13d9d3e8a20c27ab7b4fe3b6f05ba094_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13d9d3e8a20c27ab7b4fe3b6f05ba094_JaffaCakes118
Size

252KB
MD5

13d9d3e8a20c27ab7b4fe3b6f05ba094
SHA1

68e8c7ac3c9efd64781f7be2b0630b6e972829b4
SHA256

3345348ad8109cbef2493237c21ad27f453b21c99ddadfc5f0482618083cd4b4
SHA512

3ffb212efac6dd8c7e9e9af10eb2f0e717bf88f2d89e5ad95da297d0d05c2ef1918cf810e1a14c36a76aef95fe6dcae10f34447ae0433a4e0fdb11b96dad785d
SSDEEP

6144:MKSOzBggYF5WhU/VU46BADj2BDHjBYaaC:MyBgg6eKd6iH2BHBYDC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13d9d3e8a20c27ab7b4fe3b6f05ba094_JaffaCakes118

Files

13d9d3e8a20c27ab7b4fe3b6f05ba094_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f148093a1b872a95571b670f3fa7a40d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringLen

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey
LookupAccountSidA
GetFileSecurityA
SetFileSecurityA
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
IsValidSecurityDescriptor
InitializeSecurityDescriptor
AddAce
InitializeAcl
GetLengthSid
FreeSid
AllocateAndInitializeSid
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
SetEntriesInAclA

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExW
CreateWindowExA
WindowFromDC
UpdateWindow
TranslateMessage
TranslateAcceleratorA
ShowWindow
SetWindowTextW
SetWindowTextA
SetWindowPos
SetWindowLongA
SetTimer
SetPropA
SetForegroundWindow
SetFocus
SetCursor
SendMessageA
ScreenToClient
RemovePropA
ReleaseDC
RegisterClassW
RegisterClassA
PostQuitMessage
PostMessageA
PeekMessageA
OffsetRect
MsgWaitForMultipleObjects
MessageBoxA
LoadStringA
LoadIconA
LoadCursorA
KillTimer
IsZoomed
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
InvalidateRgn
InvalidateRect
GetWindowTextLengthW
GetWindowTextLengthA
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowLongA
GetUpdateRgn
GetSystemMetrics
GetSysColor
GetPropA
GetParent
GetKeyState
GetFocus
GetDC
GetClientRect
GetClassLongA
GetClassInfoW
GetClassInfoA
GetCapture
FillRect
EndPaint
EnableWindow
DrawTextA
DispatchMessageA
DestroyWindow
DestroyIcon
DestroyAcceleratorTable
DefWindowProcW
DefWindowProcA
ClientToScreen
CallWindowProcW
CallWindowProcA
BeginPaint
CharNextA
CharLowerBuffA
CharUpperBuffA
CharToOemA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WritePrivateProfileStringA
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
SystemTimeToFileTime
SetFileTime
SetFilePointer
SetFileAttributesA
SetEvent
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryA
ReadFile
OutputDebugStringA
MultiByteToWideChar
MulDiv
LocalFileTimeToFileTime
LoadLibraryA
LeaveCriticalSection
IsBadReadPtr
InitializeCriticalSection
GetVersionExA
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemInfo
GetStringTypeExA
GetStdHandle
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileInformationByHandle
GetFileAttributesA
GetExitCodeThread
GetEnvironmentVariableA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DosDateTimeToFileTime
DeleteFileA
DeleteCriticalSection
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
CloseHandle
Sleep
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetVersionExA
GetFileAttributesA
SetFileAttributesA
CreateFileA
CreateDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
OutputDebugStringA
GetModuleHandleA
LoadLibraryA
OpenMutexA
lstrcpyW
GetTickCount
GetHandleInformation
CloseHandle
FlushFileBuffers
WaitForSingleObject
ReleaseMutex
SetLastError
GetLastError
GetCurrentProcess
GetProcAddress
FreeLibrary

gdi32

UnrealizeObject
SetTextColor
SetROP2
SetBkMode
SetBkColor
SelectPalette
SelectObject
SelectClipRgn
Rectangle
MoveToEx
GetTextMetricsA
GetTextExtentPoint32W
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetDeviceCaps
GetCurrentPositionEx
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CombineRgn
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoUninitialize
CoInitialize

wininet

InternetSetOptionA
InternetReadFile
InternetOpenA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA
HttpAddRequestHeadersA

shell32

ShellExecuteA

uxtheme

CloseThemeData

comctl32

InitCommonControls

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 24B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f148093a1b872a95571b670f3fa7a40d

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

ole32

wininet

shell32

uxtheme

comctl32

Sections

.text Size: 193KB - Virtual size: 192KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 7KB - Virtual size: 6KB

.bss Size: - Virtual size: 20KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 24B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 13KB - Virtual size: 13KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 193KB - Virtual size: 192KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 7KB - Virtual size: 6KB

.bss
Size: - Virtual size: 20KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 24B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 18KB - Virtual size: 18KB