bd9b31060000d68a3c423bc702cc9246_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bd9b31060000d68a3c423bc702cc9246_JaffaCakes118
Size

340KB
MD5

bd9b31060000d68a3c423bc702cc9246
SHA1

374615b6e4a60cc9c22afdd2c152e37df69dd450
SHA256

37adb195d79a1cc7aaf502ac649579136d819b6ba6a54cbb18b248e1ed9bbec6
SHA512

db300e267c58a4faa5528e6f109f0defa580f5faf14a06c2dbba16c159b4dfa5a015afeca6cb6a55d43726875f157e910d80437b92b386e4a850eb9708437d7e
SSDEEP

6144:yUhFHurhJG+dJo0BMi7Q47uJ+9ML8Suk16bUbOm:yUhFHurPQ47w+mQkfb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd9b31060000d68a3c423bc702cc9246_JaffaCakes118

Files

bd9b31060000d68a3c423bc702cc9246_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c293c4bf6fd1748deade2f751e7406b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetCookieA
InternetSetCookieA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

kernel32

CloseHandle
Process32Next
lstrlenA
GetModuleHandleA
LocalSize
lstrcpyn
RtlMoveMemory
LocalAlloc
RtlFillMemory
LocalFree
GetCurrentProcess
ReadProcessMemory
GetProcessHeap
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
WriteFile
SetFilePointer
ReadFile
GetFileSize
GetLocalTime
GetTickCount
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
RaiseException
VirtualAlloc
TerminateProcess
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcAddress
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
GetVersion
GetCommandLineA
GetStartupInfoA
OpenProcess
Process32First
CreateToolhelp32Snapshot
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
LCMapStringW

user32

PeekMessageA
wsprintfA
GetCursorPos
SetWindowPos
SetWindowRgn
DestroyWindow
DispatchMessageA
GetMessageA
EqualRect
IntersectRect
SetWindowLongA
GetWindowLongA
PostQuitMessage
CreateWindowExA
SetWindowTextA
GetWindowTextLengthA
IsWindow
EnableWindow
UpdateWindow
ShowWindow
GetWindowRect
CallWindowProcA
ReleaseDC
FillRect
GetSysColor
GetDC
DefWindowProcA
TrackMouseEvent
SendMessageA
GetParent
InvalidateRect
EndPaint
BeginPaint
MoveWindow
LoadCursorA
LoadIconA
RegisterClassExA
GetClassInfoExA
GetClassNameA
GetWindowTextA
GetWindowThreadProcessId
IsWindowVisible
EnumWindows
MessageBoxA
TranslateMessage

shell32

ShellExecuteA

gdi32

CombineRgn
GetPixel
CreateRectRgn
CreateDIBitmap
SetTextColor
TextOutA
SetBkColor
DeleteObject
CreatePatternBrush
StretchBlt
CreateSolidBrush
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
GetObjectA
CreateFontA

msimg32

TransparentBlt

shlwapi

StrDupA

Sections

.text
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c293c4bf6fd1748deade2f751e7406b1

Headers

File Characteristics

Imports

wininet

kernel32

user32

shell32

gdi32

msimg32

shlwapi

Sections

.text Size: 204KB - Virtual size: 203KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 76KB

.rsrc Size: 100KB - Virtual size: 97KB

.text
Size: 204KB - Virtual size: 203KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 76KB

.rsrc
Size: 100KB - Virtual size: 97KB