d74035b53823c2295337826e06edb98f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d74035b53823c2295337826e06edb98f_JaffaCakes118
Size

664KB
MD5

d74035b53823c2295337826e06edb98f
SHA1

46830c5000f1449160121c4b75db4e101e9df41d
SHA256

15ecfa422389b878928d5f93e9da5f6707a1f27a7c827700c1a193d44c88115c
SHA512

2ae4ae6377b4137d762f51b1f55f0e42b82f149fe4f37fd4892af2b060261847048bf241ed80237ddc7177f1c48e2fea776dfd1de44b2bb184687e918b8de43b
SSDEEP

12288:zVRPZhxVAbeyFfapBCnHlK7N8JVU5iYBHu/H9Zh/6GrbDhB:z13VASWajCnHlfJVU5t89nlZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74035b53823c2295337826e06edb98f_JaffaCakes118

Files

d74035b53823c2295337826e06edb98f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff0415c7fdd423d66ec9c436d205bffe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetUnlockRequestFile
FtpGetFileSize
InternetConnectA
InternetSetCookieA
SetUrlCacheEntryGroupA
FtpDeleteFileW
HttpQueryInfoW
InternetHangUp

gdi32

GetLayout
PaintRgn
SetPolyFillMode
TextOutW
PlayMetaFile
GetObjectType
PolyPolygon
GetBitmapDimensionEx
AddFontResourceW
GetEnhMetaFileBits
GetCharacterPlacementA
GetEnhMetaFileDescriptionW
GetObjectW
SetTextCharacterExtra
CreateCompatibleDC
EnumICMProfilesA
CreateRectRgnIndirect
PlayMetaFileRecord
EnumFontFamiliesW
CreatePen

advapi32

CryptSetProviderA
LookupAccountSidA
RegSaveKeyA
DuplicateToken
CryptAcquireContextA
LookupPrivilegeDisplayNameA
CryptCreateHash
LookupPrivilegeValueW
CryptSetKeyParam
LookupPrivilegeValueA
LookupPrivilegeDisplayNameW
RegDeleteValueW
LogonUserA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

user32

UnregisterDeviceNotification
CreateWindowExA
GetMessageW
CreateWindowStationW
ShowWindow
SetPropA
DefWindowProcA
CharUpperBuffW
GetInputDesktop
GetMonitorInfoW
GetTitleBarInfo
PostThreadMessageA
GetDlgItem
SetForegroundWindow
CharLowerW
DdeDisconnectList
InvertRect
DefMDIChildProcA
SetDebugErrorLevel
FindWindowW
EnumChildWindows
DrawFocusRect
AdjustWindowRectEx
EqualRect
GetPropW
MessageBoxA
GetDC
DialogBoxParamW
RemovePropA
RegisterClassExA
EnumClipboardFormats
GetMessageA
EnumDesktopsW
GetWindowWord
GetClipboardFormatNameW
DrawTextExA
GetShellWindow
GetGUIThreadInfo
CheckRadioButton
ToUnicodeEx
GetKBCodePage
CallMsgFilterW
GetWindowRect
DdeImpersonateClient
RegisterClassA
SetMenuContextHelpId
TileChildWindows
SetClassLongW
DdeCmpStringHandles
DdeQueryStringA
CreateDialogIndirectParamA
GetWindowContextHelpId
DestroyWindow
CloseWindow
GetWindow
EnableScrollBar
GetClipboardFormatNameA

comctl32

CreatePropertySheetPageW
ImageList_AddMasked
ImageList_DrawEx
ImageList_LoadImageW
ImageList_Destroy
ImageList_LoadImage
ImageList_SetIconSize
InitCommonControlsEx
ImageList_Create
ImageList_DragShowNolock
ImageList_SetDragCursorImage
_TrackMouseEvent
DestroyPropertySheetPage
ImageList_EndDrag
InitMUILanguage
DrawStatusTextW
ImageList_LoadImageA
ImageList_GetBkColor
CreateUpDownControl

kernel32

GetTimeZoneInformation
SetFilePointer
CreatePipe
GetProcAddress
HeapCreate
GetConsoleCP
GetFileType
CompareStringW
TerminateProcess
MultiByteToWideChar
VirtualAlloc
SetLastError
OpenMutexA
GetCPInfo
GetTickCount
FreeEnvironmentStringsA
CreateMutexA
TlsSetValue
TlsGetValue
SetConsoleCtrlHandler
GetOEMCP
GetCurrentProcess
CreateFileA
RtlUnwind
CloseHandle
IsValidLocale
FreeLibrary
ReadFile
GetStdHandle
ExitProcess
GetModuleFileNameA
QueryPerformanceCounter
LCMapStringA
HeapFree
GetLocaleInfoW
GetVersionExA
EnterCriticalSection
GetStartupInfoA
HeapAlloc
SetEnvironmentVariableA
FreeEnvironmentStringsW
WideCharToMultiByte
MapViewOfFileEx
LeaveCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
IsValidCodePage
SetHandleCount
GetUserDefaultLCID
CompareStringA
LoadLibraryA
UnhandledExceptionFilter
GetACP
HeapDestroy
HeapReAlloc
GetStringTypeA
GetTimeFormatA
VirtualFree
SetUnhandledExceptionFilter
LoadModule
InitializeCriticalSection
GetCurrentThreadId
DeleteCriticalSection
GetDateFormatA
EnumSystemLocalesA
TlsFree
GetEnvironmentStringsW
GetCurrentThread
GetProcessHeap
IsDebuggerPresent
GetCurrentProcessId
WriteFile
GetCommandLineA
InterlockedDecrement
EnumDateFormatsA
InterlockedExchange
TlsAlloc
DeleteFiber
VirtualQuery
GetModuleHandleA
InterlockedIncrement
HeapSize
GetLocaleInfoA
GetConsoleMode
GetStringTypeW
WriteConsoleW
Sleep
GetLastError
GetSystemTimeAsFileTime
LCMapStringW
FlushFileBuffers
GetEnvironmentStrings

Sections

.text
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0415c7fdd423d66ec9c436d205bffe

Headers

File Characteristics

Imports

wininet

gdi32

advapi32

comdlg32

user32

comctl32

kernel32

Sections

.text Size: 216KB - Virtual size: 213KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 116KB - Virtual size: 121KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 216KB - Virtual size: 213KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 116KB - Virtual size: 121KB

.rsrc
Size: 64KB - Virtual size: 60KB