171c9218f3416474ab14a64a243f8b66_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

171c9218f3416474ab14a64a243f8b66_JaffaCakes118
Size

65KB
MD5

171c9218f3416474ab14a64a243f8b66
SHA1

1b0daa6b0592e0706a927a566f13fae5e1836c0b
SHA256

dee51a0090e658a117eb93cf6dfe0f21ee223d3a21e281f9fc4bbc4af597f115
SHA512

84e05f90afa51e044fb7c1ec288beabbcf7dbe804c6ee58c343f8ee192b678b2e5064e349f3ccaad634f88b92c38093c597adfa0d9568df08924be14c8c0685c
SSDEEP

1536:DvbZx22m+GP0i/ByLoW0yrNJWN6MlxMke7oNvNvJCG:LbZQpDF/5W0QGNrq7avNvJCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
171c9218f3416474ab14a64a243f8b66_JaffaCakes118

Files

171c9218f3416474ab14a64a243f8b66_JaffaCakes118
.exe windows:4 windows x86 arch:x86

02426c4437f8cbc207688383de9c4a67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetShortPathNameA
lstrcatA
lstrcpyA
WideCharToMultiByte
GetTickCount
GetFileAttributesA
WritePrivateProfileStringA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrlenW
ResumeThread
GetTempFileNameA
GetLastError
CreateDirectoryA
GetWindowsDirectoryA
FindClose
FindFirstFileA
GetTempPathA
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
LeaveCriticalSection
CreateProcessA
SetFilePointer
GetCurrentThreadId
InterlockedIncrement
CreateFileA
lstrcmpA
GlobalHandle
GlobalAlloc
GlobalUnlock
GlobalLock
DebugBreak
OutputDebugStringA
GetStringTypeExA
GetThreadLocale
FreeLibrary
CompareStringA
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
ExitProcess
GetCommandLineA
HeapReAlloc
HeapFree
SystemTimeToFileTime
LocalAlloc
InterlockedExchange
RaiseException
GetLocalTime
InterlockedDecrement
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
HeapCreate
GetVersionExA
GetSystemInfo
HeapAlloc
WriteFile
CloseHandle
MultiByteToWideChar
DeleteFileA
GetModuleFileNameA
lstrlenA
FlushInstructionCache
FreeResource
EnterCriticalSection
GlobalFree
lstrcmpiA

user32

SendDlgItemMessageA
GetDesktopWindow
CreateAcceleratorTableA
ReleaseCapture
SetCapture
InvalidateRect
InvalidateRgn
SendMessageA
GetDlgItem
CharNextA
wvsprintfA
LoadStringA
GetClassNameA
GetParent
MoveWindow
ScreenToClient
GetWindowRect
GetTopWindow
OffsetRect
SystemParametersInfoA
AdjustWindowRectEx
SetRect
BringWindowToTop
AttachThreadInput
GetWindowThreadProcessId
GetForegroundWindow
IsDialogMessageA
GetClientRect
RedrawWindow
GetWindowTextA
GetWindow
RegisterWindowMessageA
CreateDialogIndirectParamA
GetClassInfoExA
LoadCursorA
GetSystemMetrics
SetForegroundWindow
wsprintfA
KillTimer
PostQuitMessage
CharUpperA
SetWindowTextA
SetTimer
PostMessageA
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
IsWindow
SetWindowPos
BeginPaint
CallWindowProcA
GetWindowLongA
SetWindowLongA
DefWindowProcA
MapWindowPoints
FillRect
GetWindowTextLengthA
GetDC
ReleaseDC
GetFocus
IsChild
SetFocus
GetSysColor
IsIconic
ShowWindow
CreateWindowExA
RegisterClassExA
EndPaint

gdi32

SelectObject
CreateCompatibleBitmap
DeleteDC
GetDeviceCaps
DeleteObject
CreateSolidBrush
GetObjectA
GetStockObject
BitBlt
CreateCompatibleDC

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA

shell32

SHFileOperationA
ShellExecuteA

ole32

CLSIDFromProgID
OleInitialize
OleLockRunning
CoTaskMemAlloc
CLSIDFromString
OleUninitialize
CoCreateInstance
CoCreateGuid
CoTaskMemFree
StringFromCLSID
CreateStreamOnHGlobal
CreateBindCtx
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoUninitialize

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString
VariantClear
LoadTypeLi
SysStringLen
DispCallFunc
LoadRegTypeLi
OleCreateFontIndirect
VarI4FromStr

wininet

InternetQueryOptionA
InternetGetConnectedState

shlwapi

PathRemoveFileSpecA
PathFindFileNameA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

urlmon

CreateURLMoniker
RegisterBindStatusCallback

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02426c4437f8cbc207688383de9c4a67

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

version

urlmon

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 10KB - Virtual size: 9KB