f3412f15c1b70e1ffd31f137fb78303a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f3412f15c1b70e1ffd31f137fb78303a_JaffaCakes118
Size

391KB
MD5

f3412f15c1b70e1ffd31f137fb78303a
SHA1

f98a2bbd5b56303df59d8593cfe3598c3fe56bf1
SHA256

7def58803bb6114ff6392f29be78e3d53328606591b024e5088ceb299d10ebed
SHA512

92b8dbf71e80c1ae73ae7b9562995258193dfe59b4cbe9c3b05f591e0f566a46b56be660e15b3b76a248ec1d58f3f0fee6140e10f4dd445710f859146016c664
SSDEEP

12288:Hv9lkWr+G/oV5UCvqS9KjN4SoSmYKs/A8:tyTa2A/A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3412f15c1b70e1ffd31f137fb78303a_JaffaCakes118

Files

f3412f15c1b70e1ffd31f137fb78303a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

096044dfc126fda02b55a5c2003cabf5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

GetUrlCacheEntryInfoW

shell32

ShellExecuteExA
InternalExtractIconListA
FindExecutableA
SHChangeNotify
ShellExecuteA
SHFileOperationA
FindExecutableW
ExtractAssociatedIconA
SHGetSettings
SHGetPathFromIDList
CommandLineToArgvW
CheckEscapesW
SHGetDataFromIDListA
DragQueryFileW
DragQueryFileAorW

user32

CreateMDIWindowW
SetUserObjectInformationW
GetClipboardFormatNameA
DrawStateA
TrackPopupMenuEx
GetMenuBarInfo
EndTask
CheckMenuRadioItem
IsIconic
ChangeDisplaySettingsExA
LoadIconA
GetWindowTextLengthW

gdi32

GetRasterizerCaps
GetCharWidth32W
GetBitmapBits
SetTextCharacterExtra
CreateICW
GetICMProfileW
SetBitmapDimensionEx
EnumObjects
CreateEllipticRgn
FillRgn
DPtoLP
DeviceCapabilitiesExW
GetTextExtentPoint32A
GetMapMode
GetCurrentPositionEx
GetDeviceCaps
SetTextColor
GetMetaFileBitsEx

kernel32

GetFileType
RtlZeroMemory
GetStartupInfoW
VirtualAlloc
QueryPerformanceCounter
SetFileAttributesA
RtlUnwind
GetLastError
InterlockedExchange
VirtualFree
GetStartupInfoA
WriteFile
DeleteCriticalSection
GetModuleHandleA
InitializeCriticalSection
VirtualQuery
FileTimeToLocalFileTime
ExitProcess
GetProcAddress
IsBadWritePtr
LeaveCriticalSection
HeapCreate
GetVersion
HeapReAlloc
GetCurrentThreadId
GetCurrentProcess
GetCommandLineW
MultiByteToWideChar
GetStdHandle
HeapFree
GetSystemTimeAsFileTime
HeapDestroy
FreeEnvironmentStringsW
HeapAlloc
TlsFree
SetLastError
GetModuleFileNameW
GetCurrentThread
GetEnvironmentStrings
TlsAlloc
CreateProcessA
GetEnvironmentStringsW
TlsGetValue
GetCommandLineA
SetHandleCount
GetModuleFileNameA
TlsSetValue
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetCurrentProcessId
OpenWaitableTimerW
LoadLibraryA
MoveFileExA
EnterCriticalSection
GetTickCount

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 267KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

096044dfc126fda02b55a5c2003cabf5

Headers

File Characteristics

Imports

wininet

shell32

user32

gdi32

kernel32

Sections

.text Size: 117KB - Virtual size: 116KB

.data Size: 267KB - Virtual size: 278KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 117KB - Virtual size: 116KB

.data
Size: 267KB - Virtual size: 278KB

.rsrc
Size: 6KB - Virtual size: 6KB