876a3360b4216be4d2faaa3a7d635fa2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

876a3360b4216be4d2faaa3a7d635fa2_JaffaCakes118
Size

564KB
MD5

876a3360b4216be4d2faaa3a7d635fa2
SHA1

e811c1ed3dbfb5f2bc6942cb68491eb4255647c1
SHA256

ab1c59bad711f802f839706fe94a2d618629dfc7332ec5836f1c0bf00c032404
SHA512

96f8b28ae6fe1f3b96b6d80cf94e975aed0e9f66819e16387b9af2c01239d826ed1545223d1a81fdc2f2e4c24ef393939667e97c6028c562b200d7d493b3bccc
SSDEEP

6144:ZLRtli8z9HiGLXupmdbi9RgGKvd7dJCHOBoD2G/2ow7eA+EcPJN9hi3ZtbcLLMJ3:ZdiGLXbd8xKvd7dsHgoSpBN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
876a3360b4216be4d2faaa3a7d635fa2_JaffaCakes118

Files

876a3360b4216be4d2faaa3a7d635fa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

99160a8c07fc071c94f44b179fb40477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpSendRequestW
InternetOpenUrlW
InternetCrackUrlW
InternetConnectW
InternetReadFile
InternetCloseHandle
InternetOpenW
InternetGetConnectedState

iphlpapi

GetAdaptersInfo

kernel32

GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
WritePrivateProfileStringW
GetModuleHandleA
SetErrorMode
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
RaiseException
HeapReAlloc
ExitThread
CreateThread
EnterCriticalSection
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetCurrentDirectoryA
GetDriveTypeA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
InterlockedIncrement
lstrlenA
GetFullPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
ReleaseSemaphore
CreateSemaphoreW
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetTickCount
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
GlobalAddAtomW
FreeResource
GetCurrentProcessId
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GlobalDeleteAtom
GetModuleHandleW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrlenW
MulDiv
GetFileSize
CreateFileA
WriteFile
LoadLibraryW
GetProcAddress
FreeLibrary
LocalFree
GetCurrentThreadId
GetVolumeInformationA
MultiByteToWideChar
GetShortPathNameW
FindResourceW
GetComputerNameW
WideCharToMultiByte
MoveFileExW
SizeofResource
GetSystemTime
GetCommandLineW
DeleteCriticalSection
LockResource
WaitForSingleObject
WaitForMultipleObjects
DeleteFileW
lstrcmpA
GetVersionExW
GetModuleFileNameW
InitializeCriticalSection
CreateProcessW
ExitProcess
LoadResource
GetTempPathW
Sleep
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
CreateMutexW
ReadFile
CloseHandle
CreateFileW
VirtualProtect

user32

DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
ShowWindow
IsDialogMessageW
CharUpperW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
SetFocus
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
RegisterClipboardFormatW
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
SendMessageW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
IsWindowVisible
SetForegroundWindow
GetMenu
PostMessageW
GetParent
GetWindow
UnregisterClassW
DestroyMenu
PostThreadMessageW
EndPaint
BeginPaint
GrayStringW
SendMessageTimeoutW
GetClassNameW
WaitForInputIdle
EnumChildWindows
EnumThreadWindows
GetWindowThreadProcessId
GetSystemMetrics
GetClientRect
AttachThreadInput
SetWindowTextW
GetForegroundWindow
BringWindowToTop
SetTimer
GetWindowTextW
SetParent
wsprintfW
RegisterWindowMessageW
GetCursorPos
EnableWindow
UnregisterClassA
PtInRect

gdi32

DeleteDC
TextOutW
GetStockObject
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
RestoreDC
SaveDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SetMapMode
ExtTextOutW

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CryptAcquireContextW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
CryptDestroyHash
CryptHashData
CryptGetHashParam
InitializeSecurityDescriptor
CryptCreateHash
CryptReleaseContext
StartServiceW
RegOpenKeyExW
RegQueryValueExW
QueryServiceStatus
RegCreateKeyExW
RegCloseKey
SetSecurityDescriptorDacl
OpenServiceW
CloseServiceHandle
OpenSCManagerW

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA

comctl32

InitCommonControlsEx

shlwapi

PathAppendW
StrCmpNW
StrCpyNW
PathRemoveFileSpecW
PathFindFileNameW
PathFindExtensionW
SHGetValueW
StrCpyW
StrStrIW
StrCmpIW
StrCmpNIW
StrCmpW
PathFileExistsW
StrNCatW
PathRemoveExtensionW
PathIsDirectoryW
StrCatW
SHSetValueW
StrChrW
StrDupW
PathStripToRootW
StrStrW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleRun
CoCreateInstance
CoDisconnectObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoInitialize
CoRevokeClassObject
CoUninitialize

oleaut32

VariantClear
VariantChangeType
SysAllocStringLen
SysStringLen
VariantInit
VariantCopy
SysFreeString
LoadTypeLi
SysAllocString
GetErrorInfo

ws2_32

bind
closesocket
recvfrom
htons
socket
gethostbyname
WSAStartup

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 287KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99160a8c07fc071c94f44b179fb40477

Headers

File Characteristics

Imports

wininet

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 204KB - Virtual size: 287KB

.rsrc Size: 4KB - Virtual size: 928B

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 204KB - Virtual size: 287KB

.rsrc
Size: 4KB - Virtual size: 928B