dbdbb47063d96b5e615817229715133c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

dbdbb47063d96b5e615817229715133c_JaffaCakes118
Size

316KB
MD5

dbdbb47063d96b5e615817229715133c
SHA1

a3e4fab8fb9588b7a58fbd38f71f3fde7480ca30
SHA256

eca8d608462ff3935fce8b72d2d94ee6b9b7118a5b4111d751dac2b65c839db1
SHA512

2d67b2a05c88afb064111917dc1c8b7abcab660a9c32736cf638aa0bee5cabd82f4e3883c9fdbb18e87be880ebd8da7cf9e11faab572e5bee582ee7bca4ae7c9
SSDEEP

3072:ZBwaM0k+7FB3oJJc5B2LvWiLAobIXeIDZQ3q9Zi4mCxxHtX9r1j3jPm61p3XQbjr:ZNoJi2LEoMXtsA9+t8i8V5yRxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbdbb47063d96b5e615817229715133c_JaffaCakes118

Files

dbdbb47063d96b5e615817229715133c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e86da2ce3176db651012755b0ba651a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
lstrlenA
InterlockedDecrement
InterlockedIncrement
ReadFile
SetFilePointer
CloseHandle
CreateFileA
GetModuleFileNameA
GetVersionExA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetFileAttributesW
GetVersion
WideCharToMultiByte
DebugBreak
OutputDebugStringA
SetEndOfFile
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetLastError
GetDiskFreeSpaceExA
GetShortPathNameA
GetFullPathNameA
DeleteFileA
WriteFile
GetTempFileNameA
LoadLibraryW
SetLastError
GetModuleFileNameW
LoadLibraryA
lstrcatA
CopyFileA
GetTempPathA
FreeLibrary
CreateDirectoryA
GetFileSize
FlushFileBuffers
CreateThread
MultiByteToWideChar
GetTickCount
Sleep
TerminateThread
MoveFileA
GetCommandLineA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
GlobalAlloc
FindResourceA
GetFileType
lstrlenW
lstrcmpiA
LoadLibraryExA
IsDBCSLeadByte
lstrcmpA
MulDiv
GlobalUnlock
GlobalLock
SizeofResource
LoadResource
GlobalFree
GlobalHandle
LockResource
CompareStringA
SetHandleCount
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
HeapReAlloc
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LocalFree
GetConsoleCP
GetConsoleMode
HeapDestroy
HeapCreate
GetCPInfo
GetOEMCP
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
HeapSize

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA

gdi32

DeleteObject
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
CreateSolidBrush
GetObjectA
GetStockObject
DeleteDC

ole32

OleRun
CoCreateInstance
CLSIDFromProgID
CLSIDFromString
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemRealloc
StringFromGUID2
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoTaskMemFree

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen
SysAllocString
GetErrorInfo
VarUI4FromStr
OleCreateFontIndirect
LoadRegTypeLi
LoadTypeLi
SysFreeString

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
SHBrowseForFolderA
SHGetSpecialFolderLocation
ShellExecuteExA
SHFileOperationA
Shell_NotifyIconA
SHGetSpecialFolderPathA

user32

MapWindowPoints
SetWindowContextHelpId
IsWindowVisible
GetWindowRect
RegisterWindowMessageA
GetWindowTextLengthA
GetWindowTextA
CreateAcceleratorTableA
CreateWindowExA
LoadCursorA
IsWindow
GetDesktopWindow
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
BeginPaint
EndPaint
CallWindowProcA
FillRect
ReleaseCapture
GetDlgItem
GetParent
IsChild
SetCapture
SystemParametersInfoA
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
MoveWindow
GetSysColor
DestroyWindow
DefWindowProcA
CreateDialogIndirectParamA
GetClassInfoExA
RegisterClassExA
ShowWindow
GetWindowLongA
SetWindowLongA
SendMessageA
FindWindowA
SetWindowTextA
CharNextA
wvsprintfA
LoadStringA
MapDialogRect
LoadIconA
PostQuitMessage
DispatchMessageA
IsDialogMessageA
GetMessageA
PostMessageA
RedrawWindow
UnregisterClassA
GetClassNameA

wininet

HttpOpenRequestA
InternetCloseHandle
InternetQueryOptionA
InternetOpenUrlA
InternetCrackUrlA
HttpQueryInfoA
HttpSendRequestA
InternetConnectA
InternetOpenA
InternetReadFile
InternetSetOptionA
InternetGetConnectedState

wsock32

gethostbyname

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e86da2ce3176db651012755b0ba651a

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

oleaut32

shell32

user32

wininet

wsock32

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 32KB - Virtual size: 37KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 112KB - Virtual size: 116KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 32KB - Virtual size: 37KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 112KB - Virtual size: 116KB