db70659f9b2e9f5498296130e089a108_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

db70659f9b2e9f5498296130e089a108_JaffaCakes118
Size

564KB
MD5

db70659f9b2e9f5498296130e089a108
SHA1

d51026b5e98ce1aba4f64f90c47f698c1b793480
SHA256

f569a8fbec441f74286e1005ca16027cabe172c06b74c45f8104fd31a5adb354
SHA512

e56158f050371919961d0c6155c0e6ce850cfec1e92d754757b36079c358a9e99bfbd916f875ea8215cd343df1f9579379cdb3302b7b445a1bde394486a94806
SSDEEP

12288:mmr/AWNDrycsVpBa0+hCG1IY4JueFFs8SOCr8:mQ/JfTS5Juev7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db70659f9b2e9f5498296130e089a108_JaffaCakes118

Files

db70659f9b2e9f5498296130e089a108_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55b5ebfb2b8205f66c758faa5a096e2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Destroy
ImageList_GetImageRect
DrawStatusTextA
ImageList_SetIconSize
InitCommonControlsEx
_TrackMouseEvent

shell32

SHGetPathFromIDList
SHGetFileInfo
SHEmptyRecycleBinW
ExtractAssociatedIconW

kernel32

EnterCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
GetCurrencyFormatW
DosDateTimeToFileTime
GlobalCompact
SetSystemTime
HeapCreate
VirtualQuery
EnumResourceNamesW
GetCurrentProcess
WideCharToMultiByte
CreateFileA
AddAtomW
InterlockedExchange
VirtualProtect
EnumResourceTypesW
EnumSystemLocalesW
IsValidLocale
IsBadWritePtr
WriteProfileStringA
GetFileType
FlushFileBuffers
GetEnvironmentVariableA
FormatMessageA
GetUserDefaultLangID
TerminateProcess
VirtualFree
GetSystemInfo
GetDateFormatA
TlsGetValue
CreateDirectoryExW
GetProcAddress
FreeEnvironmentStringsW
CreateNamedPipeW
RtlUnwind
EnumTimeFormatsW
GetStringTypeW
CompareStringW
lstrcmpiA
FreeEnvironmentStringsA
SetTimeZoneInformation
MultiByteToWideChar
GetSystemTimeAsFileTime
DeleteCriticalSection
lstrcpyn
CreateNamedPipeA
TlsAlloc
LoadLibraryA
GetLastError
UnhandledExceptionFilter
OpenMutexA
GetTickCount
CloseHandle
HeapDestroy
CompareStringA
HeapReAlloc
GetProcAddress
GetTimeFormatA
ReadConsoleOutputAttribute
GetSystemDirectoryW
SetConsoleActiveScreenBuffer
GetEnvironmentStringsW
CreateFileMappingA
AddAtomA
GetEnvironmentStrings
GlobalGetAtomNameA
GetCurrentDirectoryW
SetStdHandle
CreateMutexA
GetThreadTimes
GetCommandLineA
TransactNamedPipe
SetHandleCount
GlobalAddAtomA
EnumSystemLocalesA
LCMapStringW
WriteFile
GetProfileStringW
GetNumberFormatA
GetAtomNameA
CreateEventA
ReadConsoleOutputW
CreateDirectoryW
GetPrivateProfileStringW
ExitProcess
HeapSize
GetCommandLineW
VirtualFreeEx
GetOEMCP
CommConfigDialogA
GetACP
OpenMutexW
GetThreadSelectorEntry
GetDiskFreeSpaceExA
GetLocaleInfoW
GetCurrentThread
GetCurrentProcessId
UnmapViewOfFile
ExitThread
GetLocaleInfoA
GetModuleHandleA
lstrcatA
GetStdHandle
LocalShrink
TlsFree
HeapFree
InitializeCriticalSection
EnumDateFormatsA
LCMapStringA
CreateRemoteThread
GetStringTypeA
WaitCommEvent
GetVersionExA
VirtualAlloc
LockFileEx
WaitNamedPipeW
GetProcessShutdownParameters
CreateSemaphoreW
SetLastError
HeapAlloc
ReadConsoleInputW
GlobalAlloc
EnumTimeFormatsA
SetConsoleCP
GetExitCodeThread
SetEnvironmentVariableA
IsValidCodePage
GetTempPathA
GetCPInfo
LeaveCriticalSection
WriteProfileSectionW
SetConsoleTitleA
TlsSetValue
SetPriorityClass
MoveFileExA
LocalCompact
FormatMessageW
lstrcatW
GetStartupInfoA
GetSystemTimeAdjustment
GetModuleFileNameA
EnumResourceTypesA
ReadFile
SetFilePointer
GetUserDefaultLCID
GetTimeZoneInformation

wininet

InternetOpenA
InternetDial
IncrementUrlCacheHeaderData
FtpRemoveDirectoryW
InternetSetDialStateA
FreeUrlCacheSpaceA
FtpCommandA
InternetSetCookieA
DeleteUrlCacheEntryW

user32

DrawMenuBar
GetProcessDefaultLayout
MessageBoxW
SetScrollInfo
SetKeyboardState
AnimateWindow
GetMessageExtraInfo
DestroyWindow
LoadAcceleratorsW
EnableWindow
LockWindowUpdate
SetWindowWord
GetGUIThreadInfo
SetDlgItemInt
DragObject
CreateWindowExA
SetRect
RegisterClassExA
DestroyCursor
GetClipboardViewer
DefWindowProcW
DdeInitializeW
InsertMenuItemW
GetMessageA
SendIMEMessageExW
EnumDisplaySettingsExA
RegisterWindowMessageW
CharPrevExA
GetAsyncKeyState
GetThreadDesktop
MessageBeep
TrackPopupMenu
DrawIconEx
EnumDisplaySettingsExW
SetThreadDesktop
ArrangeIconicWindows
IsWindowUnicode
PeekMessageA
SetScrollRange
GetWindowModuleFileNameA
InsertMenuA
UnhookWindowsHook
IsWindowEnabled
DrawAnimatedRects
SetCaretBlinkTime
RealChildWindowFromPoint
InvalidateRect
SetUserObjectSecurity
ShowWindow
TileWindows
DdeGetData
GetClassLongW
RegisterClassA
DestroyCaret
EndDeferWindowPos
GetMessageTime
ValidateRect
TranslateAcceleratorA
BringWindowToTop
CheckMenuItem
WinHelpA

Sections

.text
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55b5ebfb2b8205f66c758faa5a096e2e

Headers

File Characteristics

Imports

comctl32

shell32

kernel32

wininet

user32

Sections

.text Size: 160KB - Virtual size: 157KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 116KB - Virtual size: 124KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 160KB - Virtual size: 157KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 116KB - Virtual size: 124KB

.rsrc
Size: 24KB - Virtual size: 21KB