cfe4cfd7b3bca3638b3e174533ce4c96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

cfe4cfd7b3bca3638b3e174533ce4c96_JaffaCakes118
Size

384KB
MD5

cfe4cfd7b3bca3638b3e174533ce4c96
SHA1

1c5b2878610ae85504bbdeb06f5f6d300c7b7cc2
SHA256

70f63c2eb32473d741410bde645463c3386839fc13a16d17c6df93ba8ecc4db3
SHA512

1b3aa781e75d4fd81979282be8e0498a7e243c54b00902c33ceaf8e1207154ec822869bce512d5dab82643b476c9659c288b904f7796c22bcbccf52aec01131e
SSDEEP

6144:k+0zlrE9YpOdBDtHIfNI6i68FnNa/fDfsPm6q7F9qfgU56Auu/X:k3zJE9YpGDZ6I6i6OCfAPu7F9qfgU5Tt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfe4cfd7b3bca3638b3e174533ce4c96_JaffaCakes118

Files

cfe4cfd7b3bca3638b3e174533ce4c96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0016d58550c518a7ae0645089597520

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\hqo\

Imports

wininet

DeleteUrlCacheGroup
FtpCreateDirectoryA
SetUrlCacheEntryGroupW
InternetTimeFromSystemTimeW
FtpGetCurrentDirectoryA
InternetQueryDataAvailable
HttpSendRequestExW
CommitUrlCacheEntryW

kernel32

IsDebuggerPresent
GetCommandLineA
GetEnvironmentStringsW
GetSystemTimeAsFileTime
ExitProcess
GetOEMCP
GetProcessHeap
HeapFree
WriteFile
GetCPInfo
GlobalAddAtomW
CompareStringW
CreateMutexA
LCMapStringW
GetVersionExA
GetStringTypeA
GetConsoleOutputCP
GetTickCount
GetProcAddress
CloseHandle
VirtualQuery
WideCharToMultiByte
EnterCriticalSection
GetACP
VirtualAlloc
SetFileAttributesW
GetLastError
GetFileType
IsValidCodePage
SetConsoleCtrlHandler
EnumResourceNamesW
GetUserDefaultLCID
RtlUnwind
HeapCreate
GetStdHandle
SetUnhandledExceptionFilter
InterlockedDecrement
ReadFile
HeapAlloc
FreeLibrary
GetLocaleInfoA
GetStringTypeW
GetProfileSectionA
TlsSetValue
LCMapStringA
EnumSystemLocalesA
LeaveCriticalSection
GetConsoleCP
GetModuleFileNameA
ReadConsoleOutputCharacterA
Sleep
CreateFileA
UnhandledExceptionFilter
VirtualFree
QueryPerformanceCounter
GetTimeFormatA
SetHandleCount
GetModuleHandleA
GetThreadContext
DeleteCriticalSection
GetCurrentThread
GetLocaleInfoW
TlsGetValue
GetFileSize
DeleteFileW
HeapSize
SetStdHandle
GetStartupInfoA
FlushFileBuffers
LoadLibraryA
LocalFileTimeToFileTime
TerminateProcess
SystemTimeToTzSpecificLocalTime
FreeEnvironmentStringsA
SetEnvironmentVariableA
TlsAlloc
MoveFileExW
SetFilePointer
IsValidLocale
WriteConsoleA
GetCurrentProcess
GetConsoleMode
GetTimeZoneInformation
TlsFree
GetTempFileNameW
CompareStringA
HeapDestroy
GetCurrentThreadId
InterlockedIncrement
GetEnvironmentStrings
InterlockedExchange
lstrcpyn
HeapReAlloc
GetThreadLocale
SetLastError
WriteConsoleW
MultiByteToWideChar
GetThreadSelectorEntry
OpenMutexA
GetCurrentProcessId
InitializeCriticalSection
FreeEnvironmentStringsW
GetDateFormatA

user32

TranslateMessage
DefWindowProcA
GetWindowDC
RegisterClassA
InSendMessage
GetScrollPos
DdeQueryConvInfo
CopyImage
UnhookWinEvent
SetScrollRange
GetClassInfoExA
RegisterClassExW
GetSystemMetrics
GetTopWindow
SetClassWord
DestroyWindow
WaitForInputIdle
LoadAcceleratorsW
MapVirtualKeyA
DrawStateW
DefMDIChildProcW
IsCharAlphaNumericA
GetCursorPos
SetMenuContextHelpId
RegisterClassExA
GetGUIThreadInfo
FreeDDElParam
SetDeskWallpaper
wvsprintfA
LoadMenuIndirectA
EnableMenuItem
MessageBoxW
CheckRadioButton
CreateWindowExA
ValidateRect
ChildWindowFromPointEx
OemToCharBuffW
LoadCursorFromFileA
GetWindowContextHelpId
SendMessageA
MessageBoxA
ChangeDisplaySettingsExW
RemoveMenu
DeleteMenu
SetCapture
CreateAcceleratorTableW
GetWindowInfo
DlgDirListW
GetMessagePos
GetUpdateRgn
CloseWindowStation
ShowWindow
MonitorFromPoint

advapi32

RegCreateKeyA
CryptCreateHash
LogonUserW
InitiateSystemShutdownA
RegSetValueW
CryptDestroyKey
LookupSecurityDescriptorPartsA
AbortSystemShutdownA
RegDeleteKeyW
CryptEncrypt
RegOpenKeyW
StartServiceW
DuplicateToken
LookupAccountNameA

comctl32

ImageList_GetBkColor
InitCommonControlsEx
ImageList_Copy
GetEffectiveClientRect
CreatePropertySheetPageW
CreateUpDownControl
ImageList_DrawIndirect
ImageList_Merge
DrawStatusText
DrawStatusTextA
CreateMappedBitmap
ImageList_GetIconSize
ImageList_Create
ImageList_BeginDrag
ImageList_Write
ImageList_LoadImage
CreateStatusWindowA
ImageList_Remove
ImageList_GetImageCount
ImageList_SetFlags
ImageList_GetIcon
DrawInsert

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b0016d58550c518a7ae0645089597520

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

user32

advapi32

comctl32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 96KB - Virtual size: 117KB

.rsrc Size: 64KB - Virtual size: 63KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 96KB - Virtual size: 117KB

.rsrc
Size: 64KB - Virtual size: 63KB