92b701019bdb4cfebc02e07fe4f2d25e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

92b701019bdb4cfebc02e07fe4f2d25e_JaffaCakes118
Size

196KB
MD5

92b701019bdb4cfebc02e07fe4f2d25e
SHA1

6e6c806d5b21d9038e8f802e4a3ab5d7affce460
SHA256

ece07a5ff2050fd86d2517b30e509902eafa0060ed8d43a5eef116d5ec176bf9
SHA512

08b35b1f4e122f3fd58e099453a053a7fb01386f37f5d6939196e330ad2a847d2068717a43442b6329141052d0ddb19d10eabf5ca6df6baf313f5cb2892656d3
SSDEEP

3072:9+84D7OFrNqR3UNRpr7leUnu5EDmnj+urHLeOhwMkYUNpbJHpTiGU:9+8bSEnpc48QW6urreOhbufb/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
92b701019bdb4cfebc02e07fe4f2d25e_JaffaCakes118

Files

92b701019bdb4cfebc02e07fe4f2d25e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

351ced9b3851437579dba83705508b9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionFontW
ImmGetStatusWindowPos
ImmGetIMEFileNameW
ImmGetCompositionWindow
ImmGetCandidateListCountA
ImmIsIME
ImmEscapeW
ImmDestroyContext
ImmGetOpenStatus
ImmGetDescriptionA
ImmGetCandidateListW
ImmSetCompositionFontW
ImmSetCandidateWindow
ImmGetIMEFileNameA
ImmConfigureIMEW
ImmGetGuideLineW
ImmNotifyIME
ImmGetCompositionFontA
ImmInstallIMEA
ImmInstallIMEW
ImmGetCompositionStringA
ImmGetConversionListA
ImmGetDefaultIMEWnd
ImmGetCandidateListCountW
ImmUnregisterWordW
ImmGetCompositionStringW
ImmGetDescriptionW
ImmSetStatusWindowPos
ImmSetConversionStatus
ImmCreateContext
ImmGetProperty
ImmGetConversionStatus
ImmReleaseContext
ImmEnumRegisterWordA
ImmSetCompositionStringW
ImmGetConversionListW
ImmEnumRegisterWordW
ImmSetOpenStatus
ImmGetCandidateListA

shlwapi

PathFileExistsA
SHRegSetUSValueW
PathParseIconLocationW
PathMakePrettyW
SHSetValueW
SHDeleteEmptyKeyA
SHGetValueW
StrToIntExA
PathFindExtensionA
PathIsURLA
PathIsUNCServerW
SHRegWriteUSValueW
PathQuoteSpacesA
PathStripPathA
PathCommonPrefixW
PathCombineW
PathSetDlgItemPathW
StrSpnA
PathFindExtensionW
StrPBrkW
PathRemoveFileSpecA
SHQueryInfoKeyW
PathCombineA
SHEnumKeyExW
PathStripToRootW

urlmon

RegisterFormatEnumerator
HlinkSimpleNavigateToString
FindMediaType
GetClassFileOrMime
RevokeFormatEnumerator
CreateFormatEnumerator
CoInternetCompareUrl
CoInternetGetSession
GetClassURL
UrlMkSetSessionOption
HlinkGoForward
HlinkSimpleNavigateToMoniker
CoGetClassObjectFromURL
CoInternetGetProtocolFlags
MkParseDisplayNameEx
CreateAsyncBindCtxEx
URLDownloadToCacheFileW
HlinkNavigateMoniker
CoInternetCreateSecurityManager
HlinkNavigateString
CoInternetQueryInfo
URLOpenPullStreamA
CoInternetGetSecurityUrl
IsValidURL

rasapi32

RasGetProjectionInfoA
RasGetEntryPropertiesA
RasEnumDevicesW
RasGetErrorStringW
RasGetProjectionInfoW
RasEnumDevicesA
RasEditPhonebookEntryA

mpr

WNetAddConnection3W
WNetAddConnection3A
WNetGetUniversalNameA
WNetCancelConnectionA
WNetGetUserA
WNetCancelConnectionW
WNetOpenEnumW
WNetGetLastErrorW
WNetEnumResourceW
WNetAddConnectionW
WNetAddConnection2W
MultinetGetConnectionPerformanceW

winmm

midiStreamProperty
mmioGetInfo
auxGetNumDevs
waveOutGetErrorTextW

kernel32

_lwrite
GetTimeFormatA
CreateNamedPipeA
GetDriveTypeA
GetDateFormatW
GetExitCodeProcess
GetProcessHeap
GetFileTime

imagehlp

CheckSumMappedFile
SearchTreeForFile
BindImage
UpdateDebugInfoFileEx
SymGetSymPrev
SymGetSymFromAddr
MapFileAndCheckSumW
UnDecorateSymbolName
GetTimestampForLoadedLibrary
SymCleanup
SymFunctionTableAccess
SymEnumerateModules
ImageUnload
SymGetLineFromAddr
MakeSureDirectoryPathExists
SymUnloadModule
ImageGetDigestStream
ImagehlpApiVersionEx
SymSetSearchPath
BindImageEx
MapFileAndCheckSumA
ImageGetCertificateData
SymRegisterCallback
FindDebugInfoFile
MapDebugInformation
UnMapAndLoad
SymLoadModule
SymGetLineFromName
RemovePrivateCvSymbolic
SymSetOptions
SymGetModuleInfo
SymGetModuleBase
EnumerateLoadedModules

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

351ced9b3851437579dba83705508b9d

Headers

File Characteristics

Imports

imm32

shlwapi

urlmon

rasapi32

mpr

winmm

kernel32

imagehlp

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 28KB - Virtual size: 25KB

.data Size: 32KB - Virtual size: 145KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 28KB - Virtual size: 25KB

.data
Size: 32KB - Virtual size: 145KB

.rsrc
Size: 48KB - Virtual size: 47KB