94a455313014001bb024d358384a9d65_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

94a455313014001bb024d358384a9d65_JaffaCakes118
Size

376KB
MD5

94a455313014001bb024d358384a9d65
SHA1

a37e266e11bfce2ac3f43d039583367be577dc97
SHA256

94cfde24d59595c8f12f1143794699131670d230574a576ccc70050fd9452fd4
SHA512

21b20c8c377427171a9a7abc933f94d68a2a5d3b64e6c07005e4f99d3386bbd034dec1aecef0e963bbede24025d3817d564ee586e44a52f7058f7ff0024c1aee
SSDEEP

6144:y+FXlpISJaqeu0rjXwfq2hw/eXdkqUd/Ez9xFT60ZchGHXAA1K7Egm6:bkfrjAfdAeXxUqvF9qoHXt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94a455313014001bb024d358384a9d65_JaffaCakes118

Files

94a455313014001bb024d358384a9d65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d35f490fd2ce04408a1371eaaed2dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
GetStringTypeW
GetStringTypeA
GetACP
GetCPInfo
IsBadCodePtr
Sleep
LCMapStringA
MultiByteToWideChar
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
CreateProcessA
WaitForSingleObject
CloseHandle
GetVersion
LoadLibraryA
GetProcAddress
GetOEMCP
GetThreadLocale
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
SizeofResource
GetTickCount
GetTempPathA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
GetCurrentDirectoryA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLocalTime
TlsGetValue
WriteFile
SetFilePointer
CreateFileA
IsBadReadPtr
TlsSetValue
TlsAlloc
FlushFileBuffers
GetFileSize
ReadFile
SetEndOfFile
DeleteFileA
MoveFileA
CreateDirectoryA
FindFirstFileA
FindNextFileA
FindClose
SetEvent
CreateThread
CreateEventA
GetComputerNameA
CreateMutexA
ReleaseMutex
TerminateThread
OutputDebugStringA
QueryPerformanceCounter
GetVolumeInformationA
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
HeapReAlloc
HeapFree
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
HeapSize
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
SetLastError

user32

SetDlgItemTextA
SendDlgItemMessageA
PostMessageA
GetParent
KillTimer
MessageBoxA
LoadImageA
SetTimer
EnumWindows
DialogBoxParamA
GetActiveWindow
GetWindowTextA
EnableWindow
EndDialog
LoadIconA
SendMessageA
ReleaseDC
GetDC
SetWindowTextA
DestroyWindow
CreateDialogParamA
GetWindowRect
ScreenToClient
SetWindowPos
ShowWindow
GetDlgItem

gdi32

SetTextColor
GetStockObject
GetObjectA
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
CreateFontA

advapi32

RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey

wininet

InternetAutodial
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetQueryDataAvailable
InternetGetConnectedState

comctl32

ord17

shell32

ShellExecuteA

wsock32

htonl
ntohs
ntohl
closesocket
WSAGetLastError
inet_ntoa
socket
connect
htons
listen
bind
accept
send
recv
gethostbyname
ioctlsocket
gethostbyaddr
__WSAFDIsSet
select
sendto
recvfrom
WSAStartup
WSACleanup
getsockname

Sections

Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5d35f490fd2ce04408a1371eaaed2dda

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

comctl32

shell32

wsock32

Sections

Size: 152KB - Virtual size: 152KB

Size: 24KB - Virtual size: 24KB

Size: 40KB - Virtual size: 40KB

Size: 32KB - Virtual size: 32KB

.text Size: 124KB - Virtual size: 124KB

.text
Size: 124KB - Virtual size: 124KB