a03f61f007d117febf4e0d7f40128495_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a03f61f007d117febf4e0d7f40128495_JaffaCakes118
Size

390KB
MD5

a03f61f007d117febf4e0d7f40128495
SHA1

dc6fc245b79cb80a6cc9bb2b63c323605c5754c1
SHA256

21049a2a8bf7208747afe0006cf165d94997bd1eb96a93e6404fc24a39a8e7ff
SHA512

24fa43e67efb2384db9059e361dd570e54522c7d8fb753f6d68211f703a065390cdec42e5bb2ed1dc4cd15ee6e9376ac183bf1db157a1579c8152e5ce023028e
SSDEEP

6144:BbDj/JUOSAuMd6wjX4LekAq+TIitPGSdfsywdqVfL+sh4tssCzMKfaK2Rt2qwG2:B/j2OS8ZkLDUxGLb8J4tOMSaZ2qwG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a03f61f007d117febf4e0d7f40128495_JaffaCakes118

Files

a03f61f007d117febf4e0d7f40128495_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3fb394bc0558de0b4d5057b5073b1607

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
GetThreadPriority
GetDateFormatW
WriteProfileStringA
ReadConsoleInputW
GetEnvironmentStringsW
GetShortPathNameW
WritePrivateProfileStructA
GetDriveTypeW
CreateEventA
WaitForSingleObjectEx
OutputDebugStringA
SetFilePointer
CreateWaitableTimerW
GetNumberFormatW
PulseEvent
lstrcpy
GetTempFileNameA
FileTimeToLocalFileTime
ReadConsoleOutputA
WriteFile
LockResource
UnlockFileEx
VirtualProtectEx
InterlockedDecrement
TlsSetValue
WriteProfileSectionW
SetConsoleMode
GlobalSize
GetNumberFormatA
SetCriticalSectionSpinCount
SetThreadContext
CommConfigDialogA
FlushViewOfFile
GetProfileStringW
WideCharToMultiByte
GetCompressedFileSizeW
TlsAlloc
FormatMessageA
ResetEvent
GetPrivateProfileStructA
EnumDateFormatsA
SetSystemTime
GlobalAddAtomW
DeleteFileA
WriteProcessMemory
GetFileAttributesExW
VirtualLock
UnmapViewOfFile
SearchPathW
ReadProcessMemory
GetNamedPipeInfo
SetThreadPriority
GetModuleHandleW
GetComputerNameA
GetConsoleTitleA
GlobalCompact
EnumSystemLocalesA
FreeConsole
GetLogicalDriveStringsA
HeapValidate
GetHandleInformation

shell32

SHGetSpecialFolderPathA
SHInvokePrinterCommandW
SheSetCurDrive
DragQueryFile
SHEmptyRecycleBinW
ShellAboutA
ExtractIconEx
ExtractIconExW
SHGetDataFromIDListW
FindExecutableA
DragQueryPoint
SHGetInstanceExplorer
ExtractIconA
SHGetFileInfoA
SHAddToRecentDocs
DragAcceptFiles
FindExecutableW
DragQueryFileAorW
SHBrowseForFolder
InternalExtractIconListA
SHGetDataFromIDListA
ShellExecuteExW
SHFileOperationW
SHGetSettings
SHQueryRecycleBinA
SHBrowseForFolderW
SHChangeNotify
ExtractAssociatedIconExW
SHGetPathFromIDListW
SHGetFileInfoW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
RealShellExecuteExA
SHEmptyRecycleBinA
SheChangeDirExW
RealShellExecuteA
SHBrowseForFolderA
ShellExecuteW
DragQueryFileW
ShellExecuteExA
SHGetDiskFreeSpaceA
DragQueryFileA
SHGetSpecialFolderPathW
SHGetNewLinkInfo
ShellExecuteEx
SHFormatDrive
RealShellExecuteW
CheckEscapesW
SHGetPathFromIDList

gdi32

SetPixelFormat
GetTextCharacterExtra
CreateEnhMetaFileW
DeleteEnhMetaFile
SetWinMetaFileBits
GetKerningPairsA
GdiPlayJournal
SetDeviceGammaRamp
GetICMProfileA
EnumICMProfilesA
GetWindowOrgEx
BitBlt
CreateHalftonePalette

advapi32

RegQueryInfoKeyW
ReportEventW
RegSetValueExA
LookupAccountNameA
LookupPrivilegeValueA
RegConnectRegistryW
CryptVerifySignatureA
CryptImportKey
CryptDestroyKey
CryptSignHashW
RegFlushKey
CryptEnumProviderTypesW
RegLoadKeyA
LogonUserW
GetUserNameA

wininet

SetUrlCacheEntryInfoW
InternetWriteFile
InternetGetCookieW
UnlockUrlCacheEntryStream
FtpCreateDirectoryW
RetrieveUrlCacheEntryStreamW
HttpQueryInfoA
InternetSetFilePointer
FreeUrlCacheSpaceA
GetUrlCacheEntryInfoW
InternetCombineUrlW
InternetReadFileExA
InternetFindNextFileA
InternetSetOptionA
DeleteUrlCacheGroup
InternetAttemptConnect
HttpSendRequestExA
FindNextUrlCacheEntryExA
FtpDeleteFileA
DetectAutoProxyUrl
RunOnceUrlCache
InternetOpenW
DeleteUrlCacheContainerW
FindNextUrlCacheContainerW
IsUrlCacheEntryExpiredW
FindNextUrlCacheEntryW

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fb394bc0558de0b4d5057b5073b1607

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

advapi32

wininet

Sections

.text Size: 116KB - Virtual size: 116KB

.data Size: 261KB - Virtual size: 261KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 261KB - Virtual size: 261KB

.rsrc
Size: 11KB - Virtual size: 10KB