91c62b1dafea5b39da6dcb2073dc1c0d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

91c62b1dafea5b39da6dcb2073dc1c0d_JaffaCakes118
Size

258KB
MD5

91c62b1dafea5b39da6dcb2073dc1c0d
SHA1

abfde47bb36ee1ebbd3e8a2b6a0e66fe62d724af
SHA256

f16838ae996b25cb0767d35ce0349944d94a99a6a60de8c7537504c6b791335b
SHA512

9db67d2384cc75619e9fadf714ecc65b62d73eebb3110baab4fd42b505d8b86fb0ff27bd14e2c02f4ad87e6303c6695a1e6c1cf3940fb766c071d61793880b7d
SSDEEP

6144:GDC0INoZFuGwPp8j3qB/ZS6sInxQg0AiKN4NYqA7pV:7CZFfj3iBEU8KN4NHA7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91c62b1dafea5b39da6dcb2073dc1c0d_JaffaCakes118

Files

91c62b1dafea5b39da6dcb2073dc1c0d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ac3f8dc1ff3b8887df3fb055841add16

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
lstrcatW
WinExec
GetCurrentDirectoryA
GetDateFormatW
GetNumberFormatA
GetCurrentProcessId
GetProcAddress
GetLocalTime
CreateMailslotA
EnumTimeFormatsA
ReplaceFileW
FileTimeToDosDateTime
CreateMutexW
GetModuleFileNameA
CreateDirectoryA
EnumCalendarInfoW
BeginUpdateResourceW
LoadLibraryExA
GetLastError

user32

EndDialog
GetClassInfoW
RegisterWindowMessageA
GetAsyncKeyState
SetParent
GetWindowRgn
UnregisterClassA
CreateDesktopW
GetActiveWindow
GetForegroundWindow
SendDlgItemMessageW
CopyRect
GetMenuStringA
GetMenuItemInfoA
GetTopWindow
GetScrollPos
FindWindowW
GetFocus
GetMenuItemRect
LoadCursorW
GetDesktopWindow
RemoveMenu
WaitMessage
InsertMenuItemW
PeekMessageA
CopyIcon
MonitorFromRect
wvsprintfA
LoadCursorA
InsertMenuItemA
PostMessageA
UpdateLayeredWindow
LoadBitmapW
EnumWindows
CreateDialogIndirectParamA
CharPrevA
EndMenu

gdi32

CreateMetaFileW
DeleteObject
CreateFontIndirectA
CreateRectRgn
ExtCreateRegion
CreateSolidBrush
CreateFontA
CreateBrushIndirect
CreatePolygonRgn
CreateColorSpaceW
GetStockObject
CreateMetaFileA
GetEnhMetaFileW
CreateFontW
GdiGetBatchLimit

shell32

StrStrW
FreeIconList
StrCmpNW
StrRStrW
StrChrIA
Shell_NotifyIconA
SHBrowseForFolderW
Shell_NotifyIcon
SHGetSpecialFolderLocation
StrNCmpA
StrRStrA
ExtractIconExA
SHGetFolderPathW

oleaut32

VariantInit
SafeArrayUnlock
VarDateFromR8
SafeArrayPtrOfIndex
VarBoolFromUI1
VarI4FromUI1
VarCyAbs
VarR8FromCy
VarUI1FromCy
VarAnd

wininet

GetUrlCacheHeaderData
InternetWriteFileExA
FtpRemoveDirectoryW
ShowCertificate
GopherOpenFileA

crypt32

CryptRegisterOIDInfo
CertRegisterSystemStore
CryptSetOIDFunctionValue
I_CryptDisableLruOfEntries
CertFindSubjectInCTL
I_CryptCreateLruCache
CryptGetDefaultOIDFunctionAddress
CertCreateContext
CertSetStoreProperty
CryptSIPRetrieveSubjectGuidForCatalogFile
CertComparePublicKeyInfo

Sections

.MTW
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HK
Size: 512B - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rBfoN
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.IYK
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QHY
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PQ
Size: 3KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.q
Size: 5KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mOC
Size: 4KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xLO
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.SR
Size: 14KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac3f8dc1ff3b8887df3fb055841add16

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

oleaut32

wininet

crypt32

Sections

.MTW Size: 10KB - Virtual size: 9KB

.HK Size: 512B - Virtual size: 157KB

.rBfoN Size: 2KB - Virtual size: 80KB

.IYK Size: 89KB - Virtual size: 89KB

.QHY Size: 13KB - Virtual size: 13KB

.PQ Size: 3KB - Virtual size: 44KB

.q Size: 5KB - Virtual size: 379KB

.mOC Size: 4KB - Virtual size: 406KB

.xLO Size: 89KB - Virtual size: 88KB

.SR Size: 14KB - Virtual size: 384KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.MTW
Size: 10KB - Virtual size: 9KB

.HK
Size: 512B - Virtual size: 157KB

.rBfoN
Size: 2KB - Virtual size: 80KB

.IYK
Size: 89KB - Virtual size: 89KB

.QHY
Size: 13KB - Virtual size: 13KB

.PQ
Size: 3KB - Virtual size: 44KB

.q
Size: 5KB - Virtual size: 379KB

.mOC
Size: 4KB - Virtual size: 406KB

.xLO
Size: 89KB - Virtual size: 88KB

.SR
Size: 14KB - Virtual size: 384KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B