10f638cb291d1be954b9d8af675d73a3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10f638cb291d1be954b9d8af675d73a3_JaffaCakes118
Size

234KB
MD5

10f638cb291d1be954b9d8af675d73a3
SHA1

a7b2f67217739b85011ebb7e705c907426ecc7ee
SHA256

cf84d57a936520491703b06750e4c2debfc348098ccadbb0401e1e25a7920451
SHA512

91a8f50be10e3776ccd10b43eacd3383ad68a3b9d0a5cff63cae25234b81dc547a175c33e57780232244a6085cac13b30a665e7f99fb8e9e24672b9723eb232b
SSDEEP

6144:6SkQV0UrGw9CkS5XvHj4g5Cu1Y+Yz28QeSH9c:yy0UZ9S5XPj4g571cz2Kwc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f638cb291d1be954b9d8af675d73a3_JaffaCakes118

Files

10f638cb291d1be954b9d8af675d73a3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a036e586427cd7866327823f37d58a33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalDeleteAtom
IsBadReadPtr
FatalAppExitA
GetFileAttributesA
lstrcmp
GetProcAddress
CreateMutexA
FreeLibrary
LocalFree
AddAtomW
LoadLibraryExA
GetCurrentProcess
SetErrorMode
CreateNamedPipeA
lstrlen
GetExitCodeProcess
WinExec
Beep
FatalAppExitW
GetVolumeInformationW
HeapCreate
IsBadStringPtrA
GetDateFormatA
QueryPerformanceCounter
EnumCalendarInfoW
GetWindowsDirectoryW
AddAtomA
MultiByteToWideChar
WaitForMultipleObjects
GetSystemDefaultLCID
SetUnhandledExceptionFilter
CompareFileTime
LoadLibraryA
lstrcatA
GetEnvironmentStringsA
lstrlenW

user32

MessageBoxIndirectA
TrackPopupMenuEx
SetMenu
GetMenuItemInfoW
GetWindowRgn
IsWindow
CharUpperW
GetMenuState
CreateDialogIndirectParamA
GetActiveWindow
OffsetRect
UnregisterClassW
SetWindowTextA
GetCapture
SetCursorPos
DefWindowProcW
IsChild
SetTimer
GetMenuItemRect
AppendMenuW
DestroyMenu
DialogBoxParamW
LoadMenuIndirectA
SetDlgItemTextA
MoveWindow
SetFocus
OpenClipboard
RegisterWindowMessageW
IsDlgButtonChecked

gdi32

CreateBitmap
CreateHatchBrush
SetEnhMetaFileBits
CreateRoundRectRgn
CreateColorSpaceW
GetEnhMetaFilePixelFormat
CreatePen
CreateScalableFontResourceW

advapi32

RegCreateKeyA
RegEnumKeyExW
RegCloseKey
RegOpenKeyA
RegOpenKeyW
RegReplaceKeyW

shell32

ExtractIconW
ExtractIconA
ExtractIconExA
SHGetDiskFreeSpaceA
StrNCmpW
SHGetFolderPathA
StrChrIA
StrRStrW
ShellExecuteExA
Shell_NotifyIconW
StrNCmpIA
SHCreateDirectory

ole32

CoInitialize
CoLockObjectExternal

setupapi

SetupCommitFileQueueA
SetupCancelTemporarySourceList
CM_First_Range
CM_Set_HW_Prof_Flags_ExW

wininet

InternetGetLastResponseInfoW
SetUrlCacheGroupAttributeW
InternetTimeFromSystemTimeA
UnlockUrlCacheEntryFileA
HttpQueryInfoW
GopherOpenFileA
InternetGetPerSiteCookieDecisionW
HttpSendRequestExW
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
DeleteUrlCacheEntry

winmm

waveOutOpen
waveOutBreakLoop
mixerGetLineInfoW
auxGetDevCapsA
mod32Message
midiStreamOpen
WOWAppExit
waveOutGetDevCapsA
wid32Message
mid32Message
timeKillEvent
waveOutReset
waveInReset
mixerGetLineControlsW
midiOutGetErrorTextW
aux32Message
mciGetDeviceIDW
waveInOpen
waveInGetNumDevs
mciGetErrorStringA
joyGetNumDevs

oledlg

OleUIChangeIconA
OleUIChangeSourceW
OleUIPromptUserW

wsock32

rresvport
htonl
inet_addr
NPLoadNameSpaces
getsockopt
listen
socket
GetNameByTypeA
GetServiceW
ntohl

Sections

.nr
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pO
Size: 3KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tSXgkY
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ASJ
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rS
Size: 4KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.a
Size: 3KB - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.YxO
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xPeXV
Size: 16KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a036e586427cd7866327823f37d58a33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

setupapi

wininet

winmm

oledlg

wsock32

Sections

.nr Size: 3KB - Virtual size: 2KB

.pO Size: 3KB - Virtual size: 434KB

.tSXgkY Size: 83KB - Virtual size: 82KB

.ASJ Size: 14KB - Virtual size: 14KB

.rS Size: 4KB - Virtual size: 42KB

.a Size: 3KB - Virtual size: 386KB

.YxO Size: 83KB - Virtual size: 82KB

.xPeXV Size: 16KB - Virtual size: 326KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.nr
Size: 3KB - Virtual size: 2KB

.pO
Size: 3KB - Virtual size: 434KB

.tSXgkY
Size: 83KB - Virtual size: 82KB

.ASJ
Size: 14KB - Virtual size: 14KB

.rS
Size: 4KB - Virtual size: 42KB

.a
Size: 3KB - Virtual size: 386KB

.YxO
Size: 83KB - Virtual size: 82KB

.xPeXV
Size: 16KB - Virtual size: 326KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B