16781ba58594235162cee094b98e8b4f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

16781ba58594235162cee094b98e8b4f_JaffaCakes118
Size

277KB
MD5

16781ba58594235162cee094b98e8b4f
SHA1

13ab91b3a4c7f616eb826d0c9df1abb420545415
SHA256

caceb618452a7979d7988ea61a9d7ff4df1538e5a36cf63d9491577c9ce794cf
SHA512

116f5617ee2c54146460bea8e4a9642148228a4880e221427c5169699098dd09db510a8f026cd0d22352507f4153dfeb91cfba07babeca8a107930b2402357b6
SSDEEP

6144:uB2mv6aI/92O3CoHGi9qcmDSAfFTLqIQ+3FQxWn5CSsX9SZf:MH6392+LHtqc4SAfpD1ijSstcf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16781ba58594235162cee094b98e8b4f_JaffaCakes118

Files

16781ba58594235162cee094b98e8b4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

25289c7ff2dbe659e09811b4c26d2630

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetAttemptConnect
HttpSendRequestW
InternetReadFile
InternetQueryOptionW
InternetSetOptionW
InternetAutodial
InternetCloseHandle
HttpQueryInfoW
InternetOpenW
InternetOpenUrlW

kernel32

LocalAlloc
GetDateFormatW
GetTimeFormatW
ExpandEnvironmentStringsA
GetFileSize
LocalFree
OpenMutexW
ReleaseMutex
GetFileTime
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
lstrcmpiW
GetFullPathNameW
CreateDirectoryW
lstrlenW
WideCharToMultiByte
LoadLibraryExW
WriteFile
SetFileAttributesW
CreateFileW
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetModuleHandleW
CreateMutexW
SetUnhandledExceptionFilter
GetCurrentThreadId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
IsDebuggerPresent
FindResourceW
LoadResource
LockResource
WaitForSingleObject
CreateThread
CopyFileW
GetSystemTime
CreateProcessW
CloseHandle
CreateEventW
lstrlenA
GetTempPathW
FreeLibrary
OutputDebugStringW
GetPrivateProfileStringW
WritePrivateProfileStringW
ResetEvent
DeleteFileW
GetLocalTime
ReadFile
GetACP
GetProcAddress

user32

MapDialogRect
SetRect
SetTimer
LoadIconW
TranslateAcceleratorW
LoadStringW
GetForegroundWindow
GetFocus
IsWindow
GetDC
DrawStateW
InflateRect
CopyRect
DrawIconEx
FillRect
SetCapture
ReleaseCapture
GetActiveWindow
GetLastActivePopup
MessageBoxW
IsRectEmpty
SystemParametersInfoW
ScreenToClient
PtInRect
GetCursorPos
KillTimer
SetRectEmpty
SetWindowLongW
SetCursor
LoadCursorW
GetSystemMetrics
SendNotifyMessageW
SetForegroundWindow
BringWindowToTop
PostMessageW
FindWindowW
SendMessageW
GetWindowDC
ReleaseDC
EnableWindow
IsWindowVisible
UpdateWindow
InvalidateRect
EnableScrollBar
ShowScrollBar
GetDesktopWindow
LoadImageW
OffsetRect
DestroyIcon
GetWindowRect
GetClientRect
IsChild
SetClassLongW
GetClassLongW
GetClassNameW
GetParent

gdi32

CreateFontIndirectW
GetPixel
RoundRect
CreatePen
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateSolidBrush
GetStockObject
CreatePalette
SetDIBitsToDevice
StretchDIBits
GetDIBits
RealizePalette
GetObjectW
GetTextExtentPoint32W
SetPixel
DeleteObject

comdlg32

GetOpenFileNameW

advapi32

ImpersonateSelf
OpenThreadToken
OpenProcessToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
FileEncryptionStatusW
FreeSid
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
RegOpenKeyExA
RegQueryValueExA
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
AccessCheck
RevertToSelf
DecryptFileW

oleaut32

SysFreeString

shell32

ShellExecuteW

comctl32

_TrackMouseEvent

msoert2

PszAllocA

stobject

DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WcSVNv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.L
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Dgcp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ZyElq
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.phKHHa
Size: 134KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OsdwrP
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pkRbL
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VEl
Size: 79KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25289c7ff2dbe659e09811b4c26d2630

Headers

File Characteristics

Imports

wininet

kernel32

user32

gdi32

comdlg32

advapi32

oleaut32

shell32

comctl32

msoert2

stobject

Sections

.text Size: 24KB - Virtual size: 24KB

.WcSVNv Size: 1KB - Virtual size: 1KB

.rdata Size: 5KB - Virtual size: 4KB

.L Size: 1024B - Virtual size: 537B

.Dgcp Size: 2KB - Virtual size: 2KB

.ZyElq Size: 1KB - Virtual size: 1KB

.phKHHa Size: 134KB - Virtual size: 207KB

.OsdwrP Size: 1KB - Virtual size: 1KB

.pkRbL Size: 2KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 63KB

.VEl Size: 79KB - Virtual size: 147KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 24KB - Virtual size: 24KB

.WcSVNv
Size: 1KB - Virtual size: 1KB

.rdata
Size: 5KB - Virtual size: 4KB

.L
Size: 1024B - Virtual size: 537B

.Dgcp
Size: 2KB - Virtual size: 2KB

.ZyElq
Size: 1KB - Virtual size: 1KB

.phKHHa
Size: 134KB - Virtual size: 207KB

.OsdwrP
Size: 1KB - Virtual size: 1KB

.pkRbL
Size: 2KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 63KB

.VEl
Size: 79KB - Virtual size: 147KB

.rsrc
Size: 17KB - Virtual size: 17KB