16fa369c2dbb7120359f741388947d96_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

16fa369c2dbb7120359f741388947d96_JaffaCakes118
Size

262KB
MD5

16fa369c2dbb7120359f741388947d96
SHA1

e8e5bb09123b3e9a1105f30c7720f6efdb59ea3d
SHA256

06bfb8f366b4658ccd6999213dfc6ee24be1014c88cbcfaf5ff8e2a094ba5cde
SHA512

a3c5b7bd482171b16eeba9d426970641ade3a594d451240e98231e9aabc014ee1cd73e483ac8a02d3529cce7e5d4ebad52ef15bdb57dbcf096932fb43514ffb1
SSDEEP

6144:wF9Gg8Wao2sHF7ogpTqbbuovgB39wqY/86ir8M4en:wF0g8Wao2sHFUgpebJstw/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16fa369c2dbb7120359f741388947d96_JaffaCakes118

Files

16fa369c2dbb7120359f741388947d96_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d8fe908b23d0b2041ce5c8b7792afd2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetICMProfileA
SetTextJustification
RoundRect
GdiFlush
SetICMProfileA
GetOutlineTextMetricsA
AddFontResourceA
SetTextAlign
CreatePen
GetTextMetricsW

user32

GetCapture
SetDlgItemTextW
SetDeskWallpaper

comdlg32

FindTextA
ReplaceTextA
GetOpenFileNameA
GetFileTitleW
PrintDlgW
GetOpenFileNameW
FindTextW

wininet

RetrieveUrlCacheEntryFileA
InternetDialW
FtpRemoveDirectoryW
CreateUrlCacheContainerA
InternetSetCookieA
HttpEndRequestW
InternetReadFile
FindNextUrlCacheEntryW
IsUrlCacheEntryExpiredA
InternetCreateUrlW
FtpGetCurrentDirectoryW
InternetCheckConnectionA
FindCloseUrlCache
InternetSetOptionA
InternetGoOnlineW
InternetGetCookieA
GopherGetLocatorTypeW
InternetTimeFromSystemTimeW
FindFirstUrlCacheEntryA
FtpRenameFileA

kernel32

GetVersionExA
GetPrivateProfileStructW
WaitForSingleObject
VirtualAlloc
InitializeCriticalSection
GetCommandLineA
GetModuleFileNameA
FreeEnvironmentStringsA
GetProcessHeap
GetTimeFormatA
LoadLibraryA
SetUnhandledExceptionFilter
TerminateProcess
FreeLibrary
LCMapStringA
GetCPInfo
RtlUnwind
EnterCriticalSection
LCMapStringW
HeapReAlloc
SetEnvironmentVariableA
GetSystemTimeAsFileTime
GetModuleHandleA
TlsFree
GetStartupInfoW
WriteFile
ExitProcess
CompareStringA
TlsAlloc
Sleep
SetLastError
UnhandledExceptionFilter
SetConsoleScreenBufferSize
GetCurrentThread
VirtualQuery
GlobalUnfix
GetTimeZoneInformation
IsDebuggerPresent
WideCharToMultiByte
GetCurrentThreadId
GetStringTypeA
HeapSize
MultiByteToWideChar
FlushViewOfFile
GetFileType
GetDateFormatA
GetEnvironmentStrings
DeleteCriticalSection
InterlockedExchange
GetUserDefaultLCID
TlsGetValue
IsValidCodePage
GetProcAddress
EnumSystemLocalesA
FreeEnvironmentStringsW
QueryPerformanceCounter
GetStartupInfoA
HeapAlloc
SetConsoleCtrlHandler
TlsSetValue
IsValidLocale
GetModuleFileNameW
GetCurrentProcess
HeapCreate
GetTickCount
GetCommandLineW
GetACP
HeapFree
GetStringTypeW
GetLastError
SetHandleCount
GetStdHandle
InterlockedIncrement
GetLocaleInfoW
GetOEMCP
lstrcatA
LeaveCriticalSection
GetLocaleInfoA
GetEnvironmentStringsW
HeapDestroy
GetCurrentProcessId
VirtualFree
InterlockedDecrement
CompareStringW

advapi32

CreateServiceW
CryptEnumProvidersW
CryptHashSessionKey
RegConnectRegistryA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8fe908b23d0b2041ce5c8b7792afd2b

Headers

File Characteristics

Imports

gdi32

user32

comdlg32

wininet

kernel32

advapi32

Sections

.text Size: 143KB - Virtual size: 142KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 142KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 4KB - Virtual size: 4KB