274cbb8090d8ef01ba492a283f073887_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

274cbb8090d8ef01ba492a283f073887_JaffaCakes118
Size

214KB
MD5

274cbb8090d8ef01ba492a283f073887
SHA1

86f4d81f601c9d8af1699634ff6d0481d6d4e81a
SHA256

46265e979bef5cd0134e447b0cf310842a3dc0b4c32d69362d77bcadb1ad5948
SHA512

c0f35b7ed431990baac81f73f0c39c210f537adbbc54242847c6e984c0b95da3d6d024a42de03878a1a8dc57ab4ca0f6b7e225c4284cc133f1642895af222480
SSDEEP

3072:+yY6Trv3NnakM9QvYccKakfl1N+8LPNz3Ogyr8MWkohztL8zq/0ElumQRilTz6V/:+aXv9udkfl1k85+F8/RV5Tum8JWIqEkI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
274cbb8090d8ef01ba492a283f073887_JaffaCakes118

Files

274cbb8090d8ef01ba492a283f073887_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec7120a6cbbd8fe5675dbac9a4f5292f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DisconnectNamedPipe
GetStringTypeW
CompareStringW
GetNumberFormatA
RemoveDirectoryW
CreateDirectoryW
GetPriorityClass
SetPriorityClass
lstrlen
DuplicateHandle
GetEnvironmentStringsW
ExpandEnvironmentStringsW
GlobalFindAtomW
HeapCreate
GetModuleHandleA
GetProcAddress
GetExpandedNameA
SetCurrentDirectoryA
LocalAlloc
CompareStringA
GetStringTypeA
GetLogicalDrives
lstrcmp
lstrcpy
GetShortPathNameA
GetSystemDefaultLangID
OpenMutexA
OpenFile
GetExitCodeProcess
IsValidLocale
EnumTimeFormatsA
GetDiskFreeSpaceA
GetCurrentProcess
GetStartupInfoA

user32

keybd_event
LoadCursorW
CreateMenu
LoadImageA
GetDCEx
mouse_event
MoveWindow
MonitorFromRect
MonitorFromWindow
CheckRadioButton
GetSysColorBrush
SetDlgItemTextA
LoadIconW
CallWindowProcW
GetDlgItemTextA
GetMenuState
GetMenuStringA
EnumDesktopsA
CreateDesktopW
AppendMenuA
ActivateKeyboardLayout
GetKeyboardLayout
CopyImage
IsWindow
LoadBitmapW
RegisterClassExW
GetCaretPos
DestroyIcon
IsMenu
ClientToScreen
MessageBoxW
CreateWindowExW
CascadeWindows
CharPrevA
GetIconInfo
MessageBoxA
GetSysColor
GetMenuItemInfoA
GetWindowTextW
UnregisterClassA
GetWindowTextA
CopyRect
EnumDesktopsW
SetCursor
wsprintfA
GetScrollPos

gdi32

GetBkColor
CreateFontIndirectExA
FrameRgn
SetMiterLimit
GetRgnBox
SetROP2
UpdateColors
CreateScalableFontResourceW
RectInRegion
IntersectClipRect
GetFontData
EnumFontsA
ColorCorrectPalette
CreateBrushIndirect
GetCurrentPositionEx
PatBlt
CopyEnhMetaFileA
GetEnhMetaFileA
GetEnhMetaFileHeader
SetMetaFileBitsEx

advapi32

RegOpenKeyExW
RegCreateKeyExW
RegSaveKeyW

shell32

StrRStrA
StrRChrA
SHCreateDirectoryExW
SHCreateDirectoryExA
ShellExecuteW
SHGetDiskFreeSpaceExA
ExtractIconEx
SHGetFolderPathA

version

VerInstallFileA

ws2_32

WSAGetLastError
WSACreateEvent

urlmon

URLDownloadToFileW
UrlMkBuildVersion
IsLoggingEnabledA
FaultInIEFeature
URLOpenPullStreamA
URLDownloadToFileA
CreateAsyncBindCtx
ZonesReInit
SetSoftwareUpdateAdvertisementState
FindMediaTypeClass
URLOpenBlockingStreamW

inetcomm

HrSaveAttachToFile
CreateNNTPTransport
MimeOleStripHeaders
MimeOleGetDefaultCharset
MimeOleSMimeCapRelease

wsock32

getsockname
WSAAsyncGetHostByAddr
GetAcceptExSockaddrs

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.I
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zR
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yLyxK
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nnbxwY
Size: 1KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fW
Size: 2KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UDZ
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M
Size: 1KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nwbpMt
Size: 2KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MTkpun
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.H
Size: 1KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec7120a6cbbd8fe5675dbac9a4f5292f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

version

ws2_32

urlmon

inetcomm

wsock32

Sections

.text Size: 12KB - Virtual size: 11KB

.I Size: 1024B - Virtual size: 32KB

.zR Size: 2KB - Virtual size: 4KB

.yLyxK Size: 4KB - Virtual size: 15KB

.nnbxwY Size: 1KB - Virtual size: 33KB

.fW Size: 2KB - Virtual size: 34KB

.UDZ Size: 2KB - Virtual size: 27KB

.M Size: 1KB - Virtual size: 30KB

.data Size: 10KB - Virtual size: 9KB

.nwbpMt Size: 2KB - Virtual size: 15KB

.MTkpun Size: 1KB - Virtual size: 24KB

.H Size: 1KB - Virtual size: 138KB

.rsrc Size: 165KB - Virtual size: 165KB

.text
Size: 12KB - Virtual size: 11KB

.I
Size: 1024B - Virtual size: 32KB

.zR
Size: 2KB - Virtual size: 4KB

.yLyxK
Size: 4KB - Virtual size: 15KB

.nnbxwY
Size: 1KB - Virtual size: 33KB

.fW
Size: 2KB - Virtual size: 34KB

.UDZ
Size: 2KB - Virtual size: 27KB

.M
Size: 1KB - Virtual size: 30KB

.data
Size: 10KB - Virtual size: 9KB

.nwbpMt
Size: 2KB - Virtual size: 15KB

.MTkpun
Size: 1KB - Virtual size: 24KB

.H
Size: 1KB - Virtual size: 138KB

.rsrc
Size: 165KB - Virtual size: 165KB