aaa3068f45a4433c504fbda1a8093cec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aaa3068f45a4433c504fbda1a8093cec_JaffaCakes118
Size

660KB
MD5

aaa3068f45a4433c504fbda1a8093cec
SHA1

0afd4fc4a1a2f43cbcf047bacdba2b5b8f8c175a
SHA256

15a50035eb5bf9dfcf80a1daac9ee18d85b13efcb98e1b153f7e17dacccc1644
SHA512

b89c69786e833a002d861f8eca9341f159e28ecd1640066d3d0df4b87cbef665b68e76e798be625910fe9cbf139ef3202fcb657792f259275f4eecb0e00f345d
SSDEEP

12288:JBJkplxXricDz5w8Ur5tjR/NaaW6Man5MXoVqc85eSyoGf2O9V3EO4d:TWpfTUFhRNaanujd5e5oGeO7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaa3068f45a4433c504fbda1a8093cec_JaffaCakes118

Files

aaa3068f45a4433c504fbda1a8093cec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ea5d473a2324432ae6090ac7f669bd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\hetnjaafc\ner\o

Imports

wininet

HttpQueryInfoA
InternetOpenUrlA
FtpCreateDirectoryA
InternetCloseHandle
InternetQueryOptionA
InternetGetConnectedState
InternetReadFile

ole32

CoRevokeClassObject
StgIsStorageFile
OleIsCurrentClipboard
CoTaskMemAlloc
OleGetClipboard

comctl32

ImageList_Add
ImageList_GetImageCount
ImageList_GetIconSize
ord17
ImageList_AddMasked
PropertySheetA
ImageList_ReplaceIcon
ImageList_DragMove
ImageList_DragShowNolock
ImageList_LoadImageA
_TrackMouseEvent
ImageList_Create
ImageList_GetIcon
ImageList_GetImageInfo
CreatePropertySheetPageA
ImageList_Destroy
ImageList_Draw
ImageList_BeginDrag
ImageList_EndDrag
InitCommonControlsEx

comdlg32

GetSaveFileNameW
PrintDlgA
GetOpenFileNameA

user32

IsWindowVisible
DestroyIcon
GetUpdateRect
GetScrollInfo
FillRect
EnableMenuItem
RemovePropW
LoadIconW
OffsetRect
MoveWindow
LockWindowUpdate
GetWindowTextW
LoadCursorW
GetWindowTextLengthW
GetWindowDC
DefMDIChildProcW
GetSystemMetrics
DeferWindowPos
SetWindowRgn
AppendMenuW
KillTimer
InsertMenuW
EnumChildWindows
SetTimer
MessageBeep
DrawEdge
IsClipboardFormatAvailable
RegisterClassExW
DeleteMenu
GetKeyState
GetMenu
TrackMouseEvent
GetWindow
IsWindowEnabled
GetWindowRect
GetTopWindow
EndDialog
CreateMenu
IsRectEmpty
TrackPopupMenu
GetDlgItem
RegisterWindowMessageW
InvalidateRect
SetWindowLongA
BeginPaint
GetMenuItemInfoW
MapWindowPoints
GetFocus
UpdateWindow
SetActiveWindow
IsMenu
SendDlgItemMessageW
IsChild
DestroyCursor
GetClassNameW
IsIconic
DispatchMessageW
LoadStringW
RegisterClassW
DestroyAcceleratorTable
SetParent
ShowOwnedPopups
SetWindowPos
PeekMessageW
SetPropW
DrawFocusRect
CreatePopupMenu
SetCursor
CreateDialogIndirectParamW
GetLastActivePopup
GetPropW
GetCapture
GetSysColorBrush
DestroyMenu
UnhookWindowsHookEx
SetClipboardData
LoadImageW
EndPaint
SystemParametersInfoW
DestroyWindow
InflateRect
ModifyMenuW
SetForegroundWindow
GetIconInfo
GetCursorPos

gdi32

SelectObject
FillRgn
GetCharWidthA
DeleteObject
ExtTextOutA
DPtoLP
RestoreDC
GetPaletteEntries
ArcTo
OffsetClipRgn
GetTextMetricsA
SelectPalette
CreateDIBPatternBrushPt
CreatePolygonRgn
CreateFontIndirectA
SetViewportExtEx
GetObjectA
GetTextExtentPointA
CreateMetaFileA
OffsetViewportOrgEx
EnumMetaFile
PolyDraw
SaveDC
AbortDoc
SetColorAdjustment
PlayMetaFileRecord
CloseMetaFile
LineTo
SetMapperFlags
SetWindowExtEx
SetViewportOrgEx

advapi32

RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
CloseServiceHandle
OpenSCManagerA
SetSecurityDescriptorDacl
GetUserNameA
RegOpenKeyA
CreateServiceA
RegQueryValueExA

winspool.drv

DocumentPropertiesA
ord204
ClosePrinter

kernel32

GetFileType
GetLastError
TerminateProcess
QueryPerformanceCounter
GetDateFormatA
GetConsoleCP
HeapSize
FlushFileBuffers
HeapReAlloc
GetACP
GetLocaleInfoA
IsBadReadPtr
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStdHandle
SetHandleCount
ExitProcess
HeapDestroy
SetLastError
UnhandledExceptionFilter
InterlockedExchange
TlsSetValue
HeapFree
SetFilePointer
GetOEMCP
LCMapStringW
LoadLibraryW
WriteConsoleA
VirtualFree
TlsGetValue
GetTimeZoneInformation
GetCurrentThreadId
CreateMutexW
GetConsoleOutputCP
SetEnvironmentVariableA
HeapAlloc
WriteConsoleW
GetSystemTimeAsFileTime
VirtualAlloc
GetModuleHandleA
GetStringTypeW
TlsAlloc
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
Sleep
VirtualQuery
GetStringTypeA
GetModuleFileNameA
GetStartupInfoA
CompareStringW
GetModuleFileNameW
SetConsoleCtrlHandler
RaiseException
LCMapStringA
ReadFile
CompareStringA
CreateFileA
TlsFree
IsValidCodePage
HeapCreate
GetModuleHandleW
GetTickCount
InterlockedIncrement
WideCharToMultiByte
GetCurrentProcess
GetStartupInfoW
GetTimeFormatA
GetConsoleMode
CloseHandle
OutputDebugStringA
GetCommandLineW
OutputDebugStringW
LoadLibraryA
RtlUnwind
EnterCriticalSection
MultiByteToWideChar
LeaveCriticalSection
InterlockedDecrement
WriteFile
GetCPInfo
HeapValidate
DeleteCriticalSection
SetStdHandle
GetEnvironmentStringsW
DebugBreak
FreeEnvironmentStringsW
GetProcAddress

Sections

.text
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ea5d473a2324432ae6090ac7f669bd5

Headers

File Characteristics

PDB Paths

Imports

wininet

ole32

comctl32

comdlg32

user32

gdi32

advapi32

winspool.drv

kernel32

Sections

.text Size: 220KB - Virtual size: 216KB

.rdata Size: 296KB - Virtual size: 292KB

.data Size: 80KB - Virtual size: 83KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 220KB - Virtual size: 216KB

.rdata
Size: 296KB - Virtual size: 292KB

.data
Size: 80KB - Virtual size: 83KB

.rsrc
Size: 60KB - Virtual size: 59KB