10d81e9c728fc8cfc09285da935b322d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

10d81e9c728fc8cfc09285da935b322d_JaffaCakes118
Size

438KB
MD5

10d81e9c728fc8cfc09285da935b322d
SHA1

3d609ed63031a4218b8cb16fc48d60ee0635b0bb
SHA256

1dbe5f84d2d8abd10d5aeb16623a6f8b46878713644d5035fe6d7ac77a9a5198
SHA512

eaf51c7a343fab803a4e191361f1a23386ec7124fe866dd16a28e2855c73751ee5efb2ca57db2a636841f293c6ff207f6bc7284e9e4ebcbc8713c0d68f4e1b54
SSDEEP

12288:S5gkDKEZIm5OtZviWvKGsZzmUsqsde6/lEcooMGgIXv:aDKKIsOtZvi2KbZ6NdeWlEH/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10d81e9c728fc8cfc09285da935b322d_JaffaCakes118

Files

10d81e9c728fc8cfc09285da935b322d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9325fc5ac985f73ea8ed0428b7d8ff16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetDial
InternetCheckConnectionW
FtpGetFileSize
InternetTimeFromSystemTime
InternetCanonicalizeUrlA

user32

IsWindowEnabled
GetMenuDefaultItem
EnumDisplayDevicesW
IsCharAlphaNumericW
SetWindowsHookExA
ModifyMenuA
CharPrevExA
LoadMenuIndirectW
SetWindowTextA
CascadeWindows
SubtractRect
GetWindowRect
SetScrollRange
CallMsgFilter
PostMessageW
RegisterClipboardFormatA
SetMenuItemInfoA
GetNextDlgTabItem
CreateMDIWindowW
EnumClipboardFormats

advapi32

RegEnumKeyW
RegCreateKeyExA
LookupAccountNameW
LookupAccountNameA
CryptCreateHash
CryptDestroyHash
RegRestoreKeyW
RegReplaceKeyW
CryptGenRandom
ReportEventA
RegSetKeySecurity
DuplicateToken
CryptDecrypt
RegConnectRegistryW
CryptHashSessionKey

comdlg32

GetFileTitleW
GetFileTitleA
PrintDlgA
FindTextW
ReplaceTextW
ChooseColorW
ChooseFontW
LoadAlterBitmap
GetSaveFileNameA
GetSaveFileNameW
ChooseColorA
PageSetupDlgA
PrintDlgW
PageSetupDlgW

kernel32

ExitProcess
HeapReAlloc
GetModuleFileNameA
GetTickCount
RtlUnwind
FlushViewOfFile
GetCurrentProcess
UnhandledExceptionFilter
WriteFile
TlsFree
MultiByteToWideChar
TlsGetValue
QueryPerformanceCounter
VirtualQuery
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
WideCharToMultiByte
LCMapStringW
GetStringTypeA
GetStartupInfoA
TlsAlloc
CreateWaitableTimerW
HeapDestroy
GetCurrentProcessId
HeapCreate
GetStdHandle
GetCommandLineA
GetCurrentThreadId
VirtualFree
GetOEMCP
LoadLibraryA
SetHandleCount
GetCPInfo
GetEnvironmentStrings
GetProcAddress
GetLastError
GetModuleHandleA
FreeEnvironmentStringsA
TlsSetValue
LeaveCriticalSection
GetFileType
TerminateProcess
IsBadWritePtr
GlobalDeleteAtom
GetCurrentThread
GetStringTypeW
LCMapStringA
VirtualAlloc
InterlockedExchange
DeleteCriticalSection
EnterCriticalSection
HeapFree
HeapAlloc
InitializeCriticalSection
GetACP
SetLastError
GetEnvironmentStringsW
GetVersion

shell32

SHGetNewLinkInfo
DragQueryFile
ShellExecuteA
SHGetMalloc
SHQueryRecycleBinA
InternalExtractIconListW
CheckEscapesW
SHGetFileInfoA
SHBrowseForFolderW
RealShellExecuteW
SHGetFileInfo
SHGetDesktopFolder
SHQueryRecycleBinW
SHEmptyRecycleBinA
SHGetInstanceExplorer
ExtractIconExW
FindExecutableW

Sections

.text
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9325fc5ac985f73ea8ed0428b7d8ff16

Headers

File Characteristics

Imports

wininet

user32

advapi32

comdlg32

kernel32

shell32

Sections

.text Size: 162KB - Virtual size: 161KB

.data Size: 269KB - Virtual size: 269KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 162KB - Virtual size: 161KB

.data
Size: 269KB - Virtual size: 269KB

.rsrc
Size: 6KB - Virtual size: 5KB