dc9b90b9b1428b8c8642ab507c1af794_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc9b90b9b1428b8c8642ab507c1af794_JaffaCakes118
Size

480KB
MD5

dc9b90b9b1428b8c8642ab507c1af794
SHA1

477e4e352e37ffde7c434b3dee91f5af998e8b77
SHA256

d06249e06bf322709030f3081abbaa68395c7b564d5ec309dfc4a0f382d1a3d3
SHA512

d882a5de29f3b97a27749ce5f514b3f349ae9ed9d03bedfc072838431a84936110abce382438aac8211bd54ce6fe1b1efb8839b1251f99695592d2b30b653cb1
SSDEEP

6144:cDhRmG66e52u4djsorcwbrunp9z7Rs+e+IebktJWEmMZ6uElj4/jF7tgqyEZr29t:URN66eho4wipt7R57ktk260yk2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc9b90b9b1428b8c8642ab507c1af794_JaffaCakes118

Files

dc9b90b9b1428b8c8642ab507c1af794_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f979abd3a4d57035fb595eac20766d42

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ShowCertificate
ResumeSuspendedDownload
FtpCreateDirectoryA
InternetCreateUrlA
HttpEndRequestW
GopherGetLocatorTypeW
InternetGetConnectedStateExW
InternetInitializeAutoProxyDll
FindFirstUrlCacheContainerW

advapi32

RegLoadKeyA
LogonUserW
CryptSetHashParam
CreateServiceA
GetUserNameW
AbortSystemShutdownW
CryptEncrypt
LookupAccountSidA
CryptSetKeyParam
InitiateSystemShutdownA
RevertToSelf
ReportEventA
CryptEnumProvidersA

shell32

SHChangeNotify
SHFileOperation
CheckEscapesW

comctl32

InitCommonControlsEx

kernel32

GetCurrentThreadId
SetStdHandle
GetEnvironmentStringsW
TlsSetValue
InitializeCriticalSection
HeapFree
SetLastError
GetACP
IsBadWritePtr
VirtualAlloc
MultiByteToWideChar
FreeEnvironmentStringsA
GetLocaleInfoW
GetModuleHandleA
DeleteCriticalSection
GetCurrentProcessId
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
RtlZeroMemory
LeaveCriticalSection
CreateMutexA
SetFilePointer
GetSystemInfo
FreeEnvironmentStringsW
GetTickCount
RtlUnwind
InterlockedExchange
GetOEMCP
VirtualProtect
GetCurrentThread
QueryPerformanceCounter
LCMapStringA
TerminateProcess
LCMapStringW
FlushFileBuffers
GetSystemTimeAsFileTime
CloseHandle
GetEnvironmentStrings
GetDateFormatA
GetTimeFormatA
UnhandledExceptionFilter
SetHandleCount
HeapReAlloc
HeapAlloc
GetStartupInfoA
LoadLibraryA
GetCurrentProcess
GetLocaleInfoA
ExitProcess
GetUserDefaultLCID
GetStdHandle
OpenMutexA
EnumSystemLocalesA
GetCommandLineA
GetStringTypeW
WriteFile
WideCharToMultiByte
EnterCriticalSection
TlsAlloc
HeapDestroy
GetTimeZoneInformation
TlsGetValue
GetProcAddress
GetStringTypeA
EnumDateFormatsExA
ReadFile
GetModuleFileNameA
VirtualQuery
TlsFree
GetVersionExA
GetFileType
HeapSize
GetCPInfo
GetDiskFreeSpaceExA
SetEnvironmentVariableA
VirtualFree
GlobalAddAtomW
HeapCreate
GetLastError

user32

ChildWindowFromPoint
EnumThreadWindows
RegisterClassA
LoadAcceleratorsW
IsIconic
GetCursorInfo
GetMenuBarInfo
GetClipCursor
CopyAcceleratorTableA
GetClassNameA
CreateDesktopW
BroadcastSystemMessageW
CallWindowProcA
GetDlgItemInt
GrayStringW
GetMenuState
SetDlgItemTextA
ReleaseDC
DestroyIcon
GetClassLongW
DrawFrameControl
MessageBoxW
DdeCreateStringHandleA
RegisterClipboardFormatA
InsertMenuItemW
RegisterClassExA

Sections

.text
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f979abd3a4d57035fb595eac20766d42

Headers

File Characteristics

Imports

wininet

advapi32

shell32

comctl32

kernel32

user32

Sections

.text Size: 147KB - Virtual size: 146KB

.rdata Size: 8KB - Virtual size: 34KB

.data Size: 311KB - Virtual size: 310KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 147KB - Virtual size: 146KB

.rdata
Size: 8KB - Virtual size: 34KB

.data
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 13KB - Virtual size: 12KB