0948f649e4481ddfbe703dac4a7362ac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0948f649e4481ddfbe703dac4a7362ac_JaffaCakes118
Size

665KB
MD5

0948f649e4481ddfbe703dac4a7362ac
SHA1

2c8870016543284e2cbbc2f31fbafb0e02f981fd
SHA256

68ae9999d08d92500c07fda4f5af2dcb3cf8ee13490bc9e2638d8fcabb509f9d
SHA512

b7ba5347fd886ddec88b357d206a2b691248166e670c766aef707eb4280d89b716b07e271d0ccb6ad29edd5cf768f89634a2f18e1488b9a07e817813dded2e36
SSDEEP

12288:QLbgxj74sCqPvhlNQ7xBoADl+lbuk492h+Un:zxj8sphlcvDlZ9BUn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0948f649e4481ddfbe703dac4a7362ac_JaffaCakes118

Files

0948f649e4481ddfbe703dac4a7362ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e77a7a2316c240e9703fd054526c3e45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

lstrlenW
MultiByteToWideChar
MulDiv
HeapAlloc
FlushInstructionCache
GetCurrentProcess
WideCharToMultiByte
GetModuleFileNameA
GetCurrentThreadId
lstrcmpiA
GetSystemDefaultLangID
FreeLibrary
GetProcAddress
LoadLibraryA
CreateDirectoryA
DeleteFileA
MoveFileA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleA
SizeofResource
LoadLibraryExA
IsDBCSLeadByte
GlobalFree
GlobalHandle
GetCommandLineA
ReadFile
CreateProcessA
GetSystemInfo
GetEnvironmentVariableA
LocalFree
GetTickCount
GetCurrentProcessId
GetSystemDirectoryA
FindClose
FindFirstFileA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetExitCodeProcess
GetUserDefaultLangID
GetShortPathNameA
GetWindowsDirectoryA
CompareStringW
FindResourceA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetTimeZoneInformation
GetCPInfo
GetOEMCP
TlsGetValue
TlsSetValue
TlsFree
TlsAlloc
SetUnhandledExceptionFilter
HeapSize
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
TerminateProcess
ExitProcess
HeapReAlloc
VirtualQuery
VirtualAlloc
VirtualProtect
RtlUnwind
GetSystemTimeAsFileTime
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
CreateEventA
CreateThread
SetLastError
GetTempPathA
SetEvent
lstrcpynA
lstrcmpA
lstrcpyA
lstrlenA
SetEnvironmentVariableA
lstrcatA
CreateFileA
GetFileSize
GetFileTime
FileTimeToSystemTime
GetLastError
Sleep
SystemTimeToFileTime
CompareFileTime
SetFilePointer
SetEndOfFile
WriteFile
CloseHandle
WaitForSingleObject
GetProcessHeap
HeapFree
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
CompareStringA

user32

RedrawWindow
IsChild
GetClassNameA
GetParent
CharNextA
GetFocus
IsWindow
CreateAcceleratorTableA
UnregisterClassA
GetClassInfoExA
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
SetTimer
KillTimer
EnableWindow
GetDlgItem
MessageBoxA
SetWindowTextA
LoadStringA
PostMessageA
RegisterClassExA
RegisterWindowMessageA
GetWindowTextA
GetWindowTextLengthA
SetForegroundWindow
SystemParametersInfoA
SendDlgItemMessageA
DialogBoxParamA
GetActiveWindow
DialogBoxIndirectParamA
PeekMessageA
wsprintfA
SetCursor
LoadCursorA
PtInRect
GetWindowRect
GetCursorPos
EndDialog
GetClientRect
LoadBitmapA
MapWindowPoints
GetDlgCtrlID
DestroyWindow
SetWindowLongA
GetWindowLongA
SetWindowPos
SetWindowContextHelpId
MapDialogRect
GetWindow
CreateWindowExA
SendMessageA
DestroyAcceleratorTable
SetFocus
BeginPaint
EndPaint
GetSysColor
DefWindowProcA
CallWindowProcA
GetDesktopWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
FillRect
SetCapture
ReleaseCapture

gdi32

CreateFontIndirectA
DPtoLP
GetDeviceCaps
SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
DeleteDC
DeleteObject
GetStockObject
SetBkMode
StretchBlt
CreateCompatibleDC
GetObjectA
SetTextColor
SelectObject
CreateSolidBrush
CreateCompatibleBitmap
RestoreDC
BitBlt

advapi32

RegOpenKeyExA
RegEnumKeyA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptCreateHash
CryptReleaseContext
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

StringFromGUID2
CreateStreamOnHGlobal
CoInitializeSecurity
StringFromCLSID
CoInitialize
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
CoTaskMemAlloc

oleaut32

LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
OleCreateFontIndirect
SysStringByteLen
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString
VarUI4FromStr

urlmon

URLDownloadToFileA
IsValidURL

wintrust

WinVerifyTrust

wininet

InternetOpenA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
InternetTimeFromSystemTime
HttpAddRequestHeadersA
HttpSendRequestA
HttpQueryInfoA
InternetTimeToSystemTime
InternetReadFile
InternetCloseHandle
InternetErrorDlg

version

GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 428KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wrdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e77a7a2316c240e9703fd054526c3e45

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

urlmon

wintrust

wininet

version

Sections

.text Size: 120KB - Virtual size: 117KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 428KB - Virtual size: 425KB

.wrdata Size: 72KB - Virtual size: 72KB

.text
Size: 120KB - Virtual size: 117KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 428KB - Virtual size: 425KB

.wrdata
Size: 72KB - Virtual size: 72KB