13c806f8892542a44cdbee1fed1efa90_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13c806f8892542a44cdbee1fed1efa90_JaffaCakes118
Size

190KB
MD5

13c806f8892542a44cdbee1fed1efa90
SHA1

c82912aba9513a5c20985b334b6a65b917f89a4c
SHA256

3260d13acac6a1c63363dd0a9cfe468ff8b6e098d2af95dec3886e2af2907b82
SHA512

0b5b9ed6d8244819515562d63b0268adba8648809fa5f82293edfb741ef947a7a316a7ec2987799d912855754318cb7121b9db19ba226f55262cf721ccf51a9e
SSDEEP

3072:c2/QKLrFIeYMjeyzLzw3RA3Hd5p85qN5hOGeRJxEQ0SA60PxEZUMW9Okqb+UYqlx:JQKPFUMSyz+6d52I/jeeByZJW9vqb+Ud

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13c806f8892542a44cdbee1fed1efa90_JaffaCakes118

Files

13c806f8892542a44cdbee1fed1efa90_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9ac06fdc03e3d9733cdf5db55b868a95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetQueryOptionA
InternetGetConnectedState
InternetTimeToSystemTime
InternetCombineUrlA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

setupapi

SetupIterateCabinetA

kernel32

CloseHandle
ResumeThread
InterlockedDecrement
EnterCriticalSection
GetTempPathA
GlobalAlloc
GetTickCount
GetWindowsDirectoryA
GlobalLock
FindResourceA
GlobalUnlock
LeaveCriticalSection
LoadResource
RaiseException
MulDiv
LockResource
GetFileAttributesA
SizeofResource
DeleteCriticalSection
GetLocalTime
CreateFileA
GetPrivateProfileStringA
GetCurrentThreadId
WriteFile
FlushInstructionCache
GlobalHandle
SetLastError
WritePrivateProfileStringA
InitializeCriticalSection
lstrlenW
MultiByteToWideChar
lstrcmpA
GetVersionExA
WideCharToMultiByte
Sleep
GetExitCodeProcess
GetStringTypeExA
FindFirstFileA
GetThreadLocale
CompareStringA
lstrcmpiA
FindNextFileA
FindClose
GetCurrentProcess
lstrcpyA
FindResourceExA
GetTempFileNameA
RemoveDirectoryA
FreeLibrary
IsDBCSLeadByte
GetModuleHandleA
LoadLibraryExA
CreateMutexA
LoadLibraryA
GetProcAddress
InterlockedExchange
ReadFile
SetEndOfFile
SetFilePointer
GetFileSize
SystemTimeToFileTime
FileTimeToSystemTime
LocalAlloc
InterlockedIncrement
SetPriorityClass
DeleteFileA
GlobalFree
GetCurrentThread
GetCommandLineA
SetThreadPriority
CreateProcessA
CreateDirectoryA
GetShortPathNameA
lstrcpynA
lstrlenA
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetACP
GetLocaleInfoA
GetSystemTimeAsFileTime
HeapDestroy
HeapReAlloc
HeapSize
DebugBreak
GetStartupInfoA
ExitProcess
VirtualProtect
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetLastError

user32

SetRect
AdjustWindowRectEx
SystemParametersInfoA
ShowWindow
GetWindowRect
GetTopWindow
OffsetRect
SendDlgItemMessageA
IsDialogMessageA
LoadImageA
GetSystemMetrics
IsIconic
MapWindowPoints
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetClassNameA
DestroyAcceleratorTable
BeginPaint
SetCapture
IsChild
GetParent
ReleaseCapture
GetClientRect
GetFocus
GetWindowTextA
CharUpperBuffA
GetDlgItem
SetFocus
SetWindowTextA
CallWindowProcA
SetWindowLongA
UnregisterClassA
FillRect
DestroyWindow
CreateDialogIndirectParamA
SetWindowPos
IsWindow
InvalidateRect
SendMessageA
GetClassInfoExA
CreateWindowExA
SetWindowContextHelpId
BringWindowToTop
CreateAcceleratorTableA
EndPaint
MapDialogRect
SetForegroundWindow
LoadCursorA
AttachThreadInput
CharNextA
RegisterClassExA
RedrawWindow
GetDC
GetWindowThreadProcessId
ReleaseDC
GetForegroundWindow
GetDesktopWindow
DefWindowProcA
ClientToScreen
ScreenToClient
PostMessageA
wsprintfA
PostQuitMessage
wvsprintfA
SetTimer
MoveWindow
RegisterWindowMessageA
GetSysColor
KillTimer
GetWindowLongA
GetWindowTextLengthA
InvalidateRgn
GetWindow

gdi32

DeleteObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
GetStockObject
GetObjectA
BitBlt
SelectObject
GetDeviceCaps

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey

shell32

SHFileOperationA
ShellExecuteExA

ole32

OleUninitialize
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoFreeUnusedLibraries
CoCreateGuid
CoGetClassObject
CreateBindCtx
CoCreateInstance
OleInitialize
OleLockRunning
CoUninitialize
CoInitialize
CoTaskMemRealloc
CreateStreamOnHGlobal

oleaut32

VariantInit
VarI4FromStr
VarUI4FromStr
OleCreateFontIndirect
SysStringLen
SysAllocStringLen
SysStringByteLen
SysFreeString
SysAllocString
VariantClear
DispCallFunc
LoadRegTypeLi
LoadTypeLi

shlwapi

PathGetArgsA
PathRemoveFileSpecA

urlmon

CreateAsyncBindCtx
RegisterBindStatusCallback
CreateURLMoniker

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.6rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ac06fdc03e3d9733cdf5db55b868a95

Headers

File Characteristics

Imports

wininet

version

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

urlmon

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.6rdata Size: 72KB - Virtual size: 72KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.6rdata
Size: 72KB - Virtual size: 72KB