a2662b996087e8eeefb6504b03139b35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a2662b996087e8eeefb6504b03139b35_JaffaCakes118
Size

288KB
MD5

a2662b996087e8eeefb6504b03139b35
SHA1

f1655e75d7000ae620969c020ade5166819bab5a
SHA256

1524cccc46abf1b5fb6f62b58bc0e9fb51353bc0f58aaba4c259e8256a765b82
SHA512

09a7ede73c757504faaca1b172daba11de04c901d95ee7cbc7dfb2ea9ba7a6e3598ed477ed6f221931834d0d315abf73413237d4bbbd6b1e6264cdbf6ce35a70
SSDEEP

6144:7Xx9Qmd4zYR0NShufxI3cxV4naUKM5OjDRnmD:Fim2YR0NS+xI3sUX5mRK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2662b996087e8eeefb6504b03139b35_JaffaCakes118

Files

a2662b996087e8eeefb6504b03139b35_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fcd02dbc289d9ed405c76320daceed2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

kernel32

LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
Sleep
InterlockedExchange
GetProcAddress
ExitProcess
GetCurrentProcessId
CloseHandle
CreateThread
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
WriteProcessMemory
TerminateProcess
GetVersionExA
CreateProcessA
GetEnvironmentVariableW
WaitForSingleObject
CreateEventA
SetUnhandledExceptionFilter
DeleteFileA
GetSystemDirectoryA
CreateProcessW
CreateFileW
WriteFile
CreateFileA
GetCPInfo
HeapSize
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
HeapCreate
SizeofResource
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
UnhandledExceptionFilter
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
HeapReAlloc
GetThreadLocale
GetLocaleInfoA
GetACP
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
FreeLibrary
GlobalAlloc
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GlobalLock
GlobalUnlock
GetModuleFileNameA
MulDiv
lstrcmpA
IsDBCSLeadByte
GetOEMCP
lstrcmpiA
lstrlenA
InterlockedDecrement
InterlockedIncrement
GetLastError
lstrlenW
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
SetLastError
GetCurrentThreadId
GetTickCount
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
RaiseException
FlushFileBuffers
HeapDestroy
LCMapStringA

user32

RemoveMenu
GetMenuItemCount
AppendMenuA
DestroyMenu
CreatePopupMenu
UnregisterClassA
LoadStringW
PostQuitMessage
SetMenuDefaultItem
GetMenuItemInfoA
SetMenuItemInfoA
BringWindowToTop
SystemParametersInfoA
GetScrollInfo
SetScrollPos
ScrollWindowEx
UpdateWindow
TranslateMDISysAccel
GetMonitorInfoA
wsprintfA
FindWindowA
GetProcessWindowStation
GetUserObjectInformationA
CloseWindowStation
GetWindowRect
MapWindowPoints
FindWindowExW
SetScrollInfo
KillTimer
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
SetWindowTextA
LoadStringA
LoadMenuA
LoadAcceleratorsA
CreateAcceleratorTableA
IsWindow
SendMessageA
MonitorFromPoint
TrackPopupMenuEx
MessageBeep
AdjustWindowRectEx
DefMDIChildProcA
IsWindowVisible
DrawMenuBar
GetMenuStringA
GetSubMenu
PtInRect
GetDesktopWindow
SetFocus
GetFocus
GetWindow
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetClassNameA
GetDlgItem
GetParent
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
LoadImageA
DestroyWindow
CharNextA
DefWindowProcA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
GetWindowLongA
CreateWindowExA
RegisterClassExA
TranslateAcceleratorA
LoadCursorA
GetClassInfoExA
SetTimer
PostMessageA
SetWindowLongA
DefFrameProcA

gdi32

SetViewportOrgEx
GetStockObject
GetObjectA
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
DeleteObject
SelectObject

advapi32

RegOpenKeyExA
RegQueryInfoKeyA
OpenSCManagerA
OpenServiceA
QueryServiceStatusEx
CloseServiceHandle
CreateProcessAsUserA
OpenProcessToken
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA

ole32

CoInitialize
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleUninitialize
StringFromGUID2
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
OleLockRunning
CoUninitialize
OleInitialize

oleaut32

SysAllocStringLen
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantClear
VariantInit
SysStringByteLen
VarUI4FromStr
SysAllocString
SysStringLen
SysFreeString

comctl32

InitCommonControlsEx

iphlpapi

GetAdaptersInfo

wininet

HttpQueryInfoA
InternetConnectA
InternetSetOptionA
HttpSendRequestA
InternetOpenA
InternetReadFile
HttpOpenRequestA
InternetCloseHandle

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcd02dbc289d9ed405c76320daceed2f

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

iphlpapi

wininet

Sections

.text Size: 152KB - Virtual size: 151KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 16KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 2KB

.vmp0 Size: 72KB - Virtual size: 71KB

.reloc Size: 4KB - Virtual size: 536B

.text
Size: 152KB - Virtual size: 151KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 16KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 2KB

.vmp0
Size: 72KB - Virtual size: 71KB

.reloc
Size: 4KB - Virtual size: 536B