c9364c27598330f4f408b18661daafff_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c9364c27598330f4f408b18661daafff_JaffaCakes118
Size

264KB
MD5

c9364c27598330f4f408b18661daafff
SHA1

eb9b8e223ab529840929219ee2baf90f38c9f21e
SHA256

e5ca24f4471b3cdde59d74cf13eff4f72893a5f6bf8c3335cc6d6b5c8fa0f918
SHA512

de5c94f77eb04c7600c22bb08a81cd8721dc5495cd7cf83c2326fa602de857550df322f620e3617665dad93989fef614c7116e56e818af39beb858e3612a3419
SSDEEP

3072:6q7VGPubQMRxw8wMySyp7d58pki50vtEyrQ6724zbdua/yDsj9qDU8rIY/hFOU7U:6q7uCQaatMKrk5mhrU4kO9qDD/hb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9364c27598330f4f408b18661daafff_JaffaCakes118

Files

c9364c27598330f4f408b18661daafff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4ca89149bc9bdfcd38744c2991d7f9f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
GlobalFree
GlobalHandle
HeapAlloc
HeapFree
InitializeCriticalSection
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalFree
LocalReAlloc
LockResource
QueryPerformanceCounter
ReadFile
SetErrorMode
GlobalAlloc
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpA
lstrcmpW
GlobalAddAtomW
GetVolumeInformationW
GetVersion
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStringTypeA
GetProcessHeap
GetOEMCP
GetModuleHandleA
GetLocaleInfoW
GetLocaleInfoA
GetLastError
GetFullPathNameW
GetFileTime
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetConsoleMode
GetCommandLineA
GetCPInfo
GetBinaryTypeW
FreeLibraryAndExitThread
FreeEnvironmentStringsW
FreeLibrary
FindResourceW
FileTimeToLocalFileTime
EnumSystemLocalesA
DuplicateHandle
CreateHardLinkA
CreateFileW
CreateFileA
CreateDirectoryW
ConvertDefaultLocale
SetFileAttributesW
CloseHandle

gdi32

StartPage
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkColor
SelectObject
OffsetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetStockObject
GetMapMode
GetDeviceCaps
GetClipBox
ExtTextOutW
ExtSelectClipRgn
Escape
DeleteObject
CreateSolidBrush
CreateRectRgnIndirect
CreateFontIndirectW
CreateCompatibleDC
CreateBitmap
TextOutW

wininet

GetUrlCacheEntryInfoExW
GetUrlCacheEntryInfoW
HttpOpenRequestW
HttpSendRequestW
InternetGetLastResponseInfoW
InternetOpenW
InternetReadFile
GetUrlCacheConfigInfoW

oleaut32

SysAllocString
SysAllocStringLen
SysStringLen
SystemTimeToVariantTime
VarDecFromBool
VarR8Pow
VariantChangeType
VariantClear
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
OleCreateFontIndirect
VariantInit

user32

DefWindowProcW
DestroyWindow
DispatchMessageW
DrawTextExW
DrawTextW
EnableMenuItem
EndDialog
EndPaint
EnumDisplayDevicesA
EqualRect
GetClassInfoExW
GetClassInfoW
GetClassLongW
GetClassNameW
GetClientRect
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemID
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetPropW
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowDC
GetWindowTextLengthW
GetWindowTextW
GrayStringW
IntersectRect
InvalidateRect
InvalidateRgn
IsChild
CreateWindowExW
IsWindow
IsWindowEnabled
IsWindowVisible
BeginPaint
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
OffsetRect
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RegisterClipboardFormatW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetRect
SetWindowContextHelpId
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoA
TabbedTextOutW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UpdateWindow
ValidateRect
WinHelpW
AdjustWindowRectEx
CopyRect
CopyAcceleratorTableW
CharUpperW
IsIconic
CharNextW
LoadBitmapW

comdlg32

PageSetupDlgA
PageSetupDlgW
ChooseFontW
GetFileTitleW

shell32

DoEnvironmentSubstW
SHGetSpecialFolderPathW
ShellExecuteW
SHGetFolderPathW

winspool.drv

OpenPrinterW
GetPrintProcessorDirectoryW
EnumPrinterDataW
DocumentPropertiesW
ClosePrinter

advapi32

GetTrusteeTypeW
OpenTraceW
RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegOpenKeyW
RegQueryValueW
RegSetValueExW
RegisterEventSourceW
AddUsersToEncryptedFile

Sections

.text
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ca89149bc9bdfcd38744c2991d7f9f6

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

oleaut32

user32

comdlg32

shell32

winspool.drv

advapi32

Sections

.text Size: 53KB - Virtual size: 56KB

.rdata Size: 147KB - Virtual size: 148KB

.data Size: 35KB - Virtual size: 152KB

.idata Size: 6KB - Virtual size: 7KB

.rsrc Size: 21KB - Virtual size: 23KB

.text
Size: 53KB - Virtual size: 56KB

.rdata
Size: 147KB - Virtual size: 148KB

.data
Size: 35KB - Virtual size: 152KB

.idata
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 21KB - Virtual size: 23KB