a7f17976bb50e0f6ab0d226b38a71838_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a7f17976bb50e0f6ab0d226b38a71838_JaffaCakes118
Size

596KB
MD5

a7f17976bb50e0f6ab0d226b38a71838
SHA1

0da7c8f273126adbd6b141bae25cd9704ea670a7
SHA256

b04cfd40977868f5a2b88a8bff8382e6dd2b694758150743bc693c87c9d56a44
SHA512

8fd555d603a7dc52efb36bb29f1bae58a98214091bf4f980af4adff8f58095a2230a698481cf96a53d37d983c115d7c7042c5a247fd3c09912b0b3ec1eff274a
SSDEEP

12288:9zBzQu3ie+om/YiV9U484zD/jWV3/njCh0cSXJsN4iF:9R53iB/T3xzD/jqPn2OzXg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7f17976bb50e0f6ab0d226b38a71838_JaffaCakes118

Files

a7f17976bb50e0f6ab0d226b38a71838_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f33f6cf07663fbd9ea27c292300de5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\sn

Imports

user32

DragObject
CreateWindowExW
DlgDirListComboBoxA
SetParent
DefFrameProcW
GetTabbedTextExtentA
RegisterClassA
EnumDesktopWindows
ChangeDisplaySettingsExW
GetCursorPos
DefWindowProcW
InSendMessage
OpenDesktopW
GetListBoxInfo
SetShellWindow
RegisterWindowMessageW
EnumDesktopsW
PackDDElParam
GetMenuItemRect
FillRect
AppendMenuA
CharNextExA
MsgWaitForMultipleObjectsEx
GetMenuItemInfoA
EndDialog
GetProcessDefaultLayout
GetUserObjectSecurity
GetMenuState
IsCharAlphaNumericA
SetWindowsHookW
CreateAcceleratorTableA
GetActiveWindow
ReleaseDC
DestroyWindow
DdeAddData
IsClipboardFormatAvailable
ChildWindowFromPoint
GetThreadDesktop
IsCharLowerA
SetDlgItemInt
GetMessageExtraInfo
MessageBoxA
DrawFrameControl
EndDeferWindowPos
CheckMenuItem
DdeConnect
GetShellWindow
GetUpdateRgn
CreateDesktopA
GetWindowThreadProcessId
LoadMenuIndirectA
IsCharAlphaW
RegisterClassExA
GetMenu
GetSysColorBrush
SetCapture
ShowWindow

gdi32

ResizePalette
StretchDIBits
GetTextColor
CreateDIBPatternBrushPt
PolylineTo
CreateHalftonePalette
GetTextExtentPointW
SetStretchBltMode
EnumMetaFile
GetCharWidthW
CreateBrushIndirect
GetPolyFillMode
SwapBuffers
EnumObjects
FillPath
CreateICW

comctl32

ImageList_Add
MakeDragList
ImageList_Duplicate
ImageList_LoadImage
ImageList_Copy
CreatePropertySheetPage
InitCommonControlsEx
ImageList_DragLeave
DrawStatusTextW
ImageList_GetImageCount
ImageList_SetImageCount
DrawInsert
ImageList_DragShowNolock
CreateToolbarEx
ImageList_GetDragImage
CreateMappedBitmap
DrawStatusTextA
ImageList_SetDragCursorImage
_TrackMouseEvent
CreateStatusWindowA
ImageList_ReplaceIcon
ImageList_Remove
ImageList_SetOverlayImage
ImageList_GetIcon

comdlg32

PrintDlgA

wininet

FtpCommandW
InternetTimeToSystemTimeA
FtpOpenFileA
HttpCheckDavCompliance
InternetGetCertByURL
IsUrlCacheEntryExpiredW
InternetGoOnlineA

kernel32

UnlockFile
GetEnvironmentStringsW
CompareStringW
IsValidCodePage
MultiByteToWideChar
GetStringTypeA
OpenSemaphoreA
InterlockedExchange
GetSystemTime
WriteFile
FreeLibrary
GetSystemTimeAsFileTime
GetOEMCP
ExitProcess
WaitForMultipleObjectsEx
GetConsoleTitleW
FreeEnvironmentStringsW
CreateDirectoryA
GetCompressedFileSizeW
GetCurrentProcessId
VirtualFree
LCMapStringW
HeapReAlloc
GetComputerNameA
SetHandleCount
GetCurrentThreadId
GetCurrentThread
LocalUnlock
CreateMutexA
GetStdHandle
InterlockedDecrement
CreateProcessA
GetConsoleTitleA
VirtualAlloc
FindFirstFileW
EnterCriticalSection
GetVersion
GetACP
LCMapStringA
lstrcmpiW
SetEvent
GetTickCount
VirtualAllocEx
QueryPerformanceCounter
FreeEnvironmentStringsA
GetTimeZoneInformation
CloseHandle
GetCalendarInfoW
GetProcAddress
GetLocalTime
SetCurrentDirectoryW
TlsFree
FlushFileBuffers
DeleteAtom
OpenMutexA
HeapDestroy
ResetEvent
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
SetEnvironmentVariableA
LoadResource
IsBadWritePtr
InitializeCriticalSection
TlsAlloc
GetFileType
RtlUnwind
TerminateProcess
GetCommandLineA
GetEnvironmentStrings
GetLastError
SetStdHandle
TlsSetValue
LeaveCriticalSection
GetProfileStringA
HeapCreate
GetModuleHandleA
VirtualQuery
ReadFile
HeapAlloc
HeapFree
CompareStringA
SetLastError
GetCurrencyFormatW
SetFilePointer
UnhandledExceptionFilter
GetCurrentProcess
WideCharToMultiByte
TlsGetValue
GetStartupInfoA
GetStringTypeW
GetTempPathW
LoadLibraryA

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f33f6cf07663fbd9ea27c292300de5bf

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

comctl32

comdlg32

wininet

kernel32

Sections

.text Size: 160KB - Virtual size: 159KB

.rdata Size: 256KB - Virtual size: 254KB

.data Size: 108KB - Virtual size: 132KB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 256KB - Virtual size: 254KB

.data
Size: 108KB - Virtual size: 132KB

.rsrc
Size: 68KB - Virtual size: 66KB