381ea9a5ec49253cc719353b0e02dd74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

381ea9a5ec49253cc719353b0e02dd74_JaffaCakes118
Size

264KB
MD5

381ea9a5ec49253cc719353b0e02dd74
SHA1

8af21f8946a63df9ef24cca1969eafe4de430a1a
SHA256

db2f7ff718dfee147fe3fbf70cbfbd22d7e43072ddac8f8435ee8a8f12dcf788
SHA512

bb011d90c404be1c8cd59a4294dd3c79a3341168bd59c69f0dd9ac2277f12ccdb24cda5ad9852b90127edf8af31169d9a61c47d6db8508746c61a49fab0c4db7
SSDEEP

6144:ayV4myqPESbi4zZBwJfuwHJEg753WrP7rCNsZ9NJjC:ayV4myqPx7zZBQfu8JzZ4PCCZ9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
381ea9a5ec49253cc719353b0e02dd74_JaffaCakes118

Files

381ea9a5ec49253cc719353b0e02dd74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ad9a1d60a100cceb5420aa7bdfc73fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SheChangeDirExW
SHFormatDrive
SHGetSpecialFolderPathW
ExtractIconEx
SHUpdateRecycleBinIcon
SheChangeDirA
DuplicateIcon
SheGetDirA
ExtractAssociatedIconExW
SheSetCurDrive
SHGetPathFromIDListW
FindExecutableA
SHInvokePrinterCommandA
SHGetFileInfoA
SHFreeNameMappings
SHLoadInProc
SHBrowseForFolderA
ExtractIconW
DragQueryFileAorW
SHGetSpecialFolderPathA
ShellExecuteW
ShellExecuteExW
SHBrowseForFolder

comdlg32

PrintDlgW
PrintDlgA
GetSaveFileNameW
ChooseColorA
ChooseColorW
GetFileTitleA
GetOpenFileNameW
ChooseFontW
GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA
FindTextW
PageSetupDlgA
ReplaceTextW

advapi32

CryptGetProvParam
RegSetValueA
CryptImportKey
DuplicateTokenEx
CryptContextAddRef

user32

TranslateMessage
GetAsyncKeyState
GetWindowInfo
SetWindowsHookExA
DrawTextExA
GetClientRect
GetIconInfo
PostQuitMessage
SetMenu
PostThreadMessageW
GetActiveWindow
MenuItemFromPoint
GetMenuItemID
OpenDesktopA
InSendMessageEx
ChildWindowFromPointEx
ModifyMenuW
SetWindowTextW
DdePostAdvise
CharUpperA
GetDlgItem
CharUpperBuffA
DrawAnimatedRects
GetSystemMetrics
SetSystemCursor

kernel32

GetDateFormatA
RtlUnwind
GetVersionExA
GetOEMCP
IsValidCodePage
GetCurrentProcessId
GetStringTypeW
GetFileType
GetUserDefaultLCID
GetLastError
EnterCriticalSection
MultiByteToWideChar
InterlockedIncrement
CompareStringW
GetStringTypeA
GetTimeFormatA
GetProcessHeap
GetLocaleInfoA
FreeEnvironmentStringsA
VirtualQuery
GetEnvironmentStringsW
TlsGetValue
ExitProcess
HeapReAlloc
TlsAlloc
GetStartupInfoW
FreeLibrary
GetCPInfo
GetProcAddress
InterlockedExchange
WriteFile
LeaveCriticalSection
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
WideCharToMultiByte
TlsFree
GetStdHandle
GetLocaleInfoW
InterlockedDecrement
LCMapStringA
SetUnhandledExceptionFilter
GetModuleFileNameW
GetACP
GetModuleFileNameA
TerminateProcess
FreeEnvironmentStringsW
SetHandleCount
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStrings
VirtualAlloc
GetTimeZoneInformation
UnhandledExceptionFilter
GetTickCount
LCMapStringW
GetSystemTimeAsFileTime
LoadLibraryA
DeleteCriticalSection
Sleep
HeapCreate
EnumSystemLocalesA
GetCurrentThread
HeapAlloc
HeapSize
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
CompareStringA
VirtualFree
SetConsoleCursorPosition
HeapFree
TlsSetValue
SetLastError
IsDebuggerPresent
HeapDestroy
IsValidLocale
GetCommandLineW
LoadLibraryExA
SetEnvironmentVariableA

wininet

RetrieveUrlCacheEntryStreamA
GopherFindFirstFileA
GopherGetLocatorTypeW
InternetAutodial
DetectAutoProxyUrl
FreeUrlCacheSpaceW
HttpQueryInfoA
InternetQueryDataAvailable
InternetGetCertByURLA
HttpOpenRequestW
InternetDialA
FindNextUrlCacheContainerA
FindFirstUrlCacheEntryA
FtpRemoveDirectoryW
InternetWriteFile
InternetSetOptionW
FindNextUrlCacheGroup
SetUrlCacheGroupAttributeA
FtpSetCurrentDirectoryA

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 138KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ad9a1d60a100cceb5420aa7bdfc73fd

Headers

File Characteristics

Imports

shell32

comdlg32

advapi32

user32

kernel32

wininet

Sections

.text Size: 118KB - Virtual size: 118KB

.data Size: 138KB - Virtual size: 161KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 118KB - Virtual size: 118KB

.data
Size: 138KB - Virtual size: 161KB

.rsrc
Size: 6KB - Virtual size: 5KB