f360425511c660fb467539a5e3dff6a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f360425511c660fb467539a5e3dff6a6_JaffaCakes118
Size

421KB
MD5

f360425511c660fb467539a5e3dff6a6
SHA1

73cb0f92c92cdc2a854f2d22dd9ecd075436abd2
SHA256

014a1e734942bbad038256eb40191504a7ad449d67c5e2ee3a54dc6731e9fdec
SHA512

06cb597a4f00c392f7b72a62765e9bb63930ea7701708196301b10143e665084ce0cf7607233bb434ed8168e4da071e2405a106790eeba4e80e169ebe6fe7b54
SSDEEP

6144:/MgT/JVbh6oJyTktVny2mgUybAyFFOQE3NL00OKZmZDkSA8Ef:5T/fs8kkkhybA4dONZZm9Ef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f360425511c660fb467539a5e3dff6a6_JaffaCakes118

Files

f360425511c660fb467539a5e3dff6a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3618f1c0a2895712df7f6797d548f61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetCPInfo
SetLastError
FreeEnvironmentStringsW
RtlUnwind
InterlockedDecrement
FreeEnvironmentStringsA
GetCurrentProcess
GetVersionExA
VirtualAlloc
TlsAlloc
SetEnvironmentVariableA
HeapReAlloc
GetStringTypeW
GetCurrentThread
GetStringTypeA
GetFileType
Sleep
GetModuleFileNameA
GetLocaleInfoA
InitializeCriticalSection
ExitProcess
GetProcessHeap
HeapSize
IsValidCodePage
LoadLibraryA
GetTickCount
GetSystemTimeAsFileTime
HeapCreate
GetEnvironmentStringsW
LCMapStringW
QueryPerformanceCounter
FindResourceW
UnhandledExceptionFilter
DeleteCriticalSection
TlsSetValue
GetCurrentThreadId
GetEnvironmentStrings
HeapAlloc
GetTimeZoneInformation
HeapFree
GetDiskFreeSpaceA
TlsFree
GetCurrentProcessId
EnumSystemLocalesA
InterlockedIncrement
HeapDestroy
WideCharToMultiByte
LCMapStringA
GetDateFormatA
GetStartupInfoA
IsDebuggerPresent
GetLastError
SetConsoleCtrlHandler
VirtualFree
LocalFree
FreeLibrary
GetModuleHandleA
EnumTimeFormatsW
GetOEMCP
EnterCriticalSection
SetFilePointer
TlsGetValue
CompareStringW
CompareStringA
GetCommandLineA
IsValidLocale
GetProcAddress
GetStdHandle
GetTimeFormatA
GetACP
SetHandleCount
InterlockedExchange
LeaveCriticalSection
TerminateProcess
GetUserDefaultLCID
VirtualQuery
MultiByteToWideChar
WriteFile
GetCalendarInfoW
SetUnhandledExceptionFilter

gdi32

SetBoundsRect
GetSystemPaletteEntries
GetRandomRgn
SetArcDirection
GetTextExtentPoint32W
GetGraphicsMode
CreateEnhMetaFileA
SetICMMode
GetEnhMetaFilePaletteEntries
EnumEnhMetaFile
DeviceCapabilitiesExW
BitBlt
CreateEllipticRgn
GetCharABCWidthsW
SetSystemPaletteUse

wininet

InternetFindNextFileA
InternetSetOptionExW
InternetAttemptConnect
FreeUrlCacheSpaceW
FtpSetCurrentDirectoryA
HttpAddRequestHeadersW
IncrementUrlCacheHeaderData
InternetTimeToSystemTime

Sections

.text
Size: 138KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3618f1c0a2895712df7f6797d548f61

Headers

File Characteristics

Imports

kernel32

gdi32

wininet

Sections

.text Size: 138KB - Virtual size: 137KB

.data Size: 274KB - Virtual size: 274KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 138KB - Virtual size: 137KB

.data
Size: 274KB - Virtual size: 274KB

.rsrc
Size: 7KB - Virtual size: 7KB