11dcaf0f00514cce8d3282cdbec643a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11dcaf0f00514cce8d3282cdbec643a2_JaffaCakes118
Size

468KB
MD5

11dcaf0f00514cce8d3282cdbec643a2
SHA1

df68d08ad69dbc9861f6034d2a0fc36bb5207466
SHA256

a9cc1228ef3ebb133bdbc38b890e3625dbfd3d76d1ae4898fbd248c49fca330a
SHA512

ef74c6aa60f7c00439c46988aaf2ce53604125fb255be0e271ea249f025d9bce90dee4aa6fc392d4245bab355ce88d9a6c9510f165a44354c7973453deef4c16
SSDEEP

6144:CRyv6U+3/RyPWsODiGU7/2U/E5IbxtK0qIba3ZU2Ing5R3nJsEDJwGk4C32J8eKZ:+oz+3EPL2lI/45Ibx00qC32yqblCy13w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11dcaf0f00514cce8d3282cdbec643a2_JaffaCakes118

Files

11dcaf0f00514cce8d3282cdbec643a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de0a5290d68b6a1f71d98b4d8b742db3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
ReadFile
GetStringTypeW
EnterCriticalSection
SetErrorMode
SetEvent
TlsSetValue
SetHandleCount
GetLastError
InitializeCriticalSection
GetLocalTime
UnlockFile
TlsGetValue
FindFirstFileA
GetCommandLineA
GetSystemDirectoryA
VirtualAlloc
HeapFree
HeapCreate
QueryPerformanceCounter
GetCurrentThreadId
GetModuleFileNameA
RtlUnwind
LeaveCriticalSection
LockResource
TerminateProcess
GetCurrentThread
IsBadWritePtr
InterlockedDecrement
CreateMutexA
CreateFileA
ResumeThread
LCMapStringW
LocalFree
GetFileType
SetLastError
InterlockedExchange
FindResourceA
LoadLibraryA
GetStringTypeExA
OutputDebugStringA
WideCharToMultiByte
CloseHandle
SetFilePointer
GetCurrentDirectoryA
SetEnvironmentVariableA
SetFileTime
VirtualFree
IsBadCodePtr
GetProcAddress
GetTickCount
GetSystemTimeAsFileTime
GetEnvironmentStringsW
GetOEMCP
lstrcpyW
CompareStringA
LCMapStringA
MoveFileA
GetVersion
SuspendThread
FreeEnvironmentStringsA
VirtualQuery
UnhandledExceptionFilter
FlushFileBuffers
GlobalDeleteAtom
GetStringTypeA
FindNextFileA
SetUnhandledExceptionFilter
GetExitCodeProcess
lstrcpyA
GetFullPathNameA
CompareStringW
GetCurrentProcess
GetThreadLocale
GlobalHandle
HeapValidate
GlobalSize
GetModuleHandleA
GlobalReAlloc
GetCPInfo
GetStdHandle
FreeEnvironmentStringsW
lstrcatA
GlobalFree
MultiByteToWideChar
SetThreadPriority
CopyFileA
GetSystemTime
DeviceIoControl
lstrcmpA
ExitProcess
GetTimeZoneInformation
GetTempFileNameA
DebugBreak
SetStdHandle
HeapAlloc
GetACP
IsBadStringPtrA
WritePrivateProfileStringA
DeleteCriticalSection
RaiseException
GetFileAttributesA
GlobalGetAtomNameA
CreateEventA
TlsAlloc
GetEnvironmentStrings
GetStartupInfoA
GetCurrentProcessId
WriteFile
InterlockedIncrement
HeapReAlloc
LockFile
LocalAlloc
TlsFree
IsBadReadPtr
HeapDestroy

urlmon

URLDownloadToCacheFileA

gdi32

CreateCompatibleDC
SelectClipRgn
PolyBezier
GetTextFaceA
ExtSelectClipRgn
MaskBlt
SelectPalette
GetRgnBox
GetPaletteEntries
SetBkColor
SetWorldTransform
ExtCreateRegion
EnumFontFamiliesExW
RealizePalette
StretchDIBits
RectInRegion
ResizePalette
Pie
CreateSolidBrush
SetDIBitsToDevice
GetObjectW
Polyline
CreateCompatibleBitmap
GetRegionData
StartPage
GetObjectA
GetDeviceCaps
GetDIBits
SetMapMode
SelectObject
TextOutA
EndPage
StretchBlt
CreatePolygonRgn
Chord
DeleteObject
PatBlt
EndPath
CreateRectRgn
GetTextExtentPoint32W
Escape
BeginPath
GetWindowExtEx
GetBkColor
CreatePalette
MoveToEx
GetTextMetricsW
SaveDC
GetClipRgn
CombineRgn
PtVisible
Ellipse
GetStockObject
PtInRegion
CreateHatchBrush
SetPaletteEntries
CreateRectRgnIndirect
ExtCreatePen
GetTextMetricsA
SetBkMode
EndDoc
SetPolyFillMode
SetTextAlign
SetTextColor
SetBrushOrgEx
CreateDIBSection
GetGlyphOutlineA
CreatePatternBrush
OffsetRgn
RestoreDC
SetViewportExtEx
DeleteDC
CreateFontIndirectA

shell32

SHGetPathFromIDListA
ShellExecuteA
SHGetMalloc
DragQueryFileW

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_Destroy
DestroyPropertySheetPage
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_Draw
ImageList_Remove
ImageList_DrawEx
ImageList_GetImageCount
ImageList_Create
PropertySheetW
ord17
ImageList_GetImageInfo
_TrackMouseEvent
ImageList_GetIcon

oleaut32

LoadTypeLi

user32

CreateIconIndirect
RegisterClassExA
LoadIconA
LoadCursorA
DestroyIcon
CharUpperA
SetWindowTextA
ScreenToClient
KillTimer
LoadStringA
MessageBoxA
CallWindowProcA
DrawFocusRect
EqualRect
SetFocus
GetSysColor
ShowWindow
IsChild
SetMenuDefaultItem
GetWindowThreadProcessId
GetMenu
DestroyWindow
GetWindowTextLengthA
CreateWindowExA
ReleaseDC
LoadAcceleratorsA
RegisterClassA
DefWindowProcA
LoadBitmapA

ole32

CoTaskMemFree
CoInitialize
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleGetClipboard
OleInitialize
IsAccelerator
StgCreateDocfileOnILockBytes
CoRevokeClassObject
GetRunningObjectTable
OleTranslateAccelerator
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
CoDisconnectObject
CreateILockBytesOnHGlobal

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de0a5290d68b6a1f71d98b4d8b742db3

Headers

File Characteristics

Imports

kernel32

urlmon

gdi32

shell32

comctl32

oleaut32

user32

ole32

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 244KB - Virtual size: 240KB

.data Size: 72KB - Virtual size: 103KB

.rsrc Size: 56KB - Virtual size: 52KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 244KB - Virtual size: 240KB

.data
Size: 72KB - Virtual size: 103KB

.rsrc
Size: 56KB - Virtual size: 52KB