d11684c8498be98d2cd795e05861d605_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d11684c8498be98d2cd795e05861d605_JaffaCakes118
Size

158KB
MD5

d11684c8498be98d2cd795e05861d605
SHA1

3ef9a26c9e0ac1e820baf5dc2d4b90f5fba1c65d
SHA256

dea1aefd0b7f0ee52eae7ec1b488149e654903e99059514bbba09d5564717452
SHA512

564a6a5180308098a5b2136ecb4814a4a2b92deea45122d134b7376ab8831a4e19dbfbe7eb57076792024e18ed615900c0f612a705c276c52f8a1810cd2e8484
SSDEEP

3072:VCT+m2JdQbyGkwGJ4EMsnCHDhYR9JbuEr06+BgSxPblSeZ2g+D84ESP:4Ty1XwAO+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d11684c8498be98d2cd795e05861d605_JaffaCakes118

Files

d11684c8498be98d2cd795e05861d605_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e287a924bf8022687f23a7180317651d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

Imports

wininet

InternetGoOnline
FindCloseUrlCache
FindNextUrlCacheGroup
FindFirstUrlCacheEntryW
GetUrlCacheEntryInfoA

user32

GetMenuStringA
SetForegroundWindow
SetCursor
LookupIconIdFromDirectoryEx
SetWindowLongW
DeleteMenu
GetMenuState
IsIconic
LoadCursorW
GetMenuStringW
RegisterClassExW
GetWindowLongW
CloseClipboard
DefMDIChildProcA
GetComboBoxInfo
GetWindowPlacement
DestroyWindow
SendMessageW
GetSystemMetrics
GetDlgItem
GetScrollPos
FlashWindow
IsWindowUnicode
CreateIconFromResource
RemoveClipboardFormatListener
DestroyCursor
GetWindowTextW
DrawIcon
InsertMenuItemA
MessageBeep
GetCursorInfo
GetMessageExtraInfo
GetWindowRect
GetWindowLongA
GetRawInputDeviceInfoW
GetClassInfoExA
GetCapture
UpdateWindow
GetMessageW
SetScrollPos
FillRect
CharNextW
LockWorkStation
GetSubMenu
GetSysColorBrush
LoadImageW
DrawFocusRect
GetPriorityClipboardFormat
LoadIconW
CreateWindowExW
GetSystemMenu
PostQuitMessage
SetActiveWindow
GetClipboardViewer
DrawStateW
DialogBoxParamW
SetWindowPos
GetUpdateRect
FindWindowW
LoadImageA
GetMessageA
FindWindowExW
EnumWindowStationsA
EnumWindows
GetShellWindow
CheckMenuItem
DefWindowProcW
OpenClipboard
GetWindowRgn
DrawTextW
InvalidateRect
LoadMenuIndirectA
LockSetForegroundWindow
GetKeyboardLayout
EnableWindow
SetWindowPlacement
GetForegroundWindow
PeekMessageW
CharUpperW

ntdll

strcspn
towupper
strncmp

gdi32

DeleteColorSpace
ExtSelectClipRgn
DescribePixelFormat
GetTextExtentPointA
GetCharWidthW
GetLayout
GetTextFaceW
GetLogColorSpaceA
GetCurrentPositionEx
GdiSetBatchLimit
GetClipBox
GetTextCharsetInfo
ExtEscape
GetFontData
GetTextExtentExPointW
GetRegionData
GetTextCharset
GetViewportOrgEx
GetPolyFillMode

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoTaskMemAlloc

msvcrt

ungetwc
fwrite
system
fgetws

secur32

FreeCredentialsHandle

mscms

GetColorProfileElement
GetColorDirectoryW
GetColorProfileHeader

winspool.drv

FindClosePrinterChangeNotification
DeletePrinter
DeletePrinterDriverW

kernel32

LocalAlloc
GetPrivateProfileStructW
GetTempFileNameW
GetCurrencyFormatW
GetUserDefaultLangID
GetFileInformationByHandle
WriteProfileStringA
GlobalGetAtomNameA
GetThreadSelectorEntry
EnumSystemCodePagesA
WriteProfileStringW
GetFileAttributesExW
FindNextVolumeW
IsWow64Process
FindFirstFileExW
GetDiskFreeSpaceExA
GetConsoleCursorInfo
GetVolumePathNameW
InterlockedExchange
MultiByteToWideChar
GlobalUnlock
GetPrivateProfileSectionA
FindActCtxSectionStringW
GetPrivateProfileSectionNamesW
EraseTape
GetFileAttributesW
GetComputerNameExW
GetPrivateProfileSectionW
GetTempFileNameA
GetFileAttributesA
lstrcatW
GetCompressedFileSizeA
GetProfileSectionA
GlobalFree
GetSystemTime
MapViewOfFile
FindNextFileA
FindResourceExA
GetTapeStatus
GetSystemWindowsDirectoryA
GetShortPathNameA
FindNLSString
GetUserDefaultUILanguage
DefineDosDeviceW
VirtualQuery
GlobalAddAtomA
GetCommTimeouts
GetConsoleDisplayMode
GetModuleFileNameW
GetFileSizeEx
VirtualAlloc
lstrcpynW
GlobalAddAtomW
GetModuleHandleA
GetConsoleMode
QueryIdleProcessorCycleTime
SetErrorMode
GetFileType
FlsGetValue
GetAtomNameA
GlobalLock
LoadLibraryExW
GlobalFindAtomA
GetSystemInfo
CreateFileMappingW
GetLocalTime
GetDateFormatW
HeapAlloc
GetCommProperties
FreeLibraryAndExitThread
UnmapViewOfFile
EnumSystemGeoID
GetPrivateProfileStringA
GlobalAlloc
LoadLibraryW
LocalFree
GetTimeFormatW
EnumResourceNamesW
GlobalHandle
FindResourceA
GetCurrentProcess

oleaut32

LoadTypeLibEx
VarCyMulI4

advapi32

LookupPrivilegeNameW
DecryptFileW
GetCurrentHwProfileA
GetCurrentHwProfileW
IsTextUnicode
LookupAccountNameA
CryptHashSessionKey
GetSidSubAuthorityCount
GetFileSecurityA
GetSidIdentifierAuthority
GetUserNameA
GetServiceDisplayNameA
EnumServicesStatusExW
GetTokenInformation
GetPrivateObjectSecurity
InitiateSystemShutdownA
GetFileSecurityW
LookupPrivilegeDisplayNameW
GetSecurityDescriptorControl

shell32

ExtractAssociatedIconA
ExtractIconExA
ExtractIconA

clusapi

GetClusterFromResource

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 112KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e287a924bf8022687f23a7180317651d

Headers

DLL Characteristics

File Characteristics

Imports

wininet

user32

ntdll

gdi32

ole32

msvcrt

secur32

mscms

winspool.drv

kernel32

oleaut32

advapi32

shell32

clusapi

Sections

.text Size: 36KB - Virtual size: 35KB

CODE Size: 112KB - Virtual size: 120KB

CONST Size: 7KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

CODE
Size: 112KB - Virtual size: 120KB

CONST
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB