af1b934485c6a6738f44f7129bf9a8d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

af1b934485c6a6738f44f7129bf9a8d8_JaffaCakes118
Size

522KB
MD5

af1b934485c6a6738f44f7129bf9a8d8
SHA1

d52e4da83e83a7a1a681d2d18b1c248d6376247a
SHA256

d91684a4ffce39bf3d7638596676cf07856c089a95e9d975d149d85466bf2b1a
SHA512

e3c4276c2a3de5a21456eda029f2ad46ab99d5530a84db9df2ac77e837ce5f61e3157384b5a88266021375cea0dbe2c3ef50fa9089e667e3b50695edd74d4395
SSDEEP

12288:qcEhQilknR1OhNVkbElcg8BPTzUC26K8rYRi4c+DxIo:vEhZ2gNubMcg8BPkQK01H+Dx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af1b934485c6a6738f44f7129bf9a8d8_JaffaCakes118

Files

af1b934485c6a6738f44f7129bf9a8d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d310b633cde55f684ae7dd125288daa0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\seqvqtnflw\el

Imports

wininet

InternetTimeToSystemTimeA
RetrieveUrlCacheEntryStreamW
InternetUnlockRequestFile
CreateUrlCacheContainerA
FtpCreateDirectoryA
IsUrlCacheEntryExpiredA
DeleteUrlCacheEntry

comctl32

InitCommonControlsEx

kernel32

CompareStringA
RemoveDirectoryA
TryEnterCriticalSection
SetStdHandle
InitializeCriticalSection
GetCurrentThreadId
WriteFile
TlsSetValue
GetProcAddress
IsBadWritePtr
GetTickCount
TlsFree
CreateMutexA
LCMapStringA
GetSystemTime
HeapAlloc
RtlUnwind
CompareStringW
GetThreadContext
GetTimeZoneInformation
GetEnvironmentStrings
GetTimeFormatW
CreateThread
ReadFile
GetLocalTime
SetFilePointer
GetModuleFileNameW
HeapFree
GetCommandLineA
lstrcmpiW
FlushFileBuffers
LeaveCriticalSection
VirtualAlloc
DeleteCriticalSection
SetFileAttributesW
SetEnvironmentVariableA
MultiByteToWideChar
GetStdHandle
GetCurrentThread
GetStringTypeW
VirtualQuery
EnterCriticalSection
CloseHandle
HeapCreate
TlsGetValue
FindFirstFileExW
OpenProcess
GetEnvironmentStringsW
VirtualFree
LCMapStringW
GetCurrentProcess
ExitProcess
InterlockedDecrement
HeapReAlloc
HeapDestroy
InterlockedExchange
SetHandleCount
GetModuleFileNameA
LoadLibraryA
GetCPInfo
VirtualQueryEx
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetSystemTimeAsFileTime
UnhandledExceptionFilter
GetModuleHandleA
GetStringTypeA
FlushInstructionCache
TlsAlloc
OpenEventA
VirtualAllocEx
TerminateProcess
WideCharToMultiByte
GetCommandLineW
GetStartupInfoW
SetLastError
OpenMutexA
GetCurrentProcessId
InterlockedIncrement
GetLastError
QueryPerformanceCounter
FreeEnvironmentStringsW
GetVersion

advapi32

CryptDuplicateHash
CryptSetProviderA
RevertToSelf
CryptVerifySignatureA
InitializeSecurityDescriptor
LookupPrivilegeDisplayNameA
LookupAccountNameA
RegRestoreKeyW
RegDeleteKeyA
StartServiceA
ReportEventA

shell32

SHBrowseForFolderW
ExtractIconExW
SHLoadInProc

user32

GetInputDesktop
SetWindowsHookExW
VkKeyScanW
CharPrevW
ScrollWindow
CreateWindowExA
RegisterClassA
RegisterClassExA
WindowFromPoint
GetCursorPos
DdeImpersonateClient
ShowWindow
MessageBoxW

gdi32

GetTextFaceA
SetBitmapDimensionEx
GetPixelFormat
CreateHatchBrush
GetTextCharsetInfo
PolyPolyline
StretchDIBits
ExcludeClipRect
EnumFontFamiliesW
GetCharWidthW
GetTextCharset
CreateColorSpaceW
ExtEscape
TextOutW
SetDIBitsToDevice
SetWindowExtEx
EndDoc
SetDIBits
SetPaletteEntries

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d310b633cde55f684ae7dd125288daa0

Headers

File Characteristics

PDB Paths

Imports

wininet

comctl32

kernel32

advapi32

shell32

user32

gdi32

Sections

.text Size: 348KB - Virtual size: 347KB

.rdata Size: 47KB - Virtual size: 54KB

.data Size: 115KB - Virtual size: 115KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 348KB - Virtual size: 347KB

.rdata
Size: 47KB - Virtual size: 54KB

.data
Size: 115KB - Virtual size: 115KB

.rsrc
Size: 10KB - Virtual size: 10KB