091ac3f34c80eee25692d2fb82441e74_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

091ac3f34c80eee25692d2fb82441e74_JaffaCakes118
Size

239KB
MD5

091ac3f34c80eee25692d2fb82441e74
SHA1

4825f9d0041c7adaf4d1712a656d30ca33c4d92d
SHA256

df5ec5f7cc7c476d5272b2b9d44932923aa23b3e6ccfa23a699c439e476df0ec
SHA512

3ec1287be780f3270b115eca164c40e9b37e7fe4745c0e19c39aa3b255efa93bdf4980427bcbc17968d7d5a2d5a5689ef1166a9e64fa1da9b32075490d63186d
SSDEEP

3072:g5IGQr+QpO1rUXiJqA38FnIzJ+vLJ4AH3J4AHgyLw4MDuCyfzKqrhtYuEL+sm7dL:iIGQHxXiqAM5B4AHZ4AH6afzoL+PdQyD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
091ac3f34c80eee25692d2fb82441e74_JaffaCakes118

Files

091ac3f34c80eee25692d2fb82441e74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8781ca8d8288e3880e88f6f860cd6579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntW
GetModuleFileNameW
GetCurrentDirectoryW
GlobalAlloc
FreeLibrary
GetProcAddress
GetUserDefaultLangID
GetCurrentThread
WriteFile
SetThreadPriority
GetModuleHandleW
IsBadStringPtrW
IsBadWritePtr
IsBadReadPtr
GetStartupInfoW
lstrcpyW
FindResourceW
LoadResource
LockResource
GlobalHandle
GlobalFree
FreeResource
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
CreateProcessW
CloseHandle
DeleteFileW
WritePrivateProfileStringW
MoveFileW
GetTempPathW
GetFileAttributesW
GetFileSize
CreateFileW
ReadFile
WideCharToMultiByte
WaitForSingleObject
Sleep
MulDiv
GetTickCount
HeapDestroy
SetCurrentDirectoryW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpW
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
lstrlenA
lstrlenW
lstrcpynW

user32

GetClassInfoExW
DefWindowProcW
PostMessageW
SetWindowTextW
RegisterWindowMessageW
RegisterClassExW
DialogBoxIndirectParamW
SetWindowLongW
GetWindow
IsWindow
LoadCursorW
GetWindowTextW
GetWindowTextLengthW
GetWindowLongW
CallWindowProcW
GetSysColor
SetFocus
IsChild
GetFocus
ReleaseDC
GetDC
EndPaint
FillRect
GetClientRect
BeginPaint
SetWindowPos
GetSystemMetrics
PtInRect
DrawTextW
ShowWindow
LoadIconW
GetPropW
RemovePropW
SetPropW
GetForegroundWindow
ClientToScreen
ScreenToClient
TranslateMessage
MoveWindow
OffsetRect
CopyRect
FindWindowW
LoadStringW
GetWindowRect
SystemParametersInfoW
MapWindowPoints
PeekMessageW
DispatchMessageW
SetDlgItemTextW
KillTimer
EnableWindow
EndDialog
SetTimer
GetDlgItem
SendMessageW
InvalidateRgn
InvalidateRect
SetCapture
ReleaseCapture
wsprintfW
CreateWindowExW
DestroyWindow
CreateAcceleratorTableW
GetDesktopWindow
GetParent
GetClassNameW
RedrawWindow

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
GetObjectW
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
ExtTextOutW
SetBkColor
SelectObject
SetBkMode
SetTextColor
BitBlt
GetDeviceCaps
DeleteDC

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
OleLockRunning

oleaut32

VariantClear
SysStringLen
LoadRegTypeLi
SysAllocString
SysAllocStringLen
SysFreeString
OleCreateFontIndirect

wininet

InternetOpenW
InternetSetOptionW
InternetOpenUrlW
HttpQueryInfoW
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetCanonicalizeUrlW

msvcrt

calloc
_wcsicmp
wcsncmp
_except_handler3
wcstok
wcsrchr
malloc
wcscmp
wcscat
_wmkdir
rand
wcscpy
wcslen
memset
strlen
strstr
free
memcmp
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
time
__CxxFrameHandler
_beginthread
_endthread
_wcsdup
_wtoi
swscanf
memmove
wcschr
wcsstr
vswprintf
swprintf
iswdigit
iswspace
_XcptFilter
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
__dllonexit
_onexit
?terminate@@YAXXZ
_controlfp
_exit

comctl32

InitCommonControlsEx
ord17

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8781ca8d8288e3880e88f6f860cd6579

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

wininet

msvcrt

comctl32

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 47KB - Virtual size: 47KB

.text Size: 115KB - Virtual size: 116KB

.text
Size: 57KB - Virtual size: 57KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 47KB - Virtual size: 47KB

.text
Size: 115KB - Virtual size: 116KB