d27ef65289f9bcc2e64ed1b7dc1ca2ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d27ef65289f9bcc2e64ed1b7dc1ca2ec_JaffaCakes118
Size

748KB
MD5

d27ef65289f9bcc2e64ed1b7dc1ca2ec
SHA1

ea4eb7257db3b2c25c51067ddc3d9980f2985fc4
SHA256

72d010eb7cfd2f86f9177999d00d7f0d22089c825d8e0d929c7cf7809cbbfbfd
SHA512

0dadf673bb3ae392d4624ebb65a825f93db670e4d4a51a956a1132963e6950da76380904fc1bc9151be25db99e2dc306696e4f1fcc61447faaa846b40ced71fc
SSDEEP

12288:6Xd44Fd4+yCDWR13ZNs57RQrp+ueWnBdJjAFXE2TrKG:KTM9m5lQReWnBdJjAZTrKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d27ef65289f9bcc2e64ed1b7dc1ca2ec_JaffaCakes118

Files

d27ef65289f9bcc2e64ed1b7dc1ca2ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5d6d811a971acee441c70536be2c5fd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCrackUrlA
FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetGetCookieA
InternetGetConnectedState
InternetReadFile

shlwapi

SHSetValueA
PathIsDirectoryA
PathFindExtensionA
PathRemoveFileSpecA
PathFileExistsA
SHGetValueA
PathAppendA
PathFindFileNameA
PathIsUNCA
PathStripToRootA

advapi32

InitializeSecurityDescriptor
RegQueryValueA
RegEnumKeyA
RegOpenKeyA
SetSecurityDescriptorDacl
SetNamedSecurityInfoA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

kernel32

GetFileAttributesA
CreateDirectoryA
FreeResource
ReadFile
SetFilePointer
LocalAlloc
RaiseException
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
CreateSemaphoreA
ReleaseSemaphore
CreateEventA
MoveFileA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
GetThreadLocale
DuplicateHandle
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
SetThreadPriority
ResumeThread
TerminateProcess
SuspendThread
SystemTimeToFileTime
SetFileAttributesA
GlobalGetAtomNameA
GlobalDeleteAtom
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalAddAtomA
lstrcmpW
GlobalFindAtomA
GetModuleFileNameW
InterlockedDecrement
GetUserDefaultLCID
InterlockedIncrement
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
GetCPInfo
GetOEMCP
RtlUnwind
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
ExitProcess
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
HeapSize
GetACP
HeapDestroy
HeapCreate
VirtualFree
GetConsoleCP
GetConsoleMode
GetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
SetHandleCount
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoW
SetEnvironmentVariableA
FormatMessageA
LocalFree
SetLastError
CreateMutexA
FreeLibrary
OpenProcess
GetModuleHandleA
GetVersionExA
Sleep
WriteFile
LoadLibraryA
GetProcAddress
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
SetUnhandledExceptionFilter
lstrlenA
CompareStringW
GetVersion
InterlockedExchange
CreateFileA
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
GetTempPathA
GetModuleFileNameA
GetShortPathNameA
CopyFileA
MoveFileExA
MultiByteToWideChar
GetTempFileNameA
lstrcmpA
CompareStringA
WaitForSingleObject
DeleteFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLastError
GetSystemTime
GetTimeZoneInformation
SetEvent
CreateFileW

user32

IsDialogMessageA
ShowWindow
DestroyMenu
GetSysColorBrush
ReleaseDC
GetDC
LoadCursorA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
UnregisterClassA
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuItemCount
GetSubMenu
wsprintfA
MessageBoxA
GetForegroundWindow
SetForegroundWindow
GetMenu
GetWindow
IsWindowVisible
FindWindowExA
PostMessageA
GetClientRect
SetWindowTextA
GetWindowThreadProcessId
GetSystemMetrics
EnableWindow
SetTimer
GetWindowTextA
GetCursorPos
LoadIconA
SendDlgItemMessageA
WinHelpA
EnumWindows
GetClassNameA
GetParent
RegisterWindowMessageA
SendMessageTimeoutA
CharUpperA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetWindowPos
GetMenuItemID

gdi32

SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
RectVisible
GetDeviceCaps
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize
CoGetMalloc
StringFromIID
CoCreateInstance

oleaut32

SysAllocString
VariantInit
VariantChangeType
SysFreeString
SysAllocStringLen
VariantClear

ws2_32

WSAStartup
WSACleanup

Sections

.text
Size: 600KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d6d811a971acee441c70536be2c5fd8

Headers

File Characteristics

Imports

version

wininet

shlwapi

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

ole32

oleaut32

ws2_32

Sections

.text Size: 600KB - Virtual size: 598KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 12KB - Virtual size: 131KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 600KB - Virtual size: 598KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 12KB - Virtual size: 131KB

.rsrc
Size: 16KB - Virtual size: 15KB