e949cd2c5798f144367d444966d114e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e949cd2c5798f144367d444966d114e0_JaffaCakes118
Size

471KB
MD5

e949cd2c5798f144367d444966d114e0
SHA1

d6d64c7b5bc0e692f857937ee8a71261af330476
SHA256

746da0e57e68e4cdc81422a6c858bc48216a06adecaf2e5dd3046c6048379425
SHA512

de0f06893ef854da1c3d41e6d60e1c87a01573befa5f52d80ab16b972aea9104e56479a00561cf21e7a9395cd84a4782fdc021873147c5ae321c5f83efd09ca3
SSDEEP

12288:/+CaU4IHgGV8dLfd2Ft8LvAYaoDmQXMpRAdMV6M/:/+CoI3V89fd2FeLvAYdmZAuAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e949cd2c5798f144367d444966d114e0_JaffaCakes118

Files

e949cd2c5798f144367d444966d114e0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4893d5e7200737d4a533f52de32fcd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

UnhookWinEvent
MapVirtualKeyA
DefMDIChildProcW
GetComboBoxInfo
RegisterClassA
CopyIcon
CloseDesktop
DlgDirSelectComboBoxExW
RemovePropW
GetClassInfoExW
DlgDirListA
RegisterClassExA

wininet

InternetQueryOptionW
InternetAutodialHangup
HttpCheckDavCompliance
InternetGetCertByURLA
SetUrlCacheEntryInfoA
InternetQueryOptionA

kernel32

GetFileAttributesW
GetCurrentProcessId
VirtualFree
GetEnvironmentStringsW
GetStdHandle
GetSystemTimeAsFileTime
GetStringTypeA
GetTimeZoneInformation
GetVersion
LocalReAlloc
lstrcmp
GetProfileSectionA
EnumCalendarInfoW
InterlockedDecrement
RtlUnwind
CompareStringA
SuspendThread
GetStringTypeW
TerminateProcess
CloseHandle
InterlockedExchange
GetCurrentThread
FindFirstFileExW
DeleteCriticalSection
InterlockedIncrement
EnterCriticalSection
TransactNamedPipe
WideCharToMultiByte
TlsGetValue
GetEnvironmentStrings
GetModuleFileNameA
ReadConsoleOutputCharacterA
FreeEnvironmentStringsW
SetHandleCount
ExitProcess
SetStdHandle
LCMapStringA
VirtualAlloc
GetACP
InitializeCriticalSection
HeapCreate
FreeEnvironmentStringsA
HeapReAlloc
SetLastError
CreateWaitableTimerW
GetLocaleInfoW
TlsFree
GetLastError
HeapAlloc
MoveFileW
LocalFree
MultiByteToWideChar
TlsSetValue
GetTickCount
UnhandledExceptionFilter
FlushViewOfFile
GetProcAddress
OpenSemaphoreW
FindFirstFileW
SetFileAttributesW
TlsAlloc
GetCPInfo
LCMapStringW
HeapDestroy
FlushFileBuffers
ReadFile
LoadLibraryA
HeapFree
SetTimeZoneInformation
TerminateThread
SetConsoleCursorInfo
GetLocalTime
CopyFileExA
GetStartupInfoA
CompareStringW
GetCurrentThreadId
CreateMutexA
CreateToolhelp32Snapshot
VirtualQuery
GetFileType
GetCurrentProcess
OpenMutexA
GlobalFree
WritePrivateProfileSectionW
GetOEMCP
WriteFile
GetSystemTime
SetEnvironmentVariableA
GetModuleHandleA
SetFilePointer
QueryPerformanceCounter
GetCommandLineA
LeaveCriticalSection
IsBadWritePtr

Sections

.text
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4893d5e7200737d4a533f52de32fcd1

Headers

File Characteristics

Imports

comctl32

user32

wininet

kernel32

Sections

.text Size: 330KB - Virtual size: 330KB

.rdata Size: 21KB - Virtual size: 37KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 330KB - Virtual size: 330KB

.rdata
Size: 21KB - Virtual size: 37KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 13KB - Virtual size: 12KB