f3971fdb1e0bf06169e9d75e936f8f4a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3971fdb1e0bf06169e9d75e936f8f4a_JaffaCakes118
Size

486KB
MD5

f3971fdb1e0bf06169e9d75e936f8f4a
SHA1

7e0ad3b835e5ee78ccc228876ffae993645c1d44
SHA256

bd741e3d0302a4c10b6c977c232b4f616cc199425e4203387ab0921f08607a15
SHA512

63725b1df854f59c1b43cb18bfaac11b9608bb0e6b7c46c1abba1844f7d97af842b77d75442bb0f8cecace742716286b0d54eed802862c2b10acbc33563721bb
SSDEEP

12288:ZJRIjLED83PGDB5hc7n+vButnESxWTKHTMABA7agul:ZJRIjykGDBmcBu1nvB9gW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3971fdb1e0bf06169e9d75e936f8f4a_JaffaCakes118

Files

f3971fdb1e0bf06169e9d75e936f8f4a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49aaac0d8bfad953f778b13e86f89670

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
CloseHandle
GetACP
GetCurrentProcess
GetModuleHandleA
GetStdHandle
GetTimeZoneInformation
VirtualProtect
DeleteCriticalSection
HeapCreate
RtlUnwind
GetStringTypeW
ReleaseMutex
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
ReadFile
LeaveCriticalSection
HeapFree
ExitProcess
VirtualQuery
ReadConsoleA
GetStartupInfoA
EnumSystemLocalesA
IsBadWritePtr
GetEnvironmentStringsW
GetFileType
GetLocaleInfoA
IsValidCodePage
GetOEMCP
SetEnvironmentVariableA
GetCommandLineW
MultiByteToWideChar
LCMapStringA
HeapSize
GetLocaleInfoW
TerminateProcess
GetStartupInfoW
GetLastError
WriteFile
UnhandledExceptionFilter
QueryPerformanceCounter
InitializeCriticalSection
TlsSetValue
TlsFree
FlushFileBuffers
GetCommandLineA
GetCPInfo
CompareStringA
LoadLibraryA
HeapDestroy
TlsGetValue
FreeEnvironmentStringsW
GetCurrentThreadId
GetEnvironmentStrings
LCMapStringW
HeapReAlloc
GetUserDefaultLCID
SetLastError
InterlockedExchange
GetStringTypeA
CreateMutexA
TlsAlloc
GetModuleFileNameW
HeapAlloc
GetCurrentProcessId
VirtualFree
GetCurrentThread
WideCharToMultiByte
GetTickCount
SetFilePointer
GetDateFormatA
AddAtomW
SetHandleCount
VirtualAlloc
GetProcAddress
SetStdHandle
GetModuleFileNameA
CompareStringW
TryEnterCriticalSection
IsValidLocale
EnterCriticalSection
GetVersionExA
OpenMutexA
GetTimeFormatA

comctl32

InitCommonControlsEx

user32

SendDlgItemMessageW
InsertMenuA
RegisterClassA
SetDeskWallpaper
SetWindowLongW
GetMenuBarInfo
RegisterClassExA

wininet

FindFirstUrlCacheContainerA
SetUrlCacheEntryInfoA
FtpDeleteFileA

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49aaac0d8bfad953f778b13e86f89670

Headers

File Characteristics

Imports

kernel32

comctl32

user32

wininet

Sections

.text Size: 160KB - Virtual size: 160KB

.rdata Size: 7KB - Virtual size: 21KB

.data Size: 312KB - Virtual size: 312KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.rdata
Size: 7KB - Virtual size: 21KB

.data
Size: 312KB - Virtual size: 312KB

.rsrc
Size: 5KB - Virtual size: 4KB