fc112eef755dc765e86ff2e6b38a57ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc112eef755dc765e86ff2e6b38a57ab_JaffaCakes118
Size

460KB
MD5

fc112eef755dc765e86ff2e6b38a57ab
SHA1

4f1911b29f8e312d98de664f650cbf2e06083342
SHA256

e78dd267d4e1b7d6d774ee670ef1211f782dfac254b804db4df804010a575a40
SHA512

9c861476a339f2c70107c97fd6ec47fabc3ddfa5deda5bc5be77e1345bdea722c66169a2e40f660a95a7ed3b52462bad5b8d30a915f08a09dd4d05789e414225
SSDEEP

12288:2c/8jbPzD0sXu3+x09ILa8K1ahySxvnGM004MMnMMMMM:2S8HbD0TuxsILa8wah/vnV004MMnMMMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc112eef755dc765e86ff2e6b38a57ab_JaffaCakes118

Files

fc112eef755dc765e86ff2e6b38a57ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16ace1ec811880824a680793c7dbd421

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCrackUrlA
InternetCombineUrlA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

HeapFree
CompareFileTime
GetModuleFileNameA
GlobalReAlloc
lstrcpynA
GetProcAddress
FindClose
GetLastError
FindNextFileA
LeaveCriticalSection
DisableThreadLibraryCalls
lstrlenA
GetUserDefaultLCID
GetCurrentThread
lstrcatA
CopyFileA
FindFirstFileA
IsValidCodePage
FormatMessageA
FlushFileBuffers
VirtualAlloc
LocalFree
HeapAlloc
GetTickCount
GetTimeZoneInformation
CreateFileA
GetFileTime
InterlockedIncrement
GetSystemTime
GetShortPathNameA
GetSystemDefaultLangID
InterlockedDecrement
IsDBCSLeadByteEx
LoadResource
HeapDestroy
IsBadWritePtr
GetStringTypeW
SetEvent
GlobalHandle
lstrcpyA
ReadFile
UnhandledExceptionFilter
GlobalUnlock
WideCharToMultiByte
QueryPerformanceCounter
InterlockedExchange
GetLocaleInfoW
GetDateFormatW
lstrlenW
GetCurrentThreadId
GetTimeFormatW
GetCurrentProcess
ResetEvent
GetDateFormatA
GetCPInfo
FormatMessageW
SetFileAttributesA
EnterCriticalSection
TlsSetValue
MultiByteToWideChar
GlobalAlloc
ExitProcess
InitializeCriticalSection
IsBadReadPtr
TerminateProcess
GetThreadLocale
CreateFileW
FreeLibrary
FileTimeToSystemTime
CloseHandle
DeleteCriticalSection
GetSystemInfo
GetCurrentProcessId
Sleep
TlsAlloc
TlsFree
IsDBCSLeadByte
GetFileSize
GetTempFileNameA
VirtualFree
CreateEventA
WriteFile
LoadLibraryExA
GetModuleHandleA
SetFilePointer
SystemTimeToFileTime
GetLocaleInfoA
lstrcmpiA
WaitForSingleObject
SizeofResource
TlsGetValue
GetTempPathA
SetUnhandledExceptionFilter
GetACP
GetSystemTimeAsFileTime
SetEndOfFile
GlobalFree
VirtualProtect
GlobalLock
HeapCreate
VirtualQuery
LoadLibraryA
GetTimeFormatA
GetOverlappedResult
FindResourceA

certmgr

DllGetClassObject

advapi32

RegNotifyChangeKeyValue
RevertToSelf
OpenThreadToken
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
RegDeleteValueA
ImpersonateLoggedOnUser
RegCloseKey
RegDeleteKeyA
RegEnumValueA

user32

CallMsgFilterW
DispatchMessageA
PostThreadMessageA
RegisterWindowMessageA
CharNextA
wsprintfA
TranslateMessage

ole32

CoCreateGuid
CoUninitialize
ProgIDFromCLSID
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemFree
PropVariantClear

inetcomm

MimeOleCreateMessage
MimeOleGetInternat
MimeOleGetPropertySchema
MimeOleSetCompatMode
MimeOleInetDateToFileTime

shlwapi

StrCatBuffW

urlmon

CopyBindInfo
CoInternetParseUrl
CoInternetGetSession
UrlMkSetSessionOption

cfgmgr32

CM_Get_Version_Ex

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 124KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16ace1ec811880824a680793c7dbd421

Headers

DLL Characteristics

File Characteristics

Imports

wininet

version

kernel32

certmgr

advapi32

user32

ole32

inetcomm

shlwapi

urlmon

cfgmgr32

Sections

.text Size: 155KB - Virtual size: 155KB

.idata Size: 4KB - Virtual size: 4KB

.data Size: 124KB - Virtual size: 1.8MB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 142KB - Virtual size: 141KB

.rsrc Size: 32KB - Virtual size: 31KB

.text
Size: 155KB - Virtual size: 155KB

.idata
Size: 4KB - Virtual size: 4KB

.data
Size: 124KB - Virtual size: 1.8MB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 142KB - Virtual size: 141KB

.rsrc
Size: 32KB - Virtual size: 31KB