11b0c36e615dec1315371d0b35071c1f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11b0c36e615dec1315371d0b35071c1f_JaffaCakes118
Size

132KB
MD5

11b0c36e615dec1315371d0b35071c1f
SHA1

27a91ae9f8210bb52e6d14afd9f60501c7bce393
SHA256

f38a8d255d3526b3cf2fc303640cde5122eeec4118d976d14cd396df6873f81e
SHA512

be535ac9e3d6b7753c23014610f57f5e72029ba61f9f21add987f34f5025a934c99ab707a7df7a68b384f2ca6b822c6e0a041f76bdc34b5c9232eb82a09dc89a
SSDEEP

1536:qdw/rcq9jVBocEKoLenRPPslLeMaTKRyF14ySO816sYJE1sJXRI5Cmb:3/oq9oc//9Psp1hq1JbsYJMsJXRI55b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11b0c36e615dec1315371d0b35071c1f_JaffaCakes118

Files

11b0c36e615dec1315371d0b35071c1f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3ae1c0b27b485bd36ab48431a2adac91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wininet

InternetCrackUrlA
InternetOpenA
InternetGetConnectedState
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA

shlwapi

SHGetValueA
StrStrA
PathRemoveFileSpecA
StrRChrA
PathAddExtensionA
StrStrIA
PathStripToRootA
PathFindFileNameA
PathCombineA
StrTrimA

kernel32

GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcpyA
InterlockedDecrement
SetLastError
GetModuleFileNameA
Sleep
CloseHandle
CreateProcessA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
OutputDebugStringA
GetFileAttributesA
FindNextFileA
lstrcmpiA
lstrcmpA
FindFirstFileA
lstrcatA
GetWindowsDirectoryA
WritePrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
MoveFileExA
GetVersionExA
DeleteFileA
GetTempFileNameA
SetFileAttributesA
GetShortPathNameA
CreateFileA
GetSystemDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
WriteFile
GetModuleHandleA
CreateDirectoryA
RemoveDirectoryA
FindClose
SystemTimeToFileTime
GetLocalTime
SetEndOfFile
GetCurrentProcess
SetFilePointer
GetFileSize
WaitForSingleObject
DeviceIoControl
GetLastError
LocalFree
TerminateProcess
ExitProcess
RaiseException
GetVersion
GetCommandLineA
ExitThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
CreateThread
GetSystemTime
GetTimeZoneInformation
HeapAlloc
HeapFree
RtlUnwind
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection
HeapReAlloc
HeapSize
VirtualFree
VirtualAlloc
IsBadWritePtr
TlsAlloc
TlsFree
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
HeapCreate
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
InterlockedIncrement
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
GetEnvironmentVariableA
HeapDestroy
IsBadReadPtr
IsBadCodePtr
SetStdHandle
ReadFile
CompareStringA
CompareStringW
FlushFileBuffers
SetEnvironmentVariableA

user32

TrackMouseEvent
MoveWindow
GetWindowRect
GetCursorPos
CallWindowProcA
IsWindow
GetParent
GetSystemMetrics
SetWindowRgn
SetWindowLongA
DestroyWindow
BeginPaint
InvalidateRect
GetClientRect
LoadBitmapA
ClientToScreen
GetSysColor
DrawTextA
FindWindowA
DefWindowProcA
KillTimer
GetPropA
AnimateWindow
SetWindowPos
SetForegroundWindow
UpdateWindow
SetTimer
SendMessageA
RemovePropA
PostQuitMessage
SetPropA
ShowWindow
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateMessage
DispatchMessageA
SystemParametersInfoA
GetWindowTextA
ReleaseDC
GetDC
DrawIcon
GetIconInfo
SetRect
FillRect
DrawFocusRect
CharLowerA
EndPaint
GetWindowLongA

gdi32

CreateSolidBrush
StretchBlt
GetObjectA
SelectObject
BitBlt
SetStretchBltMode
SetBkMode
CreateCompatibleDC
DeleteDC
CreatePen
RestoreDC
SetTextColor
CreateCompatibleBitmap
SaveDC
CombineRgn
GetPixel
RoundRect
LineTo
MoveToEx
DeleteObject
CreateRectRgn
CreateRoundRectRgn

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance
OleSetContainedObject
OleCreate
OleInitialize
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysStringByteLen
SysAllocStringByteLen
VariantInit
SysAllocString
SysFreeString

ws2_32

recv
send
socket
WSAStartup
WSACleanup
gethostbyname
htons
closesocket
select
connect
ioctlsocket

netapi32

Netbios

comctl32

ord17

Exports

Exports

Play
PopIE

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ae1c0b27b485bd36ab48431a2adac91

Headers

File Characteristics

Imports

version

wininet

shlwapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

ws2_32

netapi32

comctl32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 38KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 38KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 7KB