a9680c5399af10e0429bf6c75d6a4083_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a9680c5399af10e0429bf6c75d6a4083_JaffaCakes118
Size

590KB
MD5

a9680c5399af10e0429bf6c75d6a4083
SHA1

c2c4eda101e5827d833c0af2e375848b6e791447
SHA256

cacf567828f14fc962e43b1f96f99086c4b7410025450fba425285b325ac8df9
SHA512

011d342ab5aeb2315c35bb0ad35dd9c36db3825a70da617d54dbb69757029bfd978183bb8fcf3117610739f4772c41c58b3c19fc880ca94f5153a8eebf95101f
SSDEEP

12288:tovSw9pvkmKGzSP66GL/w+6JhiRBO82GvgactFN7gdmook7:4ZbkfGzSS6GL/ioBO82GYXook7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9680c5399af10e0429bf6c75d6a4083_JaffaCakes118

Files

a9680c5399af10e0429bf6c75d6a4083_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5558381ae93edbedf3dbea8fddb6ab96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

ReplaceTextA
GetOpenFileNameA

user32

RegisterClassA
GetDesktopWindow
SendMessageTimeoutA
GetPriorityClipboardFormat
EndDialog
RegisterWindowMessageA
RegisterClassExA
GetMenuState
CharNextExA
GetWindowTextLengthA

gdi32

SetArcDirection
GetTextExtentPointW
EnumICMProfilesW
CreateEllipticRgn
GetStockObject
SelectPalette
GetPixelFormat
GetMetaFileW
Chord
DeleteDC
SetBoundsRect
SetRectRgn

kernel32

QueryPerformanceCounter
InitializeCriticalSection
CompareStringA
TlsAlloc
GetProcAddress
GlobalHandle
CompareStringW
VirtualFree
HeapAlloc
SetEnvironmentVariableW
GetEnvironmentStrings
GetCurrentThread
GetOEMCP
GetCommandLineA
GetStdHandle
VirtualQuery
EnumSystemLocalesA
CreateMutexA
TerminateProcess
FreeEnvironmentStringsW
GetUserDefaultLCID
ReadFile
GetCurrentProcessId
InterlockedExchange
FindAtomA
TlsSetValue
GetSystemInfo
IsValidCodePage
SetStdHandle
GetLocaleInfoA
HeapCreate
UnhandledExceptionFilter
WideCharToMultiByte
IsValidLocale
RtlUnwind
GetCurrentProcess
GetTickCount
EnterCriticalSection
DeleteCriticalSection
lstrcpyA
ExitProcess
FreeEnvironmentStringsA
GetStartupInfoA
GetModuleFileNameA
GetTimeZoneInformation
GetFileType
LeaveCriticalSection
GetCPInfo
GetStringTypeW
GetDateFormatA
HeapReAlloc
LCMapStringA
SetEnvironmentVariableA
SetLastError
GetProfileIntW
GetLocaleInfoW
GetVersionExA
WriteFile
GetEnvironmentStringsW
CreateThread
GetSystemTimeAsFileTime
GetModuleHandleA
HeapDestroy
TlsGetValue
GetCurrentThreadId
SetConsoleTitleW
HeapSize
CloseHandle
OpenMutexA
GetLastError
LoadLibraryA
SetHandleCount
TlsFree
SetFilePointer
GetStringTypeA
HeapFree
LCMapStringW
GetTempPathA
VirtualAlloc
EnumSystemCodePagesA
OutputDebugStringA
VirtualProtect
FlushFileBuffers
MultiByteToWideChar
GetACP
IsBadWritePtr
GetTimeFormatA

comctl32

ImageList_DrawIndirect
ImageList_SetDragCursorImage
DrawStatusTextA
ImageList_GetDragImage
ImageList_LoadImage
ImageList_GetFlags
CreatePropertySheetPage
ImageList_Copy
ImageList_GetImageCount
InitCommonControlsEx
InitMUILanguage
CreateStatusWindowA
ImageList_GetBkColor
MakeDragList
ImageList_Write
ImageList_GetImageInfo

wininet

InternetQueryFortezzaStatus
InternetConfirmZoneCrossing
InternetGetCookieW
FtpGetFileW
InternetGoOnline
FindNextUrlCacheContainerW

Sections

.text
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5558381ae93edbedf3dbea8fddb6ab96

Headers

File Characteristics

Imports

comdlg32

user32

gdi32

kernel32

comctl32

wininet

Sections

.text Size: 350KB - Virtual size: 349KB

.rdata Size: 52KB - Virtual size: 76KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 84KB - Virtual size: 83KB

.text
Size: 350KB - Virtual size: 349KB

.rdata
Size: 52KB - Virtual size: 76KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 84KB - Virtual size: 83KB