d09d2fe7db804d734348b84f9ecd12b5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d09d2fe7db804d734348b84f9ecd12b5_JaffaCakes118
Size

118KB
MD5

d09d2fe7db804d734348b84f9ecd12b5
SHA1

e3618cdfa4d4b391a9f6805a106c3f6f0a3aa067
SHA256

aea2abae149c340d7686c69e052bcd929d677f41885b83b1a4a0d9be018223cb
SHA512

e6c19524560451896fcc198c7743ebf23d030b59a2dddd6f6ce6a49b66ebf77f53bfd2c9a700704e3fe1b5146b4e983aad76a604cb79c6312404c5f96c43380a
SSDEEP

3072:22/QKLrFIeYMjeyzLzw3RA3Hd5p85qN5hOG1RJxEQ0SD:bQKPFUMSyz+6d52I/j1ey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d09d2fe7db804d734348b84f9ecd12b5_JaffaCakes118

Files

d09d2fe7db804d734348b84f9ecd12b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ac06fdc03e3d9733cdf5db55b868a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryOptionA
InternetGetConnectedState
InternetTimeToSystemTime
InternetCombineUrlA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

setupapi

SetupIterateCabinetA

kernel32

CloseHandle
ResumeThread
InterlockedDecrement
EnterCriticalSection
GetTempPathA
GlobalAlloc
GetTickCount
GetWindowsDirectoryA
GlobalLock
FindResourceA
GlobalUnlock
LeaveCriticalSection
LoadResource
RaiseException
MulDiv
LockResource
GetFileAttributesA
SizeofResource
DeleteCriticalSection
GetLocalTime
CreateFileA
GetPrivateProfileStringA
GetCurrentThreadId
WriteFile
FlushInstructionCache
GlobalHandle
SetLastError
WritePrivateProfileStringA
InitializeCriticalSection
lstrlenW
MultiByteToWideChar
lstrcmpA
GetVersionExA
WideCharToMultiByte
Sleep
GetExitCodeProcess
GetStringTypeExA
FindFirstFileA
GetThreadLocale
CompareStringA
lstrcmpiA
FindNextFileA
FindClose
GetCurrentProcess
lstrcpyA
FindResourceExA
GetTempFileNameA
RemoveDirectoryA
FreeLibrary
IsDBCSLeadByte
GetModuleHandleA
LoadLibraryExA
CreateMutexA
LoadLibraryA
GetProcAddress
InterlockedExchange
ReadFile
SetEndOfFile
SetFilePointer
GetFileSize
SystemTimeToFileTime
FileTimeToSystemTime
LocalAlloc
InterlockedIncrement
SetPriorityClass
DeleteFileA
GlobalFree
GetCurrentThread
GetCommandLineA
SetThreadPriority
CreateProcessA
CreateDirectoryA
GetShortPathNameA
lstrcpynA
lstrlenA
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
GetSystemTimeAsFileTime
HeapDestroy
HeapReAlloc
HeapSize
DebugBreak
GetStartupInfoA
ExitProcess
VirtualProtect
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetLastError

user32

SetRect
AdjustWindowRectEx
SystemParametersInfoA
ShowWindow
GetWindowRect
GetTopWindow
OffsetRect
SendDlgItemMessageA
IsDialogMessageA
LoadImageA
GetSystemMetrics
IsIconic
MapWindowPoints
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetClassNameA
DestroyAcceleratorTable
BeginPaint
SetCapture
IsChild
GetParent
ReleaseCapture
GetClientRect
GetFocus
GetWindowTextA
CharUpperBuffA
GetDlgItem
SetFocus
SetWindowTextA
CallWindowProcA
SetWindowLongA
UnregisterClassA
FillRect
DestroyWindow
CreateDialogIndirectParamA
SetWindowPos
IsWindow
InvalidateRect
SendMessageA
GetClassInfoExA
CreateWindowExA
SetWindowContextHelpId
BringWindowToTop
CreateAcceleratorTableA
EndPaint
MapDialogRect
SetForegroundWindow
LoadCursorA
AttachThreadInput
CharNextA
RegisterClassExA
RedrawWindow
GetDC
GetWindowThreadProcessId
ReleaseDC
GetForegroundWindow
GetDesktopWindow
DefWindowProcA
ClientToScreen
ScreenToClient
PostMessageA
wsprintfA
PostQuitMessage
wvsprintfA
SetTimer
MoveWindow
RegisterWindowMessageA
GetSysColor
KillTimer
GetWindowLongA
GetWindowTextLengthA
InvalidateRgn
GetWindow

gdi32

DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
GetStockObject
GetObjectA
BitBlt
SelectObject
GetDeviceCaps

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteExA

ole32

OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateGuid
CoGetClassObject
CreateBindCtx
CoCreateInstance
OleInitialize
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

VariantInit
VarI4FromStr
VarUI4FromStr
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString
VariantClear
DispCallFunc
LoadRegTypeLi
LoadTypeLi

shlwapi

PathGetArgsA
PathRemoveFileSpecA

urlmon

CreateAsyncBindCtx
RegisterBindStatusCallback
CreateURLMoniker

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ac06fdc03e3d9733cdf5db55b868a95

Headers

File Characteristics

Imports

wininet

version

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB