03784b14a6716130295108ae3443b72d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03784b14a6716130295108ae3443b72d_JaffaCakes118
Size

128KB
MD5

03784b14a6716130295108ae3443b72d
SHA1

091038b7440493d0fe5d07031fe47166708fb454
SHA256

782b821eff80a717bc7bf6880de99209e67c5a85288df717fbe0467c0f43931c
SHA512

54fa75cfe16eb7ef2b99050d76393367501483a077ee12d9f886273ee2c0c4e5e4954ea7f1bb8f274decc9268a7c325adeb8697f735f1c733505d1d87a770a81
SSDEEP

3072:3lzP2BmO0Tmybl7w5wpXa61IpKydZFHL/BxV18:3BPw/4Xa61IpKydvl18

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03784b14a6716130295108ae3443b72d_JaffaCakes118

Files

03784b14a6716130295108ae3443b72d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34e4f67cf8da0c3180d4b62ca3263452

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
CreateDirectoryA
lstrcpyA
GetWindowsDirectoryA
GetFileAttributesA
GetTempPathA
GetShortPathNameA
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
Sleep
GetTickCount
TerminateProcess
WaitForSingleObject
OpenProcess
WideCharToMultiByte
lstrlenW
RemoveDirectoryA
lstrcatA
ResumeThread
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
CreateProcessA
GetTempFileNameA
SetLastError
InterlockedIncrement
InterlockedDecrement
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
GetModuleHandleA
GetStartupInfoA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetSystemInfo
GetVersionExA
HeapCreate
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
FlushInstructionCache
SystemTimeToFileTime
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
GetLocalTime
lstrlenA
GetCommandLineA
lstrcmpiA
GetLastError
FormatMessageA
MultiByteToWideChar
LocalFree
RtlUnwind

user32

CreateDialogParamA
ShowWindow
UpdateWindow
DestroyWindow
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
wsprintfA
GetClassInfoExA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetSystemMetrics
GetWindowThreadProcessId
DefWindowProcA
PostQuitMessage
MessageBoxA
SetWindowTextA
PostMessageA
LoadStringA
wvsprintfA
GetParent
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
CallWindowProcA
GetWindowLongA
SetWindowLongA
SetTimer
GetMessageA
KillTimer
CharNextA
SetWindowPos
PeekMessageA
DispatchMessageA
FindWindowA
MessageBoxIndirectA
IsWindow
SendMessageTimeoutA

advapi32

RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA
RegDeleteKeyA

shell32

SHGetSpecialFolderLocation
SHGetMalloc
ShellExecuteA
SHFileOperationA
SHGetPathFromIDListA

ole32

StringFromGUID2
CoCreateInstance
CoInitialize
CoUninitialize
CreateBindCtx

oleaut32

VariantClear
SysFreeString
VarI4FromStr
SysAllocStringLen
SysAllocString

setupapi

SetupDefaultQueueCallbackA
SetupFindFirstLineA
SetupTermDefaultQueueCallback
SetupFindNextLine
SetupOpenInfFileA
SetupSetDirectoryIdA
SetupInstallFromInfSectionA
SetupCloseFileQueue
SetupInitDefaultQueueCallbackEx
SetupGetStringFieldA
SetupCloseInfFile

wininet

InternetGetConnectedState
InternetGoOnline
InternetQueryOptionA

shlwapi

PathGetArgsA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34e4f67cf8da0c3180d4b62ca3263452

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

wininet

shlwapi

urlmon

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 11KB

.trdata Size: 72KB - Virtual size: 72KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 11KB

.trdata
Size: 72KB - Virtual size: 72KB