edbb389d4e18b7138323f5e049e91b75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

edbb389d4e18b7138323f5e049e91b75_JaffaCakes118
Size

409KB
MD5

edbb389d4e18b7138323f5e049e91b75
SHA1

390ce763c5cf42da91504d5cbf3460ba46f9c428
SHA256

106616689781b95b76bfbbe397a177ad3fdc57517ae422f3e338f72c8b353223
SHA512

4824db50de6bbb81fad81dcddd86508f30654681ae2c71fb1309487e802f559be46c0975a14bba7290db8c07e35a0e1183eb89bb880390c87df98e91d786c2c6
SSDEEP

12288:9qOFx4+NqxnAUs/lqKn7JtuGYfxgROcH21d:9q+xYxAv/s+FDYpd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edbb389d4e18b7138323f5e049e91b75_JaffaCakes118

Files

edbb389d4e18b7138323f5e049e91b75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c12956b527a09db371514638b4316043

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shell32

SHFormatDrive
SHGetDesktopFolder
SHInvokePrinterCommandA
SHGetFileInfoW
SHEmptyRecycleBinW

user32

GetScrollPos
CharUpperBuffA
RegisterClassW
DlgDirSelectComboBoxExW
UnregisterClassA
EnumDisplaySettingsA
PostMessageW
CharLowerBuffW
ChangeMenuA
RegisterClassExA
GetCapture
ShowWindow
DdeCreateDataHandle
SendDlgItemMessageA
CheckMenuItem
DialogBoxParamW
IsWindowVisible
EnumWindowStationsA
RegisterClassA
TrackPopupMenuEx
GetInputDesktop
GetMenuItemRect
TranslateAccelerator

kernel32

CompareFileTime
DeleteAtom
TlsFree
GetStartupInfoA
IsValidCodePage
WaitForDebugEvent
GetTimeZoneInformation
QueryPerformanceCounter
FlushFileBuffers
GlobalFix
SetFilePointer
LCMapStringW
LoadLibraryA
RtlUnwind
LCMapStringA
HeapFree
EnumSystemLocalesA
WriteFile
GetLocaleInfoW
TlsAlloc
IsValidLocale
HeapSize
GetConsoleMode
HeapValidate
HeapCreate
InitializeCriticalSection
GetCurrentThreadId
CompareStringA
CreateDirectoryW
FreeEnvironmentStringsA
LocalReAlloc
UnhandledExceptionFilter
GetLastError
GetUserDefaultLCID
HeapDestroy
GetEnvironmentStringsW
SetStdHandle
WideCharToMultiByte
GetACP
SetHandleCount
ReadConsoleA
GetProcAddress
GetDriveTypeW
VirtualAlloc
GetCPInfo
FreeEnvironmentStringsW
GetEnvironmentStrings
SetLastError
LeaveCriticalSection
VirtualFree
GetStringTypeA
HeapReAlloc
MultiByteToWideChar
GetCurrentProcess
WriteConsoleA
EnterCriticalSection
GetLocaleInfoA
GetModuleFileNameA
OpenEventW
GetModuleHandleA
GetCommandLineA
GetSystemInfo
ExitProcess
CreateNamedPipeA
GetFileType
TerminateProcess
GetStringTypeW
TlsSetValue
IsBadWritePtr
GetOEMCP
GetUserDefaultLangID
TlsGetValue
CompareStringW
LocalUnlock
SetEnvironmentVariableA
GetSystemTimeAsFileTime
CloseHandle
ReadFile
EnumResourceLanguagesA
InterlockedExchange
GetTimeFormatA
GetCurrentProcessId
GetDateFormatA
OutputDebugStringA
GetTickCount
VirtualProtect
GetStdHandle
OpenMutexA
HeapAlloc
GetVersionExA
VirtualQuery
GetCurrentThread
DeleteCriticalSection
CreateMutexA

wininet

InternetDialA
InternetCrackUrlW
InternetCreateUrlW
FindFirstUrlCacheContainerW
InternetCombineUrlA

gdi32

DrawEscape
CloseMetaFile
EndPath
SetSystemPaletteUse

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c12956b527a09db371514638b4316043

Headers

File Characteristics

Imports

comctl32

shell32

user32

kernel32

wininet

gdi32

Sections

.text Size: 179KB - Virtual size: 178KB

.rdata Size: 8KB - Virtual size: 30KB

.data Size: 208KB - Virtual size: 207KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 179KB - Virtual size: 178KB

.rdata
Size: 8KB - Virtual size: 30KB

.data
Size: 208KB - Virtual size: 207KB

.rsrc
Size: 12KB - Virtual size: 12KB