d9f42e666a50ec31d8de0323cb5dbd61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d9f42e666a50ec31d8de0323cb5dbd61_JaffaCakes118
Size

568KB
MD5

d9f42e666a50ec31d8de0323cb5dbd61
SHA1

9be3a5fedd13693ec072eeb8aa7eb8c14b33b300
SHA256

1128007d40c0757f9decda284668b9dd1162fc4e14b1bed8e60978508ce05b2d
SHA512

311b32491f747a8df22e57e7f9518d886716d5eca8618870a84ca74b8bf93e032e1dd31ef69c03b543044b68aa6c8ddfd3740861fc09096f4928b6b4b505acb8
SSDEEP

12288:Ym/WWbl+6A8TxYVp8R4DhGs+W841vowklGk6pFlrVSAPrIb+GOFNOqXD8:YmeWRvAOYVSRihGsa4a2Fv3GO5D8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9f42e666a50ec31d8de0323cb5dbd61_JaffaCakes118

Files

d9f42e666a50ec31d8de0323cb5dbd61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

53bd2b8a34f1c619fa9b72b951288b76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetInitializeAutoProxyDll
InternetGoOnlineW
InternetErrorDlg
FtpCreateDirectoryW
HttpEndRequestW
FtpGetFileEx
FtpRemoveDirectoryW

comdlg32

GetFileTitleW

comctl32

ImageList_EndDrag
InitCommonControlsEx
ImageList_DrawEx
ImageList_LoadImageW
CreateMappedBitmap
ImageList_GetBkColor
DrawStatusTextW
DrawInsert
ImageList_GetFlags
ImageList_Create
ImageList_Replace
InitMUILanguage
ImageList_Duplicate
ImageList_LoadImageA
ImageList_Merge
ImageList_DragEnter
CreatePropertySheetPage
CreateStatusWindowW
CreateStatusWindowA
ImageList_Remove
CreateToolbarEx
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount

user32

LoadCursorFromFileW
RegisterClassExA
EnableScrollBar
DestroyWindow
WinHelpA
DefWindowProcA
ChildWindowFromPointEx
LoadIconW
DialogBoxParamA
DefMDIChildProcA
SetCaretPos
CallNextHookEx
GetMessageTime
RegisterClassExW
RegisterClipboardFormatA
GetMessageW
GetMessageA
EnumDisplayMonitors
CharPrevA
ShowWindow
SetMenuInfo
GetKeyboardLayoutNameW
EnumDesktopWindows
GetCursorPos
UnpackDDElParam
RemovePropA
CallWindowProcW
GetKeyNameTextW
RegisterClassA
CheckMenuRadioItem
TrackPopupMenuEx
CreateWindowExW
GetKeyState
IsZoomed
AttachThreadInput
CopyImage
DlgDirListComboBoxW
ToUnicode
SetProcessWindowStation
wvsprintfW
SetActiveWindow
DialogBoxIndirectParamA
DdeQueryNextServer
DdeImpersonateClient
SendMessageA
MessageBoxW
SetSysColors
ChangeMenuW
SetWindowPlacement
VkKeyScanExW
GetWindowRgn
DlgDirListW
GetThreadDesktop
SendDlgItemMessageA
SendIMEMessageExW
GetMenuState
SetRect
AppendMenuA
ClipCursor
MapDialogRect
SwitchDesktop
DdeClientTransaction
OpenClipboard
CreateAcceleratorTableW

kernel32

GetSystemTime
EnumSystemLocalesA
TlsGetValue
GetLocalTime
GetTimeZoneInformation
HeapFree
FindFirstFileExA
QueryPerformanceCounter
GetEnvironmentStringsW
WriteFile
GetModuleFileNameW
GetCurrentProcess
GetCurrencyFormatA
GetComputerNameA
GetStringTypeW
GetStartupInfoA
CompareStringW
InterlockedDecrement
GetCurrentThread
LoadLibraryA
GetStdHandle
RtlUnwind
WaitForSingleObject
ReadFile
GetCPInfo
WideCharToMultiByte
GetModuleHandleA
GetLastError
SetFilePointer
SetEnvironmentVariableA
GetStartupInfoW
LCMapStringA
TerminateProcess
GetVersion
SetLastError
CreateMutexA
SetStdHandle
GetTempFileNameW
CloseHandle
MoveFileW
GetCommandLineA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
VirtualFree
GetStringTypeA
UnhandledExceptionFilter
VirtualAlloc
DeleteCriticalSection
MultiByteToWideChar
GetCurrentProcessId
HeapReAlloc
HeapDestroy
LCMapStringW
HeapAlloc
GetCurrentThreadId
TlsAlloc
LocalShrink
LeaveCriticalSection
GetTickCount
LockFileEx
OpenMutexA
CompareStringA
SuspendThread
GetPriorityClass
TlsSetValue
ReadConsoleOutputCharacterW
GetSystemTimeAsFileTime
IsBadWritePtr
GetProcAddress
EnterCriticalSection
SetFileAttributesA
FlushFileBuffers
InterlockedIncrement
HeapCreate
GetModuleFileNameA
InterlockedExchange
InitializeCriticalSection
ExitProcess
TlsFree
GetCommandLineW
OpenSemaphoreA
FindResourceW
GetFileType
VirtualQuery
WriteProfileSectionA
SetHandleCount

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53bd2b8a34f1c619fa9b72b951288b76

Headers

File Characteristics

Imports

wininet

comdlg32

comctl32

user32

kernel32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 252KB - Virtual size: 251KB

.data Size: 116KB - Virtual size: 122KB

.rsrc Size: 28KB - Virtual size: 26KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 252KB - Virtual size: 251KB

.data
Size: 116KB - Virtual size: 122KB

.rsrc
Size: 28KB - Virtual size: 26KB