fde8e32788bee48db2f99ed9bf2682cc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fde8e32788bee48db2f99ed9bf2682cc_JaffaCakes118
Size

253KB
MD5

fde8e32788bee48db2f99ed9bf2682cc
SHA1

8e366e0e0fc40b635cb7a0f42f3c6b1f5ea81c1a
SHA256

f1099a8d12dce306cb18339100f05e5992fe358021a78cd8c79330e5b7531ae2
SHA512

db084a5c6aee90cf9398ac551c88f45db5145b333842af68298e2be1d87f97a35220ca1b6595230c3e5b46e0a4d6b7f0d78d38ae0d4e03f59aca4036bf573d0d
SSDEEP

6144:Cj89h36jLTfrPXGxxkDal4jZUNesLT91omGSSG4u2WOMNOsPaU7:ZyTjOxa0+ZdsLTLGJC2WNYrU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde8e32788bee48db2f99ed9bf2682cc_JaffaCakes118

Files

fde8e32788bee48db2f99ed9bf2682cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

ntohs
inet_ntoa

shlwapi

PathRemoveFileSpecA

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
InternetSetOptionA
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetConnectA

kernel32

GetSystemTime
InitializeCriticalSection
FreeLibrary
GetCurrentProcess
GetVersionExA
GetModuleFileNameA
OpenMutexA
GetLastError
GetTickCount
GetLocaleInfoA
RaiseException
WaitForMultipleObjects
GetModuleFileNameW
LoadLibraryA
ExitProcess
LocalFree
MultiByteToWideChar
GetACP
LocalAlloc
lstrlenA
lstrcpynA
GetShortPathNameA
lstrcmpiA
GetComputerNameA
IsBadWritePtr
HeapCreate
SetUnhandledExceptionFilter
TlsAlloc
GetOEMCP
CreateMutexA
OpenEventA
SetEvent
GetModuleHandleA
GetCurrentProcessId
GetCurrentThreadId
CreateEventA
WaitForSingleObject
Sleep
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
IsBadReadPtr
IsBadCodePtr
GetSystemInfo
GetEnvironmentStringsW
GetCPInfo
GetFileAttributesA
GetStartupInfoA
BeginUpdateResourceW
GetProcAddress

user32

RegisterClassA
CreateWindowExA
ShowWindow
GetSystemMetrics
CharUpperA
DefWindowProcA
wsprintfA
CharPrevA
GetMessageA
PostQuitMessage

advapi32

ImpersonateSelf
GetTokenInformation
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessDeniedAce
AddAccessAllowedAce
FreeSid
RevertToSelf
ImpersonateLoggedOnUser
StartServiceCtrlDispatcherA
OpenProcessToken
RegisterServiceCtrlHandlerA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
RegOpenKeyExW
RegQueryValueExW
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegCloseKey
GetUserNameA

ole32

CLSIDFromString
CoCreateGuid
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

ntprint

PSetupEnumMonitor
PSetupDestroyPrinterDeviceInfoList
ServerInstallW
PSetupGetSelectedDriverInfo

dmocx

DllGetClassObject

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WwVHa
Size: 1024B - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iSKC
Size: 1024B - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 101KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.KQzjvU
Size: 3KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 114KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RA
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5818cf524f5f065e7a752ad6cce84ce7

Headers

File Characteristics

Imports

version

ws2_32

shlwapi

wininet

kernel32

user32

advapi32

ole32

oleaut32

ntprint

dmocx

Sections

.text Size: 15KB - Virtual size: 15KB

.WwVHa Size: 1024B - Virtual size: 230KB

.rdata Size: 4KB - Virtual size: 6KB

.iSKC Size: 1024B - Virtual size: 60KB

.edata Size: 101KB - Virtual size: 161KB

.KQzjvU Size: 3KB - Virtual size: 270KB

.data Size: 7KB - Virtual size: 93KB

.edata Size: 114KB - Virtual size: 182KB

.RA Size: 512B - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.WwVHa
Size: 1024B - Virtual size: 230KB

.rdata
Size: 4KB - Virtual size: 6KB

.iSKC
Size: 1024B - Virtual size: 60KB

.edata
Size: 101KB - Virtual size: 161KB

.KQzjvU
Size: 3KB - Virtual size: 270KB

.data
Size: 7KB - Virtual size: 93KB

.edata
Size: 114KB - Virtual size: 182KB

.RA
Size: 512B - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 4KB