89302ae0f15330c29d76ce92c45515ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89302ae0f15330c29d76ce92c45515ea_JaffaCakes118
Size

421KB
MD5

89302ae0f15330c29d76ce92c45515ea
SHA1

094a49cbb2018a2eaa45c8aa8865a98cc01ea715
SHA256

46ca7ff1c4a9e02c27058969b53b47aa0cbefd9b4c4d902745362f6ddc4168eb
SHA512

c7850a551368e4afdf36ff752e5bc4aaf213ee8d98a54301b0dc588fa99ac9f0626b49bb7f77fb5761811b52a6fe8d689014a9564d8029629181e6a8c5143837
SSDEEP

3072:oUKQnDVEHKIQTUlnPuBvsiH/RZ63HMA6BgW7ntsF:zRbSP2sYs3HMA9W7ntsF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89302ae0f15330c29d76ce92c45515ea_JaffaCakes118

Files

89302ae0f15330c29d76ce92c45515ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

42248b9e6606fa048f41ef53ddd2a283

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
ShellExecuteA

user32

GetUpdateRgn
FindWindowA
SendMessageA
RegisterWindowMessageA
MessageBoxA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetWindowLongA
CreateDialogParamA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
UnregisterClassA
DefWindowProcA
SetWindowTextA
GetWindowTextA
GetFocus
ReleaseDC
GetDC
GetWindowTextLengthA
GetWindow
GetClientRect
BeginPaint
SetWindowPos
IsWindow
RedrawWindow
GetClassNameA
GetParent
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
DestroyWindow
GetDlgItem
wsprintfA
DialogBoxParamA
EndDialog
LoadImageA
PostQuitMessage
ShowWindow
KillTimer
SetTimer
CallWindowProcA
EndPaint
FillRect
SetDlgItemTextA
GetWindowRect
GetClassInfoExA
CreateDialogIndirectParamA
GetSysColor
EnableWindow
GetDlgItemTextA
DrawTextA
ScreenToClient
EnumChildWindows
SetPropA
GetForegroundWindow
GetPropA
GetSystemMetrics
IsChild
SetFocus
GetWindowLongA

gdi32

SetTextColor
CreateFontIndirectA
SetBkMode
SetDIBits
CreateRectRgn
GetDIBits
SetStretchBltMode
StretchBlt
FillRgn
GetStockObject
GetObjectA
SetBkColor
DeleteObject
CreateCompatibleBitmap
CreateSolidBrush
SelectObject
BitBlt
CreateCompatibleDC
DeleteDC
GetDeviceCaps

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoInitialize
CoUninitialize

wsock32

WSAStartup
gethostname
ioctlsocket
htonl
gethostbyname
WSACleanup

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

comctl32

_TrackMouseEvent

wininet

InternetOpenUrlA
InternetCloseHandle
InternetReadFile
InternetOpenA

shlwapi

SHDeleteKeyA

kernel32

GlobalAlloc
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
lstrlenW
lstrcmpA
InterlockedDecrement
GetExitCodeProcess
WideCharToMultiByte
GlobalLock
GlobalHandle
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
GetShortPathNameA
GetCommandLineA
Sleep
GetLocaleInfoA
LockResource
LoadResource
GetModuleHandleA
GetStartupInfoA
FindResourceA
GetTickCount
GetLocalTime
MoveFileExA
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
SizeofResource
GetVolumeInformationA
CopyFileA
MoveFileA
DeleteFileA
GetSystemDirectoryA
GetVersionExA
SetFileAttributesA
GetWindowsDirectoryA
LoadLibraryA
FreeLibrary
GetProcAddress
FindClose
RemoveDirectoryA
CreateDirectoryA
FreeResource
FindNextFileA
FindFirstFileA
HeapDestroy
GlobalFree
InitializeCriticalSection
GlobalUnlock
lstrlenA

olepro32

ord253

oleaut32

SysAllocStringLen
LoadRegTypeLi
SysStringLen
VariantClear
SysAllocString
SysFreeString

msvcrt

_except_handler3
qsort
vsprintf
strtol
strcmp
fputs
memmove
fwrite
fgets
strncmp
fopen
_strnicmp
_stricmp
strncat
fclose
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
isgraph
strncpy
isdigit
time
fprintf
strchr
ctime
fread
_ftol
atol
sin
wcslen
tolower
sscanf
strtoul
isprint
memcmp
_purecall
??2@YAPAXI@Z
__CxxFrameHandler
memcpy
strstr
exit
isalpha
srand
rand
strcat
sprintf
memset
strcpy
strlen
??3@YAXPAX@Z

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 117KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

42248b9e6606fa048f41ef53ddd2a283

Headers

File Characteristics

Imports

shell32

user32

gdi32

advapi32

ole32

wsock32

rpcrt4

comctl32

wininet

shlwapi

kernel32

olepro32

oleaut32

msvcrt

Sections

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 117KB - Virtual size: 195KB

.rsrc Size: 226KB - Virtual size: 226KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 117KB - Virtual size: 195KB

.rsrc
Size: 226KB - Virtual size: 226KB