e8eed722b056cafe788991f52e676412_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e8eed722b056cafe788991f52e676412_JaffaCakes118
Size

492KB
MD5

e8eed722b056cafe788991f52e676412
SHA1

240a34d93f02ba3097d58cdebb64c6620740f24d
SHA256

fe767e0958213a500e7f2ec0760d275f7be07eced657cc953ab84fe31e5cc28c
SHA512

04236567dcc8da51dc09e437ee76f9b2a4ef961fd9f3a7e2114cf0ebcfa03d5fa185b2e0df5e5e1b8bb65b7b55a1859216ce4eac5a451b0ef85e074ba948a5c7
SSDEEP

6144:pKEVrEQ8qk1USQCUoTXSHUI59RXpBvTDd/OuJuh:pKEVgQ8qk1USQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8eed722b056cafe788991f52e676412_JaffaCakes118

Files

e8eed722b056cafe788991f52e676412_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3024d090cb7efcc0dd4a981ed175503

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetKeyboardLayoutList
wsprintfW
wvsprintfW
EndDialog
GetDlgItem
LoadIconW
SendMessageW
DialogBoxParamW
SetSysColors
SystemParametersInfoW

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetQueryOptionW
InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetCloseHandle
InternetGetCookieExW
InternetOpenUrlW
HttpQueryInfoW
HttpQueryInfoA

kernel32

LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryW
lstrcpyW
CreateFileW
GetTempFileNameW
DeleteFileW
MoveFileW
Sleep
lstrlenW
lstrcatW
WriteFile
CloseHandle
GetLocalTime
GetCurrentThreadId
GetVersionExW
GetSystemTimeAsFileTime
lstrcmp
GetProcessHeap
GetTempPathW
GetLongPathNameW
CreateProcessW
WaitForSingleObject
GetModuleHandleW
GetModuleFileNameW
CopyFileW
CreateMutexW
GetSystemTime
GetFileSize
SetFilePointer
ReadFile
ResumeThread
ExitThread
GetCurrentProcess
TerminateProcess
ExitProcess
CreateThread
Module32FirstW
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetModuleHandleA
GetVersionExA
GetCommandLineA
GetStartupInfoA
VirtualQuery
InterlockedExchange
GetModuleFileNameA
GetStdHandle
UnhandledExceptionFilter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
LockResource
HeapCreate
HeapDestroy
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetCPInfo
GetOEMCP
GetACP
VirtualFree
VirtualAlloc
GetLocaleInfoA
GetSystemInfo
VirtualProtect
LCMapStringW
LCMapStringA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegSetValueExW
RegCreateKeyW

ntdll

RtlAllocateHeap
RtlFreeHeap
RtlGetLastWin32Error
RtlReAllocateHeap
RtlSizeHeap
RtlUnwind

rpcrt4

UuidCreate
UuidToStringW
RpcMgmtStatsVectorFree

shell32

ShellExecuteW

msvcrt

__doserrno

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3024d090cb7efcc0dd4a981ed175503

Headers

File Characteristics

Imports

user32

wininet

kernel32

advapi32

ntdll

rpcrt4

shell32

msvcrt

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 424KB - Virtual size: 423KB

.rsrc Size: 8KB - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 424KB - Virtual size: 423KB

.rsrc
Size: 8KB - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 3KB