d2da6f36ee2ddc538712d572850d2909_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2da6f36ee2ddc538712d572850d2909_JaffaCakes118
Size

1.1MB
MD5

d2da6f36ee2ddc538712d572850d2909
SHA1

b3d346cda7a7983ff265fb56b5eab97c3a324c55
SHA256

558122201c8b02e2d6a595aa010e988259a1dd69830688eca956b084eff67bcc
SHA512

42fd39eed4c282280d866286001e5462bac807fe36e5646c2fdde4d1f34ab30035140d7c10c9913f2ca759ee5e28635969d65b069e716c480e2673cadc613e4a
SSDEEP

24576:fbId8rovqcUknorrRHzv2Nk7tq0zqHL0+p1BZ6HKkeMCVleIN5fCz+TJH:fbj2fCz+Td

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2da6f36ee2ddc538712d572850d2909_JaffaCakes118

Files

d2da6f36ee2ddc538712d572850d2909_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a53fa236b90a28af25e8bd6955892fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

PropertySheetA

wininet

InternetQueryOptionA
InternetSetOptionA
InternetCloseHandle
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetAttemptConnect
InternetGetConnectedState

kernel32

HeapFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
GetACP
GetCurrentProcess
LocalFree
LocalAlloc
GetVersionExA
GetVolumeInformationA
GetDriveTypeA
SetErrorMode
FlushFileBuffers
GetWindowsDirectoryA
DeviceIoControl
SetLastError
CreateSemaphoreA
GetProcessHeap
GetFullPathNameA
GetComputerNameW
GetShortPathNameA
GetLocaleInfoA
QueryPerformanceCounter
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapSize
LCMapStringW
LCMapStringA
ExitProcess
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoA
GetCommandLineA
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDateFormatA
GetTimeFormatA
CreateThread
ExitThread
RtlUnwind
GetSystemTimeAsFileTime
SetEnvironmentVariableA
CompareStringW
GetEnvironmentStringsW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualProtect
CloseHandle
SetFilePointer
ReadFile
GetCurrentProcessId
GetTempPathA
MulDiv
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
SetCurrentDirectoryA
RemoveDirectoryA
ReleaseMutex
CreateMutexA
OpenMutexA
GetLocalTime
lstrlenA
WideCharToMultiByte
InterlockedDecrement
GlobalAlloc
GetSystemTime
SystemTimeToFileTime
GetVersion
GlobalLock
GlobalUnlock
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
SetEndOfFile
GetSystemDirectoryA
GetFileTime
SetFileTime
CreateDirectoryA
MoveFileA
GetFileSize
DeleteFileA
GetComputerNameA
FileTimeToLocalFileTime
Sleep
FileTimeToSystemTime
InitializeCriticalSection
CreateEventA
ResumeThread
SetEvent
InterlockedIncrement
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
DeleteCriticalSection
GetDiskFreeSpaceA
FormatMessageA
OpenProcess
TerminateProcess
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
GetTickCount
MultiByteToWideChar
WriteFile
CreateFileA

user32

BeginDeferWindowPos
EndDeferWindowPos
UpdateWindow
LoadKeyboardLayoutA
ActivateKeyboardLayout
UnloadKeyboardLayout
CharLowerA
GetKeyboardLayout
ToAsciiEx
GetKeyNameTextA
ExitWindowsEx
WinHelpA
GetDesktopWindow
SendMessageW
GetDlgCtrlID
GetWindowTextLengthA
EnumDisplaySettingsA
LoadMenuA
GetSubMenu
DispatchMessageA
TranslateMessage
IsDialogMessageA
IsWindow
WindowFromPoint
CheckMenuItem
TrackPopupMenuEx
MapWindowPoints
LoadIconA
RegisterClassExA
SetCapture
GetCapture
ReleaseCapture
DeferWindowPos
InvalidateRect
RedrawWindow
PtInRect
SetRect
GetFocus
DrawFocusRect
LoadStringA
EmptyClipboard
SetClipboardData
SetParent
GetSysColorBrush
FillRect
ReleaseDC
LoadImageA
SetTimer
GetKeyState
GetDC
SetForegroundWindow
IsWindowVisible
LoadCursorA
SetCursor
CharNextA
CharPrevA
MapVirtualKeyExA
GetMessageA
EndDialog
DestroyWindow
SetPropA
RemovePropA
GetPropA
DialogBoxParamA
ShowWindow
CreateDialogParamA
SendMessageA
GetWindowThreadProcessId
GetClassNameA
FindWindowA
EnumWindows
MessageBoxA
CheckRadioButton
SetFocus
ScreenToClient
SendDlgItemMessageA
IsDlgButtonChecked
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
EnableWindow
CheckDlgButton
IsWindowEnabled
OpenClipboard
EnumChildWindows
MapVirtualKeyA
LoadBitmapA
GetClipboardData
CloseClipboard
GetWindowTextA
GetDlgItem
SetWindowTextA
CallWindowProcA
BeginPaint
GetClientRect
DrawTextA
EndPaint
MoveWindow
GetWindowRect
GetSystemMetrics
SetWindowPos
GetParent
KillTimer
UnregisterClassA
RegisterClassA
CreateWindowExA
GetWindowLongA
DefWindowProcA
SetWindowLongA
GetCursorPos
PostMessageA
wsprintfA
wsprintfW
GetForegroundWindow

gdi32

RealizePalette
SelectPalette
CreateHalftonePalette
CreateBitmap
CreateFontA
GetTextExtentPointA
TextOutA
CreatePen
MoveToEx
LineTo
CreateCompatibleBitmap
GetStockObject
SetBkColor
BitBlt
CreateBrushIndirect
GetDeviceCaps
CreatePatternBrush
CreateCompatibleDC
DPtoLP
GetMapMode
SetMapMode
StretchBlt
DeleteDC
CreateSolidBrush
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
SelectObject
SetBkMode
SetTextColor
DeleteObject

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
InitiateSystemShutdownA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA
RegSetKeySecurity
RegGetKeySecurity
GetTokenInformation
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegDeleteValueA
RegCloseKey

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree
StringFromCLSID
OleUninitialize
OleInitialize
CoReleaseMarshalData
CoMarshalInterface
CreateStreamOnHGlobal
CoUnmarshalInterface
CoGetClassObject
OleSetContainedObject

oleaut32

SysFreeString
SysAllocString
VariantClear
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
VariantInit
DispGetParam

rpcrt4

NdrServerCall2
RpcMgmtStopServerListening
RpcServerUnregisterIf
RpcServerUseProtseqEpA
RpcServerRegisterIf
RpcServerListen

Sections

.text
Size: 740KB - Virtual size: 736KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a53fa236b90a28af25e8bd6955892fb

Headers

File Characteristics

Imports

comctl32

wininet

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

rpcrt4

Sections

.text Size: 740KB - Virtual size: 736KB

.rdata Size: 276KB - Virtual size: 275KB

.data Size: 32KB - Virtual size: 31KB

.rsrc Size: 124KB - Virtual size: 122KB

.text
Size: 740KB - Virtual size: 736KB

.rdata
Size: 276KB - Virtual size: 275KB

.data
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 124KB - Virtual size: 122KB