fe382b933e344b95a3408a817a771dc9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe382b933e344b95a3408a817a771dc9_JaffaCakes118
Size

1016KB
MD5

fe382b933e344b95a3408a817a771dc9
SHA1

04e0a8b6cffb9111a664a5568465dbaa6a15ccc8
SHA256

8ab925c4463549ca0fc7c0da9c19e9945dec8af3b93ab9460ac740bb5890d242
SHA512

b152a162456f57b099223d66ba142fc78ca75f35783b7008dc3e7f9097b6246a2938c84d689f3a53f8c336db0a8f7db370405bfef7ac78d5129fb42fd8150ad6
SSDEEP

24576:VPNW3oJPJhHo6V1I6lgVukGZGTra5pb4atwK2736fFGhOMDSIenC6ITBS:5N3FXnV1EwkGZGTe7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe382b933e344b95a3408a817a771dc9_JaffaCakes118

Files

fe382b933e344b95a3408a817a771dc9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f23e0b0e24e0660c7a13129b709b0226

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

wininet

InternetCrackUrlA
FindCloseUrlCache
FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetSetCookieA
InternetGetCookieA
InternetGetConnectedState
InternetOpenUrlA

iphlpapi

GetAdaptersInfo

shlwapi

PathFindFileNameA
SHSetValueA
PathFindExtensionA
PathIsDirectoryA
PathRemoveFileSpecA
PathFileExistsA
SHGetValueA
PathRemoveExtensionA
PathIsUNCA
PathStripToRootA

advapi32

RegQueryValueA
RegEnumKeyA
OpenProcessToken
DuplicateTokenEx
CreateProcessAsUserA
SetNamedSecurityInfoA
RegOpenKeyExA
RegOpenKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA

kernel32

CreateFileA
SetPriorityClass
GetCurrentProcess
GetFileAttributesA
CreateDirectoryA
LocalFree
WriteFile
GetFileSize
SetFilePointer
GetProcessHeap
LocalAlloc
RaiseException
MulDiv
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
CreateSemaphoreA
ReleaseSemaphore
CreateEventA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetThreadLocale
DuplicateHandle
FindClose
FindFirstFileA
GetFullPathNameA
lstrcmpA
SetThreadPriority
ResumeThread
SetEvent
DeviceIoControl
SetFileAttributesA
GetFileTime
GlobalDeleteAtom
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalAddAtomA
GetCurrentProcessId
FreeResource
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
InterlockedIncrement
InterlockedDecrement
FindNextFileA
GetModuleFileNameW
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
WritePrivateProfileStringA
GetCurrentDirectoryA
GlobalFlags
GetCPInfo
GetOEMCP
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetStartupInfoA
ExitThread
CreateThread
HeapSize
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
SetHandleCount
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
TerminateProcess
HeapAlloc
HeapFree
LoadLibraryA
FreeLibrary
CreateNamedPipeA
ConnectNamedPipe
ReadFile
GetCurrentThreadId
GetModuleHandleA
GetProcAddress
GetCommandLineA
GetComputerNameA
CreateProcessA
WinExec
SetLastError
GetVolumeInformationA
GetVersionExA
InitializeCriticalSectionAndSpinCount
CreateMutexA
GetTickCount
Sleep
LoadLibraryW
GetTempPathA
GetModuleFileNameA
GetShortPathNameA
CopyFileA
MoveFileExA
DeleteFileA
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
CloseHandle
WaitForSingleObject
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
GetTimeZoneInformation
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
SuspendThread

user32

LoadIconA
IsDialogMessageA
ShowWindow
GetSysColorBrush
ReleaseDC
GetDC
LoadCursorA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
ClientToScreen
BeginPaint
EndPaint
DestroyMenu
UnregisterClassA
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SendDlgItemMessageA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
PostQuitMessage
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
SendMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuItemID
GetSubMenu
wsprintfA
WaitForInputIdle
EnumThreadWindows
SetForegroundWindow
GetMenu
GetWindow
IsWindowVisible
SendMessageTimeoutA
GetParent
GetClassNameA
FindWindowExA
GetSystemMetrics
GetForegroundWindow
GetClientRect
SetWindowTextA
GetWindowThreadProcessId
AttachThreadInput
BringWindowToTop
PostMessageA
KillTimer
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
EnableWindow
RegisterWindowMessageA
SetParent
SetTimer
EnumWindows
GetWindowTextA
GetCursorPos
CharUpperA
RemovePropA
SetFocus
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetWindowLongA
GetMenuItemCount

gdi32

SetMapMode
RestoreDC
SaveDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
Escape

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

shell32

SHGetSpecialFolderPathA

ole32

OleRun
CoInitialize
CoDisconnectObject
CoUninitialize
CoCreateInstance
CoInitializeEx

oleaut32

SysAllocStringByteLen
SysStringLen
VariantChangeType
GetErrorInfo
VariantInit
VariantCopy
SysAllocString
LoadTypeLi
SysAllocStringLen
VariantClear
SysFreeString

urlmon

URLDownloadToFileA

ws2_32

WSACleanup
WSAStartup

Sections

.text
Size: 472KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 436KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f23e0b0e24e0660c7a13129b709b0226

Headers

File Characteristics

Imports

version

wininet

iphlpapi

shlwapi

advapi32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

ole32

oleaut32

urlmon

ws2_32

Sections

.text Size: 472KB - Virtual size: 470KB

.rdata Size: 92KB - Virtual size: 88KB

.data Size: 436KB - Virtual size: 553KB

.rsrc Size: 12KB - Virtual size: 8KB

.text
Size: 472KB - Virtual size: 470KB

.rdata
Size: 92KB - Virtual size: 88KB

.data
Size: 436KB - Virtual size: 553KB

.rsrc
Size: 12KB - Virtual size: 8KB