8e0f8c645a5425d1712f11e433a15558_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8e0f8c645a5425d1712f11e433a15558_JaffaCakes118
Size

604KB
MD5

8e0f8c645a5425d1712f11e433a15558
SHA1

273021bc2cfe8bb8aa919c1391255e9f8402d0ec
SHA256

8499c9bacc38446bc0a52ab11ad4bf2409d9c932336fc9137db467a003130595
SHA512

4d66daa6d8041bc17744cb447b71890fbf68b2db05153365e7889efba5d53ea020edbe8afac516a381d414dec134628d9eb2b316ca76f8a882d6c307374053c2
SSDEEP

12288:ecujSXYCleW1Yr/CSJW/YN5dHtNqzlns/KGArn:RPIe1SCywYN5UBsyVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e0f8c645a5425d1712f11e433a15558_JaffaCakes118

Files

8e0f8c645a5425d1712f11e433a15558_JaffaCakes118
.exe windows:4 windows x86 arch:x86

277ba9a81774c9f9004bbc027b1766ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
ImageList_GetImageRect
CreatePropertySheetPageW

user32

DrawTextW
IsCharAlphaNumericW
SetScrollRange
IsRectEmpty
GetProcessWindowStation
ModifyMenuA
ShowWindow
DestroyWindow
GetWindowModuleFileNameA
GetCapture
GetThreadDesktop
GetScrollBarInfo
DdeAccessData
DefWindowProcA
DragDetect
SetCursorPos
DestroyCaret
SetClassWord
GetClassNameA
SetDebugErrorLevel
EnumDesktopWindows
GetGUIThreadInfo
DefMDIChildProcA
SetKeyboardState
BeginDeferWindowPos
GetAsyncKeyState
CascadeWindows
EnumWindowStationsW
RegisterClassExA
GetWindowDC
LoadStringA
GetDlgItemInt
SetProcessDefaultLayout
ExcludeUpdateRgn
ChangeDisplaySettingsA
CreateWindowExW
DdeUninitialize
PostThreadMessageW
MessageBoxA
ToUnicodeEx
CreateDialogIndirectParamW
SetCaretPos
IsCharLowerA
EnumPropsExW
DlgDirSelectExW
SendIMEMessageExA
GetKeyboardState
DdeCreateStringHandleW
InsertMenuA
DialogBoxIndirectParamW
DdeConnect
GetKeyNameTextA
DdeSetUserHandle
CreateDialogParamA
DrawMenuBar
BeginPaint
RegisterClassA
RemovePropA
GetSubMenu
GetSysColorBrush
GetClipboardData
ToUnicode
ShowCursor

kernel32

DeleteCriticalSection
Sleep
LCMapStringA
CreateSemaphoreA
LeaveCriticalSection
TlsSetValue
VirtualAlloc
OpenEventW
WaitForSingleObjectEx
VirtualQuery
GetCurrentProcessId
OpenMutexA
RtlZeroMemory
GetLastError
FreeEnvironmentStringsA
HeapAlloc
GetSystemTime
AddAtomW
MultiByteToWideChar
GlobalSize
CloseHandle
FindResourceW
CreatePipe
GetStringTypeW
HeapCreate
WriteConsoleA
lstrlen
HeapDestroy
IsBadWritePtr
TlsAlloc
TlsGetValue
GetEnvironmentStringsW
LCMapStringW
WritePrivateProfileStructW
GetTickCount
ReleaseSemaphore
GetStringTypeExW
GetCurrentThread
GetAtomNameW
TryEnterCriticalSection
GetCurrentThreadId
CreateMutexW
GetConsoleTitleA
EnumSystemCodePagesW
GetCPInfo
GetModuleHandleA
TlsFree
SetStdHandle
CreateWaitableTimerA
FlushFileBuffers
TerminateProcess
GetEnvironmentVariableA
SetLastError
InterlockedIncrement
VirtualFree
HeapReAlloc
UnhandledExceptionFilter
OpenSemaphoreA
WriteFile
GetACP
PulseEvent
GetTimeFormatW
GetPrivateProfileIntA
GetCommandLineA
SetHandleCount
SetThreadLocale
ExitProcess
SetVolumeLabelA
GetStringTypeA
GetCommandLineW
CommConfigDialogW
GetProcAddress
CreateToolhelp32Snapshot
SetConsoleTextAttribute
FileTimeToDosDateTime
RtlUnwind
GetEnvironmentStrings
GetModuleFileNameA
MoveFileA
InterlockedDecrement
CreateEventW
GetTimeZoneInformation
GetVersion
GetProfileStringW
EnterCriticalSection
SetCurrentDirectoryW
ConnectNamedPipe
LoadLibraryExW
GlobalUnfix
GetCurrentProcess
InterlockedExchange
GetLocalTime
LocalSize
GetProfileIntW
GetTempPathA
GetStartupInfoA
SetEnvironmentVariableA
ReadFile
SetConsoleActiveScreenBuffer
GetSystemTimeAsFileTime
WriteConsoleOutputAttribute
InitializeCriticalSection
GetLogicalDrives
OpenMutexW
CompareStringA
CreateMutexA
HeapFree
LoadLibraryA
GetStdHandle
GetOEMCP
SetFilePointer
RtlMoveMemory
GetFileType
CreateMailslotW
QueryPerformanceCounter
WriteConsoleOutputA
OpenWaitableTimerW
FreeEnvironmentStringsW
FindClose
OpenEventA
lstrcmpW
GlobalCompact
GetDateFormatA
WideCharToMultiByte
CompareStringW

wininet

InternetShowSecurityInfoByURLW
FindNextUrlCacheEntryW
GetUrlCacheConfigInfoW
FtpCreateDirectoryW
GopherFindFirstFileW
FindFirstUrlCacheEntryExA
ReadUrlCacheEntryStream
FindFirstUrlCacheContainerW

Sections

.text
Size: 192KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

277ba9a81774c9f9004bbc027b1766ed

Headers

File Characteristics

Imports

comctl32

user32

kernel32

wininet

Sections

.text Size: 192KB - Virtual size: 188KB

.rdata Size: 248KB - Virtual size: 245KB

.data Size: 112KB - Virtual size: 134KB

.rsrc Size: 48KB - Virtual size: 46KB

.text
Size: 192KB - Virtual size: 188KB

.rdata
Size: 248KB - Virtual size: 245KB

.data
Size: 112KB - Virtual size: 134KB

.rsrc
Size: 48KB - Virtual size: 46KB