a
SHA256

c89c1d38cea9b5fa00e3ae1f72659987c16aff7a60071d443f5ad16e8adf4ee0
SHA512

a9d90920185fae05039197aeccf791b68a28d4398f279eb591890eef609a8db90b5350e1c6ce5cebefa72969fb842c24903c1ac80d9226ee012121badbc0c0ce
SSDEEP

12288:kg0pI8UW99cxGFbIgGE/lm6lGAJZOhO+ndrAcBQqajvvvvvvvvvvyvavSHpQvwvM:hD8z99cxGFbIgAgG8ZdGBAcYjvvvvvvv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86df4e94b85fb13e2fef430866c8dc37_JaffaCakes118

Files

86df4e94b85fb13e2fef430866c8dc37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ef319f0ec262fd90686cd0d5b961bc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\cepbsc\eeoiofndpr.pdb

Imports

kernel32

GetStringTypeA
GlobalAddAtomW
FindFirstFileW
GetTimeFormatW
OpenMutexA
LocalFileTimeToFileTime
GetEnvironmentStringsW
GetCurrentThreadId
TlsAlloc
GetStringTypeW
lstrlenA
FormatMessageA
SetConsoleTitleA
CommConfigDialogW
WriteFile
DeleteCriticalSection
GetEnvironmentStrings
TlsGetValue
HeapDestroy
VirtualUnlock
GetTickCount
GetCurrentThread
SuspendThread
LCMapStringA
OpenFileMappingW
GetStringTypeExW
TlsSetValue
lstrcmpiA
GetCurrentProcess
SetEnvironmentVariableA
FillConsoleOutputCharacterW
WriteConsoleInputA
VirtualFree
GetModuleFileNameW
InterlockedExchange
GetStartupInfoA
HeapAlloc
SetConsoleWindowInfo
GetExitCodeProcess
GetCurrentDirectoryW
SetThreadContext
HeapReAlloc
SetStdHandle
CompareStringA
WriteProfileStringA
LoadLibraryA
lstrcmpA
ReadFileEx
GetFullPathNameW
RtlZeroMemory
RtlMoveMemory
lstrcpyA
CompareStringW
VirtualQuery
ExpandEnvironmentStringsA
EnterCriticalSection
FindResourceExA
GetVersion
GetCommandLineA
GetSystemTimeAsFileTime
DosDateTimeToFileTime
GetThreadSelectorEntry
FreeEnvironmentStringsA
FreeEnvironmentStringsW
EnumCalendarInfoExA
GetCommandLineW
GetFileType
WideCharToMultiByte
SetTimeZoneInformation
RtlUnwind
lstrcmpi
GetProcessHeap
ExitThread
InterlockedIncrement
WriteConsoleOutputA
GetSystemDirectoryA
GetModuleFileNameA
OpenEventW
HeapFree
LeaveCriticalSection
GetLastError
GetCPInfo
VirtualProtect
PulseEvent
GetSystemTime
IsValidLocale
FlushFileBuffers
MultiByteToWideChar
GetLogicalDriveStringsA
InitializeCriticalSection
ReadFile
GetStartupInfoW
GetEnvironmentStringsA
IsBadWritePtr
GetTempFileNameW
LCMapStringW
TlsFree
InterlockedDecrement
WritePrivateProfileSectionW
QueryPerformanceCounter
CloseHandle
SetFilePointer
CreateFileW
ReadConsoleOutputAttribute
HeapCreate
SetLastError
VirtualAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
GetModuleHandleA
GetProfileIntA
WaitForSingleObjectEx
GetProcAddress
lstrcmpW
CreateMutexA
GetStdHandle
OpenFileMappingA
GetCurrentProcessId
SystemTimeToFileTime
LockResource
EnumResourceTypesA
GetLocalTime
WritePrivateProfileStringA
CreateFileMappingA
ExitProcess
SetThreadLocale
SetHandleCount
CreateMailslotA
TerminateProcess

comctl32

CreatePropertySheetPage
ImageList_SetFlags
ImageList_SetDragCursorImage
ImageList_SetBkColor
ImageList_Copy
GetEffectiveClientRect
ImageList_GetBkColor
CreateStatusWindowW
ImageList_EndDrag
CreateToolbar
InitCommonControlsEx
DrawStatusTextA
DrawInsert
ImageList_DrawIndirect
ImageList_GetIconSize
ImageList_GetImageCount
DrawStatusTextW
ImageList_GetFlags
ImageList_Remove

wininet

InternetGetCertByURLA
GopherCreateLocatorA
FtpGetFileSize
FtpFindFirstFileA
DeleteIE3Cache
GetUrlCacheConfigInfoA
InternetQueryOptionW
GopherGetLocatorTypeW

shell32

DragQueryFileAorW
DragFinish

user32

RemoveMenu
GetKeyboardType
CharUpperA
GetUserObjectInformationW
CreateMDIWindowA
GetSystemMenu
RegisterClassExA
RedrawWindow
CharPrevExA
BroadcastSystemMessageW
MapVirtualKeyA
WindowFromPoint
DdeSetUserHandle
SetWindowPlacement
GetUserObjectSecurity
wvsprintfW
SetWindowLongA
DefWindowProcA
SetRect
CreateAcceleratorTableW
GetTitleBarInfo
DrawStateA
MessageBoxW
EnumDisplaySettingsExA
TranslateMDISysAccel
SetUserObjectInformationA
GetClassInfoExW
AppendMenuW
EditWndProc
CheckMenuRadioItem
AnyPopup
DragDetect
RegisterWindowMessageW
DrawFocusRect
DrawIconEx
CascadeWindows
GetWindowDC
IsDialogMessage
ShowWindow
CreateIconIndirect
IsCharAlphaW
DdeQueryStringW
DestroyWindow
WINNLSEnableIME
CreateAcceleratorTableA
RegisterHotKey
RegisterClassA
GetWindowLongA
BroadcastSystemMessage
AppendMenuA
DefFrameProcW
CreateWindowExW
GetCapture

gdi32

DeleteObject
SetROP2
FillRgn
GdiPlayDCScript
SelectObject
GetNearestPaletteIndex
CreateDCW
GetMiterLimit
GetCurrentObject
EnumFontsW
PolyDraw
DeleteDC
GetNearestColor
CreateDiscardableBitmap
CheckColorsInGamut
GetObjectA
LPtoDP
GetICMProfileW
SetTextAlign
GetDCOrgEx
GetStretchBltMode
EnumMetaFile
GdiGetBatchLimit
GetDeviceCaps

Sections

.text
Size: 150KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ef319f0ec262fd90686cd0d5b961bc5

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

wininet

shell32

user32

gdi32

Sections

.text Size: 150KB - Virtual size: 149KB

.rdata Size: 254KB - Virtual size: 253KB

.data Size: 107KB - Virtual size: 131KB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 150KB - Virtual size: 149KB

.rdata
Size: 254KB - Virtual size: 253KB

.data
Size: 107KB - Virtual size: 131KB

.rsrc
Size: 52KB - Virtual size: 52KB