11cd22048adfd714e5e4b4798b53cfd0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

11cd22048adfd714e5e4b4798b53cfd0_JaffaCakes118
Size

692KB
MD5

11cd22048adfd714e5e4b4798b53cfd0
SHA1

4f8c50033d925abeb295017641fbafa50c1876a7
SHA256

3825c8aa052420fe646e77096fb67546e192a4b02cedce691cd926b9f8373114
SHA512

dcc905587241548895592ca25c0cb32d601f1cc712fdf515f9846e0399f08a8950eada90b19b13a3a0562f95f671cb80f6d14b38f4f2968aa1f20d5324f24f09
SSDEEP

12288:TokckiG971TzPvo5OlbcsyEDWBT0WOxrEfSfXizMMcnKA3AWkEIZow:kfkiG97pPvjlbcj+UawSPizMMc53A7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cd22048adfd714e5e4b4798b53cfd0_JaffaCakes118

Files

11cd22048adfd714e5e4b4798b53cfd0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e7bdbd3c4890cf92a0d1d221f2c99b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\opdeh\ssgrwn\kgooee

Imports

comctl32

ImageList_LoadImageA
ImageList_DragLeave
ord17
ImageList_AddMasked
ImageList_Create

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromProgID
CoInitialize
OleRun
DoDragDrop
OleInitialize
GetRunningObjectTable
CoLockObjectExternal
OleDuplicateData
StringFromCLSID
CoCreateInstance
CoDisconnectObject

advapi32

RegDeleteValueA
RegSetValueA
RegEnumValueA
LookupPrivilegeValueA
RegQueryInfoKeyA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
SetSecurityDescriptorDacl
OpenServiceA
DeleteService
RegOpenKeyA
CloseServiceHandle
RegEnumKeyA
OpenSCManagerA
StartServiceA
InitializeSecurityDescriptor
RegDeleteKeyA
RegCloseKey
GetUserNameA
ControlService
RegSetValueExA
CreateServiceA
AdjustTokenPrivileges
RegQueryValueA
RegEnumKeyExA
RegCreateKeyA
QueryServiceConfigA

user32

GetClientRect
DrawFocusRect
DestroyWindow
EndDialog
CreateDialogIndirectParamA
UpdateWindow
GetMessageA
ShowCaret
InvalidateRect
CallNextHookEx
wsprintfA
InsertMenuItemA
GetCursorPos
SetTimer
GetWindow
GetClassInfoExA
TranslateAcceleratorA
SetForegroundWindow
DrawEdge
FrameRect
IsDialogMessageA
SetRectEmpty
CreateWindowExA
CreatePopupMenu
SetWindowTextA
EnableWindow
GetParent
SetCapture
GetMessageTime
LoadMenuA
MessageBeep
LoadAcceleratorsA
RegisterClassExA
GetSystemMenu
MessageBoxA
LoadIconA
DefWindowProcA
LoadCursorA
DispatchMessageA
PostQuitMessage
CopyAcceleratorTableA
CreateIconIndirect
EndDeferWindowPos
ShowWindow
IsChild
RegisterClassA
GetDCEx
PtInRect
DestroyAcceleratorTable
KillTimer
DeleteMenu
BeginDeferWindowPos
TranslateMessage
ClientToScreen
GetFocus
SetMenuItemBitmaps

winmm

mixerGetID
mixerGetControlDetailsA
mixerGetLineControlsA
mixerGetLineInfoA

wininet

InternetOpenA
HttpSendRequestExA
HttpSendRequestA
InternetCrackUrlA
HttpQueryInfoA
InternetConnectA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetReadFile
InternetQueryDataAvailable
InternetGetLastResponseInfoA
InternetWriteFile
InternetCloseHandle
HttpEndRequestA

