edacc9f5ef200abe2be30eaf8ef90ed5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

edacc9f5ef200abe2be30eaf8ef90ed5_JaffaCakes118
Size

603KB
MD5

edacc9f5ef200abe2be30eaf8ef90ed5
SHA1

d21bda84c8b72e5728eb0c39024f18100d995cc9
SHA256

adb071d6941fa05e4d12bad964428ed35e75ba523590d8dcd757fead7dcea299
SHA512

72c3f8c758e6c27a5a5dbf3586623144caac251d1e6be0ea0451e2b98e92cbe011a748dadcb76d85570d06f044d5ced4cf4aa113e3ade531ac3340316f4a3d82
SSDEEP

12288:qhtz2XKRKmwtyntzXXp3ZPCTseHNnuYDhi45pVgtvYo7HV/ut1:qEhmwtotDZ3lCJH9M4SYoLhuL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edacc9f5ef200abe2be30eaf8ef90ed5_JaffaCakes118

Files

edacc9f5ef200abe2be30eaf8ef90ed5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9cfe826d940c3ac0945b7577758a41a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

SetUrlCacheEntryInfoW
DeleteIE3Cache
HttpSendRequestW
InternetSetDialStateW
InternetLockRequestFile
HttpQueryInfoA
GopherGetLocatorTypeW
InternetDial

kernel32

GetOEMCP
RtlZeroMemory
CompareStringA
GetTimeZoneInformation
HeapReAlloc
HeapAlloc
GetEnvironmentStrings
QueryPerformanceCounter
GetTempFileNameW
TlsAlloc
ReadConsoleA
InterlockedIncrement
InterlockedDecrement
CreateMutexA
UnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
GetStringTypeW
VirtualFree
FreeResource
Sleep
GetTickCount
GetEnvironmentStringsW
OpenMutexA
MultiByteToWideChar
GetStartupInfoA
WriteConsoleA
VirtualAlloc
OpenEventA
GetProcAddress
HeapCreate
HeapDestroy
SetConsoleCtrlHandler
GetConsoleMode
ReadFile
GetUserDefaultLCID
GetModuleHandleA
ExitProcess
FreeEnvironmentStringsW
LCMapStringW
GetThreadTimes
LeaveCriticalSection
TlsSetValue
GetShortPathNameW
GetSystemInfo
SetThreadAffinityMask
SystemTimeToFileTime
RtlUnwind
CloseHandle
WideCharToMultiByte
SetHandleCount
SetCurrentDirectoryW
FlushFileBuffers
TlsGetValue
GetLocaleInfoW
FreeLibrary
GetCurrentThread
GetStringTypeA
GetCurrentThreadId
TlsFree
GetCPInfo
FindFirstFileExA
TryEnterCriticalSection
SetStdHandle
WriteFile
EnumSystemLocalesA
HeapFree
EnumResourceLanguagesA
GetProcessHeap
CopyFileA
GetCurrentProcess
InterlockedExchange
WriteProfileSectionW
DuplicateHandle
GetACP
TerminateProcess
GetDateFormatA
SetLastError
GetModuleFileNameA
IsValidCodePage
CreateFileA
GetVersionExA
GetCurrentProcessId
LCMapStringA
GetLocaleInfoA
GetTimeFormatA
SetUnhandledExceptionFilter
GetLastError
GetConsoleCP
IsValidLocale
GetModuleFileNameW
IsDebuggerPresent
CompareStringW
GetFileType
FindNextFileW
WriteConsoleW
GetCommandLineA
VirtualQuery
GetConsoleOutputCP
LoadLibraryA
EnterCriticalSection
GetCommandLineW
FileTimeToSystemTime
GetStdHandle
GetSystemTimeAsFileTime
SetEnvironmentVariableA
GetStartupInfoW
SetFilePointer
HeapSize
FreeEnvironmentStringsA

user32

GetWindow
RegisterClassExA
DdeCreateStringHandleW
MessageBoxW
SetCursor
CreateAcceleratorTableW
DdeQueryNextServer
DialogBoxParamW
MapVirtualKeyExA
EnumDisplaySettingsA
GetWindowTextLengthA
RegisterClassA
CharUpperBuffA
SetClipboardViewer

comctl32

InitCommonControlsEx

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cfe826d940c3ac0945b7577758a41a7

Headers

File Characteristics

Imports

wininet

kernel32

user32

comctl32

Sections

.text Size: 262KB - Virtual size: 262KB

.rdata Size: 10KB - Virtual size: 26KB

.data Size: 319KB - Virtual size: 318KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 262KB - Virtual size: 262KB

.rdata
Size: 10KB - Virtual size: 26KB

.data
Size: 319KB - Virtual size: 318KB

.rsrc
Size: 10KB - Virtual size: 10KB