11f82dbfcec8816512dc44246aff7615_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

11f82dbfcec8816512dc44246aff7615_JaffaCakes118
Size

422KB
MD5

11f82dbfcec8816512dc44246aff7615
SHA1

10e8e16ef919e8ab149167fa68b3c72e2cd71697
SHA256

d95a258a73e7b62d1fc14e0771adfb932e1ccdf94c5b8035a00c59222dc7635c
SHA512

d29ecc3a7ede923d7b784043a90585254c8fb9bb3b4d20a3ab25186036951a78c08180860ab31198a12c0c12f158002b59157ccbbcc20ea956d2da693e04bec4
SSDEEP

12288:q9t3w3fGHrM708bBW2UU4BwuFs9+096C:cu3OrM70ffBrs9z9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11f82dbfcec8816512dc44246aff7615_JaffaCakes118

Files

11f82dbfcec8816512dc44246aff7615_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1517fa847a27ecd391b5dedfb8801c37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FreeUrlCacheSpaceW
HttpQueryInfoA
InternetTimeToSystemTimeA
SetUrlCacheEntryGroup
FtpFindFirstFileW

shell32

DragAcceptFiles
SHGetSettings
InternalExtractIconListA
RealShellExecuteExA
RealShellExecuteA
ExtractIconExW
SHFileOperation
SHInvokePrinterCommandA
ExtractAssociatedIconW

comdlg32

GetSaveFileNameW
PageSetupDlgW
ChooseColorA
ChooseFontA
GetOpenFileNameW
GetOpenFileNameA
ReplaceTextW
ReplaceTextA
PrintDlgA
ChooseColorW
GetFileTitleA
PageSetupDlgA
GetSaveFileNameA

user32

GetDlgItemInt
OpenDesktopW
DefMDIChildProcA
OemKeyScan
GetClientRect
DlgDirSelectExA
SetWindowTextW
GetMenuItemInfoW
ChildWindowFromPoint
DdeFreeStringHandle
TranslateAcceleratorW
IsWindow

kernel32

EnterCriticalSection
GetTimeZoneInformation
FindAtomW
TlsFree
GetACP
IsValidCodePage
HeapAlloc
GlobalAddAtomA
GetEnvironmentStringsW
WideCharToMultiByte
GetCurrentThread
RtlUnwind
TerminateProcess
SetThreadIdealProcessor
GetLocaleInfoW
GetExitCodeThread
SetHandleCount
HeapCreate
HeapReAlloc
WriteFile
SetLastError
FindNextFileA
LoadLibraryA
SetEnvironmentVariableA
EnumSystemLocalesA
GetEnvironmentStrings
LocalCompact
LCMapStringW
GetSystemInfo
QueryPerformanceCounter
HeapFree
GetCPInfo
GetCurrentProcessId
SetFilePointer
CopyFileA
GetFileType
GetCommandLineA
IsBadWritePtr
GetProcAddress
GetModuleFileNameA
GetConsoleCP
InterlockedExchange
GetStringTypeW
VirtualAlloc
MultiByteToWideChar
CreateRemoteThread
GetThreadTimes
GetSystemTimeAsFileTime
GetProfileSectionW
VirtualFree
GetTickCount
EnumResourceTypesA
HeapSize
GetStringTypeExW
GetOEMCP
LCMapStringA
GetTempPathA
VirtualProtect
IsValidLocale
UnhandledExceptionFilter
HeapDestroy
GetCurrentProcess
GetStartupInfoA
LeaveCriticalSection
GetStringTypeA
InitializeCriticalSection
GetCurrentThreadId
CompareStringW
CommConfigDialogA
GetVersionExA
VirtualLock
LocalAlloc
VirtualQuery
GetModuleHandleA
GetTimeFormatA
TlsSetValue
GetLastError
FreeEnvironmentStringsA
GetLocaleInfoA
GetDateFormatA
CompareStringA
FreeEnvironmentStringsW
SetLocalTime
GetThreadContext
TlsAlloc
GetFileAttributesExA
DeleteCriticalSection
GetUserDefaultLCID
TlsGetValue
ExitProcess
GetStdHandle

gdi32

GetICMProfileW
GetBitmapBits
PlayEnhMetaFile
FlattenPath
GetBitmapDimensionEx
GetNearestPaletteIndex
SwapBuffers
CreateDIBSection
EnumFontFamiliesA
TextOutA
AnimatePalette
GetGlyphOutline
GetColorSpace
GetDIBits
ChoosePixelFormat
DrawEscape
CreateDCA
CreateFontW
SetAbortProc

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 273KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1517fa847a27ecd391b5dedfb8801c37

Headers

File Characteristics

Imports

wininet

shell32

comdlg32

user32

kernel32

gdi32

Sections

.text Size: 139KB - Virtual size: 139KB

.data Size: 273KB - Virtual size: 281KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 139KB - Virtual size: 139KB

.data
Size: 273KB - Virtual size: 281KB

.rsrc
Size: 8KB - Virtual size: 8KB