38516e9ff9b09a097542b0a5b02d3ae0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38516e9ff9b09a097542b0a5b02d3ae0_JaffaCakes118
Size

524KB
MD5

38516e9ff9b09a097542b0a5b02d3ae0
SHA1

1a1c0fcd6167b7ae2849265ad556df0bdc24a057
SHA256

c009f74b5b7affde11fafba33da78a06289630539ba3eed9ad18b9b6307c6af6
SHA512

f0e127283b258c46693ced504ae23f9a26d8d307aa7080894d902d8bf4c16dc6acfff8f3c6dbeefb5164941541d1d77d6711b3bd339a5dbf782316e384157a76
SSDEEP

12288:j2sTuHHfePXlq85WnTG5kOmykCc6fe7eWGvYEnuvy78:j2ubPL5WqmOOfge7e3wEuvy4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38516e9ff9b09a097542b0a5b02d3ae0_JaffaCakes118

Files

38516e9ff9b09a097542b0a5b02d3ae0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7da25d86d2e1ff8868abf7e6ee3c164f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemInt
EnumWindows
SetWindowRgn
MapVirtualKeyExW
WINNLSEnableIME
IsDialogMessageA
LoadCursorFromFileA
OpenIcon
VkKeyScanA
SetWindowsHookW
CallWindowProcW
GetUserObjectInformationA
EnumDesktopsA
TileChildWindows
DrawTextA
SendNotifyMessageA
IsCharAlphaNumericA
UpdateWindow
RegisterHotKey
GrayStringA
CloseWindowStation
EnableWindow

wininet

InternetGetLastResponseInfoW
HttpCheckDavCompliance
FtpPutFileA
InternetSetOptionA
GetUrlCacheEntryInfoW
HttpSendRequestExA
InternetCreateUrlW
InternetTimeFromSystemTime
InternetShowSecurityInfoByURL
FtpCreateDirectoryA
InternetTimeToSystemTimeW
InternetWriteFileExW
FtpDeleteFileW
InternetSetDialStateW

gdi32

CreateDCA
RestoreDC
SetPaletteEntries
AbortDoc
SetBkMode
GetEnhMetaFileDescriptionW
Escape
GetColorSpace
ArcTo
SaveDC
CreateRectRgnIndirect
GetTextColor
PlayMetaFile
DeleteDC
ExtCreatePen
SelectClipRgn
PatBlt
CreateColorSpaceA
CreateBitmapIndirect
GetArcDirection
SetLayout
GetMetaFileA

advapi32

CryptSetProviderExA
LookupSecurityDescriptorPartsA
RegCreateKeyW
RegQueryValueExA
RegQueryValueW
CryptGetUserKey
RegFlushKey
LookupAccountNameA
RegConnectRegistryW
CryptContextAddRef
RegDeleteValueA
CryptEnumProvidersA
RegLoadKeyW
RegCreateKeyExW
CryptGetHashParam

kernel32

FreeEnvironmentStringsW
ExitProcess
HeapReAlloc
GetStringTypeW
LCMapStringW
QueryPerformanceCounter
GetUserDefaultLangID
InterlockedExchange
LoadLibraryA
GlobalAddAtomW
HeapDestroy
Sleep
InitializeCriticalSectionAndSpinCount
GetProcAddress
HeapCreate
EnterCriticalSection
TlsSetValue
GetTimeZoneInformation
MultiByteToWideChar
GetTickCount
GetCommandLineW
GetCPInfo
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualQuery
HeapFree
SetComputerNameW
GetCommandLineA
VirtualAlloc
GetStdHandle
GetEnvironmentStringsW
GetLocaleInfoW
SetConsoleCtrlHandler
FreeEnvironmentStringsA
CompareStringW
GetStartupInfoW
TlsFree
SetLastError
TlsAlloc
LCMapStringA
GetModuleFileNameW
GetModuleFileNameA
IsDebuggerPresent
WriteFile
IsValidLocale
VirtualFree
GetNumberFormatA
WideCharToMultiByte
GetVersionExA
GetUserDefaultLCID
GetLastError
GetDateFormatA
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetProcessHeap
GetLocaleInfoA
GetTimeFormatA
LeaveCriticalSection
GetOEMCP
GetStringTypeA
UnhandledExceptionFilter
TlsGetValue
RtlMoveMemory
InterlockedIncrement
CompareStringA
FreeLibrary
DeleteCriticalSection
TerminateProcess
FlushConsoleInputBuffer
SetHandleCount
GetCurrentProcess
GetCurrentProcessId
SetEnvironmentVariableA
HeapSize
IsValidCodePage
GetStartupInfoA
FlushInstructionCache
GetFileType
EnumCalendarInfoExW
InitializeCriticalSection
GetACP
SetUnhandledExceptionFilter
GetEnvironmentStrings
InterlockedDecrement
CreateMailslotW
EnumSystemLocalesA
GetCurrentThread

shell32

SheChangeDirExW
SheGetDirA
SHFreeNameMappings
SHGetDataFromIDListA
SheSetCurDrive
SHGetDataFromIDListW
CommandLineToArgvW
ExtractAssociatedIconA
SHFileOperationA
ExtractAssociatedIconW
ShellExecuteExA
ExtractIconW
ShellExecuteEx
SHGetNewLinkInfo
SHGetSpecialFolderLocation
SHGetFileInfoA
ExtractIconEx

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7da25d86d2e1ff8868abf7e6ee3c164f

Headers

File Characteristics

Imports

user32

wininet

gdi32

advapi32

kernel32

shell32

Sections

.text Size: 199KB - Virtual size: 198KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 199KB - Virtual size: 198KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 8KB - Virtual size: 7KB