043fa7470f6362b78d7e647dbc60ade8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

043fa7470f6362b78d7e647dbc60ade8_JaffaCakes118
Size

214KB
MD5

043fa7470f6362b78d7e647dbc60ade8
SHA1

3c5a1ba6c428442247a94e367e5642be9a1d0069
SHA256

747963909bb94bda1ab77da818ebbb5134fb1e717d68908b01cd0f834dd1b5ad
SHA512

4da0aabf400197ed6b5a4ef19353a547ada1ac423487daedaeab6b1bf7df3efd3dc1e2f75857c73738f9cd1f7e9387baadec30e325c1a1f9c962a36e7cb5939c
SSDEEP

3072:ioRyAlCHjLtYM/BjNhjiUTBMT1+wongapcdAKikRTKJ563Z:ioKH3/9NhjvtMT1cnpiAuKu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
043fa7470f6362b78d7e647dbc60ade8_JaffaCakes118

Files

043fa7470f6362b78d7e647dbc60ade8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

72bf8dd6806401c7dd851d4f5b686242

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupGetTargetPathA
SetupGetIntField
SetupFindNextLine
SetupCloseInfFile
SetupOpenInfFileA
SetupOpenFileQueue
SetupQueueDeleteA
SetupCommitFileQueueA
SetupCloseFileQueue
SetupTermDefaultQueueCallback
SetupInitDefaultQueueCallbackEx
SetupSetDirectoryIdA
SetupFindFirstLineA
SetupGetFieldCount
SetupGetStringFieldA
SetupQueueCopySectionA
SetupFindNextMatchLineA
SetupDefaultQueueCallbackA
SetupGetLineTextA

version

GetFileVersionInfoA
VerQueryValueA

wininet

InternetGetConnectedState
InternetConnectA
InternetSetStatusCallback
InternetReadFileExA
HttpAddRequestHeadersA
HttpSendRequestA
HttpOpenRequestA
InternetCloseHandle
HttpQueryInfoA
InternetOpenA

kernel32

InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryA
CloseHandle
GetExitCodeProcess
TerminateProcess
WaitForMultipleObjects
CreateProcessA
lstrcmpiA
lstrcpynA
WritePrivateProfileStringA
GetPrivateProfileIntA
SystemTimeToFileTime
GetSystemTime
CopyFileA
lstrcatA
lstrcpyA
GetModuleFileNameA
LocalFree
GetVersion
WaitForSingleObject
ResetEvent
lstrlenA
GetVolumeInformationA
GlobalMemoryStatus
GlobalFree
RemoveDirectoryA
Sleep
DeleteFileA
SetCurrentDirectoryA
GlobalAlloc
GetPrivateProfileStringA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
CreateDirectoryA
GetFileAttributesA
lstrcmpA
RaiseException
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
CreateEventA
SetEvent
GetStringTypeExA
FindResourceA
SizeofResource
LockResource
LoadResource
FindResourceExA
GetCurrentDirectoryA
GetTempFileNameA
GetTempPathA
SetLastError
MulDiv
GlobalUnlock
GlobalLock
GetCurrentThreadId
DeleteCriticalSection
ReadFile
CreateFileA
FlushInstructionCache
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
InitializeCriticalSection
LoadLibraryExA
IsDBCSLeadByte
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
GetStdHandle
WriteFile
ExitProcess
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineA
VirtualQuery
GetSystemInfo
GetModuleHandleW
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
CreateThread
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetThreadLocale
QueryPerformanceCounter
GetTickCount

user32

CallWindowProcA
SetWindowLongA
CharLowerA
GetWindow
GetWindowRect
GetWindowLongA
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
OpenClipboard
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
IsDlgButtonChecked
GetDlgItemTextA
CheckDlgButton
ShowWindow
GetDC
SendMessageA
DestroyWindow
MsgWaitForMultipleObjects
PeekMessageA
IsWindowUnicode
GetMessageW
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
GetParent
IsClipboardFormatAvailable
GetClipboardData
EmptyClipboard
SetClipboardData
CloseClipboard
DialogBoxParamA
DefWindowProcA
PostQuitMessage
GetSystemMetrics
LoadImageA
ExitWindowsEx
CharNextA
IsWindow
PostMessageA
MessageBoxA
wsprintfA
EndDialog
UnregisterClassA

gdi32

CreateFontIndirectA
DeleteObject
GetDeviceCaps

advapi32

RegDeleteValueA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
FreeSid
RegDeleteKeyA
RegOpenKeyExA

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

SysAllocStringLen
SysStringLen
VarUI4FromStr
SysFreeString

comctl32

PropertySheetA
DestroyPropertySheetPage
ord17
CreatePropertySheetPageA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72bf8dd6806401c7dd851d4f5b686242

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

version

wininet

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

iphlpapi

Sections

.text Size: 150KB - Virtual size: 150KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 6KB - Virtual size: 17KB

.rsrc Size: 34KB - Virtual size: 33KB

.text
Size: 150KB - Virtual size: 150KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 6KB - Virtual size: 17KB

.rsrc
Size: 34KB - Virtual size: 33KB