4040bc75f4853c1cf5d847a1632fd969_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4040bc75f4853c1cf5d847a1632fd969_JaffaCakes118
Size

440KB
MD5

4040bc75f4853c1cf5d847a1632fd969
SHA1

a995452b1b6f3033e296cae3f8db5a5181817ca8
SHA256

c9dadc0f88375d5a638b74f01fd396b78014d2d71124f79c64416ea6d1b585d9
SHA512

3f16b7cbf826fe0b06c5aebd9553f59270557e061b8e3562dabc28a8425b768435ce278f2cc1998dc8a40545896143d4af7c8ad3072c366bb70501450bb95482
SSDEEP

12288:gR00NwtEHJ6qfn52OiAZRwXwTudz+l3bkr0rfW4rtpJJeJlTXkoUxmhoIav5Req:QwoZhJzjnr3JJWDkNx1Iaviq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4040bc75f4853c1cf5d847a1632fd969_JaffaCakes118

Files

4040bc75f4853c1cf5d847a1632fd969_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2e33840b9f8fbfd51a2582bb57bd2063

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

HttpCheckDavCompliance
GopherOpenFileW
InternetSetCookieW
HttpOpenRequestA
InternetSetCookieA
GetUrlCacheEntryInfoExA
FindNextUrlCacheGroup
InternetConnectA
FtpPutFileEx
InternetCanonicalizeUrlW
FindCloseUrlCache
GopherCreateLocatorA
InternetTimeToSystemTime
SetUrlCacheEntryInfoW
InternetCreateUrlW
FtpRemoveDirectoryW
ShowClientAuthCerts

shell32

SHUpdateRecycleBinIcon
SHGetMalloc
SheChangeDirA
SheChangeDirExW
DragQueryFile
SHGetDiskFreeSpaceA
ExtractIconEx
SHGetPathFromIDListA
SHGetFileInfoW
ExtractIconExA
ExtractIconW
ShellExecuteExA
SHLoadInProc
SHFreeNameMappings
SHEmptyRecycleBinW
SHAppBarMessage
CheckEscapesW

advapi32

ReportEventW
RegDeleteKeyW

user32

GetClassNameW
AdjustWindowRect
TranslateAcceleratorA
SetProcessDefaultLayout
GetLastActivePopup
IsCharLowerA
SendNotifyMessageA
ReuseDDElParam
GetUpdateRgn
LoadKeyboardLayoutW
IsDlgButtonChecked
SetRectEmpty
CopyRect
DdeUninitialize
CharUpperBuffW
SetWindowTextW
LoadBitmapW
CharToOemBuffW
DdeCreateStringHandleA
WindowFromDC
DdeGetLastError
WinHelpW
DdeSetQualityOfService
InsertMenuA
CharPrevExA

kernel32

GetUserDefaultLCID
IsValidLocale
GetOEMCP
GetModuleHandleW
IsDebuggerPresent
GetCurrentThreadId
GetCommandLineW
GetModuleFileNameW
UnhandledExceptionFilter
GetThreadLocale
GetSystemTimeAdjustment
InterlockedDecrement
CompareStringA
GetCurrentProcess
GetACP
HeapFree
SetEnvironmentVariableA
SetLastError
GetTickCount
ExitProcess
SetUnhandledExceptionFilter
GetLocaleInfoW
EnterCriticalSection
VirtualAlloc
GetModuleFileNameA
LCMapStringW
SetEndOfFile
LCMapStringA
VirtualQuery
GetStartupInfoW
CompareStringW
InterlockedCompareExchange
GetCurrentProcessId
HeapReAlloc
MultiByteToWideChar
TlsGetValue
TlsFree
InitializeCriticalSectionAndSpinCount
GetStdHandle
WaitForSingleObject
HeapSize
SetHandleCount
TlsAlloc
DeleteCriticalSection
HeapCreate
InterlockedExchange
EnumSystemLocalesA
GetFileType
MoveFileExW
LeaveCriticalSection
GetLastError
GetTimeFormatW
GetCurrentThread
HeapDestroy
WriteFile
RtlUnwind
QueryPerformanceCounter
WideCharToMultiByte
GetTimeZoneInformation
GetDateFormatA
GetStringTypeW
GetProcessHeaps
FreeLibrary
GetTimeFormatA
GetProcAddress
Sleep
InterlockedIncrement
SetConsoleCtrlHandler
GetLocaleInfoA
IsValidCodePage
TlsSetValue
HeapAlloc
GetStartupInfoA
VirtualFree
GetEnvironmentStringsW
LoadLibraryA
FreeEnvironmentStringsW
GetCPInfo
GetModuleHandleA
GetStringTypeA
TerminateProcess
GetSystemTimeAsFileTime

gdi32

ExtTextOutW
GetMapMode
SetMiterLimit
LPtoDP
DPtoLP
SetPixel
GetCharWidthW
UpdateColors
RectInRegion
CreatePenIndirect
SetMapMode
GetViewportExtEx
Ellipse
CopyMetaFileW
GetTextExtentExPointW
CancelDC
CheckColorsInGamut
GetWindowOrgEx
CreateScalableFontResourceA
GetCharacterPlacementW
GdiPlayScript

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e33840b9f8fbfd51a2582bb57bd2063

Headers

File Characteristics

Imports

wininet

shell32

advapi32

user32

kernel32

gdi32

Sections

.text Size: 153KB - Virtual size: 152KB

.data Size: 276KB - Virtual size: 275KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 153KB - Virtual size: 152KB

.data
Size: 276KB - Virtual size: 275KB

.rsrc
Size: 10KB - Virtual size: 9KB