f58d7bf8b73a76d8cc25742b2eb6faae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f58d7bf8b73a76d8cc25742b2eb6faae_JaffaCakes118
Size

460KB
MD5

f58d7bf8b73a76d8cc25742b2eb6faae
SHA1

0b91da7256deca572054d12c897a3745f78bdd80
SHA256

9986518756519029a6dacae9c1efdf1a8ea1248be4567e539534d3c61354d774
SHA512

0239ddf62aa38df7fe6ec6ba70883030a45933b6f64675f95352deabad4861e0e71c0e8d1559cf4093b3ab4ad1be0cfe05e9ccf718a081718c959edd0a3d7c7e
SSDEEP

12288:YegG52ZxftTs5eYC7JN1swhPqOE1Mq98WBMMnMMMMM:Yk52/VqHwN1Zq98WBMMnMMMMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f58d7bf8b73a76d8cc25742b2eb6faae_JaffaCakes118

Files

f58d7bf8b73a76d8cc25742b2eb6faae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad274bb54a352e4516af7f6b5ab013a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCatBuffW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

advapi32

RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
OpenThreadToken
RegEnumValueA
RegCreateKeyExA
ImpersonateLoggedOnUser
RegNotifyChangeKeyValue
RevertToSelf

urlmon

UrlMkSetSessionOption
CoInternetParseUrl
CopyBindInfo
CoInternetGetSession

wininet

InternetCombineUrlA
InternetCrackUrlA

kernel32

GetOverlappedResult
GetLocaleInfoA
IsDBCSLeadByte
WideCharToMultiByte
SetEndOfFile
GlobalUnlock
WriteFile
FindResourceA
ResetEvent
GetFileTime
DeleteCriticalSection
lstrcatA
FormatMessageW
GlobalAlloc
IsBadWritePtr
CreateFileW
GetDateFormatA
GetModuleFileNameA
InitializeCriticalSection
GetSystemTimeAsFileTime
GetTempFileNameA
GetCPInfo
lstrlenA
LoadLibraryA
QueryPerformanceCounter
GetCurrentProcess
VirtualFree
SetEvent
GetDateFormatW
LocalFree
InterlockedIncrement
LoadResource
GetTempPathA
FileTimeToSystemTime
Sleep
HeapFree
lstrcmpiA
GetVersionExA
LeaveCriticalSection
FormatMessageA
GetFileSize
HeapAlloc
SetFileAttributesA
CompareFileTime
DisableThreadLibraryCalls
lstrlenW
EnterCriticalSection
SystemTimeToFileTime
TerminateProcess
VirtualAlloc
LoadLibraryExA
VirtualProtect
GlobalLock
FreeLibrary
IsBadReadPtr
SizeofResource
GetCurrentProcessId
GetStringTypeW
GetShortPathNameA
GetSystemDefaultLangID
CopyFileA
MultiByteToWideChar
InterlockedExchange
GetTimeFormatA
FindFirstFileA
IsValidCodePage
GlobalFree
GetLastError
IsDBCSLeadByteEx
GetLocaleInfoW
GetSystemInfo
GetTimeZoneInformation
FindNextFileA
UnhandledExceptionFilter
GetCurrentThreadId
GlobalReAlloc
TlsGetValue
SetFilePointer
TlsFree
GetThreadLocale
GetModuleHandleA
VirtualQuery
GetUserDefaultLCID
CreateFileA
TlsSetValue
TlsAlloc
SetUnhandledExceptionFilter
HeapDestroy
WaitForSingleObject
FlushFileBuffers
GetCurrentThread
ExitProcess
lstrcpyA
GetProcAddress
InterlockedDecrement
FindClose
GlobalHandle
GetTimeFormatW
GetTickCount
GetSystemTime
GetACP
CloseHandle
HeapCreate
CreateEventA
lstrcpynA

inetcomm

MimeOleInetDateToFileTime
MimeOleSetCompatMode
MimeOleGetInternat
MimeOleGetPropertySchema
MimeOleCreateMessage

ole32

CoTaskMemRealloc
CoUninitialize
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
PropVariantClear
CoTaskMemFree
ProgIDFromCLSID

user32

CharNextA
TranslateMessage
PostThreadMessageA
DispatchMessageA
CallMsgFilterW
RegisterWindowMessageA
wsprintfA

certmgr

DllGetClassObject

cfgmgr32

CM_Get_Version_Ex

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 124KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad274bb54a352e4516af7f6b5ab013a8

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

version

advapi32

urlmon

wininet

kernel32

inetcomm

ole32

user32

certmgr

cfgmgr32

Sections

.text Size: 155KB - Virtual size: 155KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 124KB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 142KB - Virtual size: 141KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 155KB - Virtual size: 155KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 124KB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 32KB - Virtual size: 31KB