dda638ce2f034587f3f1a0c3fbf9227f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dda638ce2f034587f3f1a0c3fbf9227f_JaffaCakes118
Size

203KB
MD5

dda638ce2f034587f3f1a0c3fbf9227f
SHA1

c4911adde8d6751154a227c261888da333f7d106
SHA256

fbbe492473751131d6b179849ae76e6844e3d4c98e6165a962fccfce63b5cbab
SHA512

0a88d0f4bbc7586cab09f1d9e4e05032e8d0653c39b90b0945a7e1e26c7ee7de95888115af974f3272fcfda6a903e4b593db88a8f1ab509ecca730ae37cf57dc
SSDEEP

3072:skEVV2akVeCq+jTG+gKF66PQGWjWc7unJLrTKzsJt4ofNlPgw0L2+SC9a9o:1EVVPx+jTG+Np67uguNf/PfiDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dda638ce2f034587f3f1a0c3fbf9227f_JaffaCakes118

Files

dda638ce2f034587f3f1a0c3fbf9227f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e13e40bbe88a0b0f403e1860e4c9a9ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
GetShortPathNameW
CompareFileTime
GetLongPathNameA
GetAtomNameA
GlobalAlloc
SleepEx
SetCalendarInfoW
GetModuleHandleA
GetTempPathA
FatalAppExitA
GetDiskFreeSpaceA
GetProcAddress
GetSystemDirectoryW
LocalAlloc
lstrcpy
GetThreadLocale
RemoveDirectoryW
GetShortPathNameA
MulDiv
GetEnvironmentStringsA
lstrlenW
GetCurrentThread
GetVolumeInformationW
OpenMutexW
FindResourceA
Sleep
CreateFileMappingA
CreateFileA
GetSystemInfo
GetSystemDefaultLCID
lstrcpyA
GlobalFindAtomA
GetFileSize
GetCalendarInfoW
GetDateFormatA
lstrcmpA
lstrcpyW
AddAtomA
GetVolumeInformationA
GetAtomNameW
CreatePipe
GetOEMCP
OpenWaitableTimerA
GetCommandLineW
ExitThread
BeginUpdateResourceA
FileTimeToDosDateTime
EndUpdateResourceA
GetExitCodeThread
GetEnvironmentStringsW
GetProcessHeaps
DosDateTimeToFileTime
GetSystemTime
InitializeCriticalSection

user32

IsDlgButtonChecked
LoadImageW
ShowCursor
CreateWindowExA
UnregisterClassA
LoadIconW
SetMenu
WaitMessage
GetDC
SetDlgItemTextW
EnumClipboardFormats
GetMenuItemCount
ActivateKeyboardLayout
UpdateLayeredWindow
LoadMenuIndirectA
GetAsyncKeyState
CheckMenuRadioItem
GetSystemMetrics
GetWindowTextLengthA
LoadCursorW
CheckRadioButton
DefDlgProcW
InsertMenuItemW
MonitorFromRect
AdjustWindowRect
GetDlgItem
BringWindowToTop
SendMessageW
DestroyIcon
SendDlgItemMessageW
EnumWindows
LoadCursorA
RegisterWindowMessageA
GetDC
CharNextW
mouse_event
GetDlgItemTextW
MessageBeep
MonitorFromPoint
IsMenu
AppendMenuA
ArrangeIconicWindows

gdi32

SelectBrushLocal
CreatePen
GetTextColor
RemoveFontResourceW
SetTextJustification
SetBitmapBits
GetCharABCWidthsFloatW
ExtEscape
GetOutlineTextMetricsA
OffsetClipRgn
TranslateCharsetInfo
ExtTextOutA
CreateFontW

advapi32

RegOpenKeyExA
RegRestoreKeyA
RegEnumValueW
RegSaveKeyA
RegCreateKeyW
RegCloseKey
RegQueryInfoKeyA

oleaut32

VarR4FromI2
VarR4FromCy
VarCyNeg
SetErrorInfo
VarUI8FromI2
VarDecAdd

wininet

FtpCreateDirectoryA
FindCloseUrlCache
GetUrlCacheEntryInfoExW
InternetWriteFileExA
InternetGetCertByURL
FtpGetFileEx
InternetHangUp
InternetGetPerSiteCookieDecisionA
InternetSetDialStateW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Qkycn
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Kkrub
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rfCWI
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jBQZC
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RQNT
Size: 1024B - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Xkdy
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NNa
Size: 1024B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.J
Size: 2KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e13e40bbe88a0b0f403e1860e4c9a9ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

wininet

Sections

.text Size: 12KB - Virtual size: 11KB

.Qkycn Size: 2KB - Virtual size: 40KB

.Kkrub Size: 1KB - Virtual size: 32KB

.rfCWI Size: 1KB - Virtual size: 16KB

.jBQZC Size: 4KB - Virtual size: 50KB

.RQNT Size: 1024B - Virtual size: 42KB

.Xkdy Size: 2KB - Virtual size: 36KB

.data Size: 11KB - Virtual size: 11KB

.NNa Size: 1024B - Virtual size: 29KB

.J Size: 2KB - Virtual size: 86KB

.rsrc Size: 162KB - Virtual size: 162KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.Qkycn
Size: 2KB - Virtual size: 40KB

.Kkrub
Size: 1KB - Virtual size: 32KB

.rfCWI
Size: 1KB - Virtual size: 16KB

.jBQZC
Size: 4KB - Virtual size: 50KB

.RQNT
Size: 1024B - Virtual size: 42KB

.Xkdy
Size: 2KB - Virtual size: 36KB

.data
Size: 11KB - Virtual size: 11KB

.NNa
Size: 1024B - Virtual size: 29KB

.J
Size: 2KB - Virtual size: 86KB

.rsrc
Size: 162KB - Virtual size: 162KB

.reloc
Size: 1KB - Virtual size: 1KB