kernel32

CloseHandle
DeviceIoControl
ExpandEnvironmentStringsA
MulDiv
FileTimeToLocalFileTime
GetEnvironmentStringsW
VirtualProtect
GetTempFileNameA
DeleteFileW
GetLocalTime
TlsGetValue
GetFileAttributesA
FormatMessageA
ExitThread
GetUserDefaultLangID
HeapAlloc
CreateProcessA
GlobalUnlock
InitializeCriticalSection
GetDateFormatA
GetSystemTimeAsFileTime
RaiseException
GlobalSize
SuspendThread
GlobalFlags
UnlockFile
FindNextFileA
CreateEventA
lstrcmpA
FlushFileBuffers
VirtualFree
CreatePipe
GetTempPathW
CreateMutexA
GetModuleHandleA
LCMapStringW
InterlockedIncrement
GetCurrentProcessId
LockResource
GetModuleHandleW
GetSystemInfo
EnumSystemLocalesA
OpenProcess
HeapReAlloc
GetSystemTime
VirtualQuery
HeapSize
GetFileTime
GetCurrentProcess
ExitProcess
GetLastError
lstrcpynA
TlsAlloc
GetTimeZoneInformation
HeapCreate
GetStringTypeA
GetCurrentDirectoryA
SetStdHandle
ReadFile
CompareStringA
InterlockedExchange
SetCurrentDirectoryA
IsDebuggerPresent
GetACP
WinExec
GetProcAddress
ResetEvent
InterlockedDecrement
SetHandleCount
SetFileTime
GlobalHandle
CreateThread
HeapFree
SetEvent
SetErrorMode
VirtualAlloc
IsBadWritePtr
FindFirstFileW
MapViewOfFile
GlobalMemoryStatus
QueryPerformanceCounter
MultiByteToWideChar
PeekNamedPipe
DuplicateHandle
GetModuleFileNameW
IsBadCodePtr
GlobalDeleteAtom
GetTempPathA
EnterCriticalSection
CompareStringW
GetCurrentThread
LoadLibraryW
GetUserDefaultLCID
GetDriveTypeA
TerminateThread
GetFullPathNameA
ReleaseMutex
FindClose
GetModuleFileNameA
GetFileSize
CreateMutexW
CreateFileA
CopyFileA
IsValidCodePage
CreateFileW
SetEndOfFile
GetCurrentThreadId
UnmapViewOfFile
GetStartupInfoA
ConvertDefaultLocale
MoveFileA
HeapDestroy
lstrlenA
ResumeThread
LoadLibraryA
GetVersionExA
LeaveCriticalSection
LCMapStringA
CreateDirectoryA
GetFileAttributesW
FreeLibrary
FileTimeToDosDateTime
FreeEnvironmentStringsA
GetVersion
SetThreadPriority
IsValidLocale
GetFullPathNameW
GetStdHandle
GetLocaleInfoA
CreateProcessW
WaitForMultipleObjects
GetExitCodeProcess
UnhandledExceptionFilter
GlobalReAlloc
GetStringTypeW
OutputDebugStringA
SetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
FindFirstFileA
WriteFile
GetTickCount
GetSystemDirectoryA
WideCharToMultiByte
GetEnvironmentStrings
SetFilePointer
LocalReAlloc
LocalAlloc
LocalFileTimeToFileTime
FreeResource
FreeEnvironmentStringsW
Sleep
lstrlenW
DeleteCriticalSection
WaitForSingleObject
LockFile
GetOEMCP
GlobalAlloc
GlobalFree
RtlUnwind
GetLocaleInfoW
LocalFree
GetTimeFormatA
IsBadReadPtr
SystemTimeToFileTime
GetCPInfo
TlsFree
DeleteFileA
lstrcmpiA
GetExitCodeThread
GetThreadLocale
SizeofResource
LoadResource
GlobalLock
GetCommandLineA
WriteConsoleA
SetLastError
TlsSetValue
FileTimeToSystemTime
GetFileType
GetProcessHeap

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 476KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e7bdbd3c4890cf92a0d1d221f2c99b7

Headers

File Characteristics

PDB Paths

Imports

comctl32

ole32

advapi32

user32

winmm

wininet

kernel32

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 476KB - Virtual size: 472KB

.data Size: 108KB - Virtual size: 106KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 476KB - Virtual size: 472KB

.data
Size: 108KB - Virtual size: 106KB

.rsrc
Size: 20KB - Virtual size: 19KB