bed4cde26bb2c6582bcda92335917e39_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bed4cde26bb2c6582bcda92335917e39_JaffaCakes118
Size

7.4MB
MD5

bed4cde26bb2c6582bcda92335917e39
SHA1

c1e7f50ecde45181397a363f979f5f6b6c2f7562
SHA256

0b19cae218748eab4730a6d0836ed6de4a179465d90bd42e59b9f4a39c1e3311
SHA512

0992658a2b02d677c0a0350a5b767576817edfa684e096fbd146ea58fd8a1c85d3c77752ad76c176bb859744918297c48ec9f889f07690093c2cdcd8ad828b92
SSDEEP

196608:NrnXwfD1Q8+qQG2BU7mUi4E79c+1N6I22M9Q/:dApQQQG2Ci95pM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bed4cde26bb2c6582bcda92335917e39_JaffaCakes118

Files

bed4cde26bb2c6582bcda92335917e39_JaffaCakes118
.exe windows:5 windows x86 arch:x86

074c25d04627613d1c05eee15fff4248

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalLock
GetModuleHandleW
lstrlenW
GetFileAttributesW
LoadLibraryW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
Sleep
GetModuleFileNameW
CopyFileW
WaitForMultipleObjects
RemoveDirectoryW
GetProcAddress
lstrcpyA
lstrcpynA
FreeLibrary
FindFirstFileW
FindNextFileW
FindClose
CreateThread
ResumeThread
SetEvent
ResetEvent
CreateDirectoryW
CreateEventW
InitializeCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
LoadLibraryExW
InterlockedDecrement
InterlockedIncrement
MulDiv
GetModuleHandleA
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GlobalFree
LocalFree
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSize
HeapReAlloc
HeapDestroy
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GlobalUnlock
lstrcmpiW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
SetLastError
RaiseException
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
GetLocaleInfoA
WaitForSingleObject
LocalAlloc
DeleteFileW
CloseHandle
WriteFile
SetFilePointer
CreateFileW
GetTempPathW
MultiByteToWideChar
lstrlenA
InterlockedCompareExchange
VirtualQuery

user32

UnregisterClassA
wsprintfW
TrackPopupMenuEx
SetCursor
GetWindowTextLengthW
DrawTextW
CopyRect
ReleaseCapture
SetCapture
SetWindowLongW
SendMessageW
RegisterClassExW
GetClassInfoExW
LoadCursorW
CreateWindowExW
GetWindowLongW
GetClientRect
BeginPaint
EndPaint
GetWindowDC
ReleaseDC
GetWindowRect
OffsetRect
InflateRect
GetWindowTextW
FillRect
FrameRect
MessageBoxW
SetWindowTextW
InvalidateRect
UpdateWindow
ShowWindow
PostMessageW
DestroyWindow
SetWindowPos
MapWindowPoints
GetParent
GetMonitorInfoW
MonitorFromWindow
GetWindow
ScreenToClient
SetForegroundWindow
TranslateAcceleratorW
DefWindowProcW
CallWindowProcW
GetDlgItem
CheckMenuRadioItem
AppendMenuW
CreatePopupMenu
PtInRect
MonitorFromPoint
RemoveMenu
IsWindow
MessageBeep
GetMenuItemCount
DestroyMenu
LoadImageW
GetDC
SetFocus
PostQuitMessage
LoadStringA
LoadAcceleratorsW
LoadMenuW
LoadStringW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CharNextW
SetMenuDefaultItem
GetMenuItemInfoW
SetMenuItemInfoW

gdi32

DPtoLP
GetDeviceCaps
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SetPixelV
SetTextColor
SetBkMode
DeleteDC
CreateSolidBrush
CreateFontW
DeleteObject
CreateFontIndirectW

advapi32

RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW

shell32

ShellExecuteExW
ShellExecuteW

ole32

CoCreateInstance
CLSIDFromProgID
CoInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr
SysAllocString

shlwapi

PathAddBackslashW
StrCmpW
StrRChrW
PathFindFileNameW
StrCmpNIW
StrCpyW
PathAppendW
StrToIntW
StrCatW
StrCmpNIA
StrToIntA
StrCmpIW
PathFindExtensionW

comctl32

InitCommonControlsEx

gdiplus

GdipDeleteFontFamily
GdipDisposeImage
GdipDrawString
GdipSetTextRenderingHint
GdipCloneBrush
GdipDeleteBrush
GdipCreateSolidFill
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDeleteFont
GdipCreateFontFamilyFromName
GdipAlloc
GdipGetGenericFontFamilySansSerif
GdipCreateFont
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCloneImage
GdipFree

winhttp

WinHttpQueryDataAvailable
WinHttpOpen
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpReadData
WinHttpAddRequestHeaders
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpOpenRequest
WinHttpConnect

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

074c25d04627613d1c05eee15fff4248

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

winhttp

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 6KB - Virtual size: 15KB

.rsrc Size: 7.2MB - Virtual size: 7.2MB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 6KB - Virtual size: 15KB

.rsrc
Size: 7.2MB - Virtual size: 7.2MB

.reloc
Size: 11KB - Virtual size: 10KB