a1e75268949435630b303a054bca004e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1e75268949435630b303a054bca004e_JaffaCakes118
Size

424KB
MD5

a1e75268949435630b303a054bca004e
SHA1

11e4387ba6b07a4a7b4c3099ac5a242e335d7d1f
SHA256

27ce00dcb4b4083eb7cfcbbe65ecc7a6a101a11eef418fd3290141b75818e793
SHA512

92f78b7033f9c18b953e8c2e52f181f715227aef4c2721de152cb995288b18dd7d8e18e4db623b002c9f491cf9ee2104284e758b5b9e29d91f55ed19a0906827
SSDEEP

12288:9TzNHfY/28RtUz5kpYIygBKFnB/g6g/g2MQU8:9RfojUz1S5/gx8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1e75268949435630b303a054bca004e_JaffaCakes118

Files

a1e75268949435630b303a054bca004e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d81978aa145ee3a68aad8ba73cb69937

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\LXMPAE\LQWZVFNZYE\LEULOOBGDG\IEOSTP\

Imports

wininet

GetUrlCacheEntryInfoExW
InternetLockRequestFile
SetUrlCacheEntryInfoW
InternetConfirmZoneCrossingA
FindFirstUrlCacheEntryA
InternetReadFile

kernel32

lstrcmpA
InterlockedExchangeAdd
SetHandleCount
Sleep
InitializeCriticalSectionAndSpinCount
InterlockedExchange
GetProfileIntW
ExitThread
SetFileAttributesA
VirtualUnlock
TerminateProcess
GetModuleHandleA
GetCPInfo
WriteFile
lstrcpyA
GetEnvironmentStringsW
FindNextFileA
GetConsoleScreenBufferInfo
GetCalendarInfoA
SetUnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
GetModuleHandleW
CloseHandle
ReadFileEx
FillConsoleOutputCharacterW
SetLastError
GetFileType
SetEnvironmentVariableA
LocalCompact
GetAtomNameW
LoadModule
GetStringTypeW
IsDebuggerPresent
CreateWaitableTimerA
OpenMutexA
GetStartupInfoW
SetConsoleCtrlHandler
WriteConsoleW
CompareStringW
GetCurrentProcessId
LeaveCriticalSection
lstrcmpiA
SetStdHandle
FreeEnvironmentStringsW
SetLocaleInfoW
FlushFileBuffers
GetConsoleOutputCP
HeapFree
GetStartupInfoA
LoadLibraryA
HeapDestroy
FindAtomA
SetFilePointer
GetLogicalDriveStringsA
TlsAlloc
CompareStringA
GetLocaleInfoA
GetConsoleTitleW
IsValidCodePage
GetProcAddress
GetFullPathNameW
EnumSystemLocalesA
GetModuleFileNameA
WriteProfileStringW
GetCurrentProcess
TerminateThread
LCMapStringW
GetModuleFileNameW
EnumResourceLanguagesA
GetTickCount
DebugBreak
WriteConsoleA
GetUserDefaultLCID
UnhandledExceptionFilter
GetACP
GetCurrentThread
FlushConsoleInputBuffer
RtlUnwind
HeapCreate
SetConsoleOutputCP
GetAtomNameA
LocalAlloc
WritePrivateProfileStringW
GetFileAttributesA
GetCurrentThreadId
HeapSize
GetPrivateProfileIntW
HeapAlloc
HeapReAlloc
CreateProcessA
GetConsoleMode
GetOEMCP
lstrcatW
ExitProcess
IsValidLocale
GetFileTime
InterlockedIncrement
CopyFileA
GetLocaleInfoW
DeleteCriticalSection
GetConsoleCP
VirtualAlloc
EnumSystemCodePagesA
VirtualFree
TlsGetValue
CreateThread
lstrlenW
VirtualQuery
LCMapStringA
SetComputerNameW
TlsFree
SetThreadContext
CreateMutexA
CreateFileA
ReadFile
MultiByteToWideChar
GetThreadSelectorEntry
GetEnvironmentVariableA
AddAtomA
lstrcpyW
EnterCriticalSection
WriteConsoleOutputAttribute
GetTempPathA
GetCommandLineW
GetLastError
FreeLibrary
QueryPerformanceCounter
GetSystemTimeAsFileTime
MoveFileW
GetDateFormatA
GetTimeFormatA
GetStringTypeA
TlsSetValue
WaitCommEvent
CreateFileW
GlobalReAlloc
InterlockedDecrement
WideCharToMultiByte
GetCommandLineA

user32

DlgDirSelectComboBoxExW
OpenIcon
GetKeyboardLayoutNameA
MonitorFromRect
CreateAcceleratorTableA
CharUpperBuffW
AttachThreadInput
SetWindowTextA
FindWindowExA
RegisterClipboardFormatA
CascadeWindows
OpenInputDesktop
DrawEdge
CharPrevA
InsertMenuItemW
NotifyWinEvent
IsCharAlphaA
GetDlgCtrlID
GetMenuStringA
PostQuitMessage
TileChildWindows
CreateIconFromResource
GetNextDlgTabItem
RegisterDeviceNotificationA
RegisterWindowMessageA
RegisterClassA
RegisterClassExA
DdeQueryStringA
GetThreadDesktop
SetDlgItemTextA
CreateDialogParamW
GetPropA
GetMessagePos
SendInput
ChangeDisplaySettingsA
WINNLSGetIMEHotkey
RegisterWindowMessageW
DefWindowProcW
GetMonitorInfoA
SetTimer
GetClientRect
FindWindowW
EnumDesktopsA
GetWindowRect
CreateDialogIndirectParamA
BeginPaint
PostThreadMessageW
GetWindowDC
SetWindowsHookA
GetMenuInfo
GetMenuStringW
EnumClipboardFormats
SetThreadDesktop
DrawFrame
GetClassNameA
RegisterClipboardFormatW
SetCaretPos
SubtractRect
DdeConnectList
SetUserObjectInformationA
ClipCursor
EndDialog
CharNextW
AnimateWindow

comctl32

ImageList_Add
ImageList_Write
InitCommonControlsEx
GetEffectiveClientRect
ImageList_SetImageCount
ImageList_GetIcon
ImageList_SetIconSize
CreateStatusWindow
ImageList_DragEnter
CreateMappedBitmap
DestroyPropertySheetPage
MakeDragList
ImageList_DrawEx
ImageList_SetBkColor
ImageList_GetIconSize
ImageList_SetDragCursorImage
CreatePropertySheetPageW
ImageList_GetBkColor
ImageList_GetImageInfo

comdlg32

ChooseFontW

shell32

SHGetSpecialFolderPathA
ExtractIconEx

advapi32

CryptAcquireContextW
RegCreateKeyW
RegCreateKeyA
LookupPrivilegeValueW
RegQueryInfoKeyA

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d81978aa145ee3a68aad8ba73cb69937

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

comctl32

comdlg32

shell32

advapi32

Sections

.text Size: 164KB - Virtual size: 162KB

.rdata Size: 132KB - Virtual size: 131KB

.data Size: 104KB - Virtual size: 115KB

.rsrc Size: 20KB - Virtual size: 18KB

.text
Size: 164KB - Virtual size: 162KB

.rdata
Size: 132KB - Virtual size: 131KB

.data
Size: 104KB - Virtual size: 115KB

.rsrc
Size: 20KB - Virtual size: 18KB