f80a13df0774d5e3c038792f10f2009c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f80a13df0774d5e3c038792f10f2009c_JaffaCakes118
Size

445KB
MD5

f80a13df0774d5e3c038792f10f2009c
SHA1

fff4c4615311f36f5e8afe21597f45c3018417bd
SHA256

d229aa470be46afd9c141f7a353c3a5861da069695557c46458841ab302c56fd
SHA512

76924948747b3eda718dbeb6ae23ebc6478f24ae65185bca52f30986d4af607598f74519b69534a8ead9557994f60d24c89236530af045164b563d363f6aa576
SSDEEP

6144:cDyobTxV/8Gb9kbUkAjVFmcePSIbs+50x1bZx+aDJ5H7qmyBdr7h/X1Ukwdh:oDbOwkI8PXbs+0bT+KPqD5uLb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f80a13df0774d5e3c038792f10f2009c_JaffaCakes118

Files

f80a13df0774d5e3c038792f10f2009c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c31eab27e277d851c483e26ccccc7c13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendDlgItemMessageA
SetProcessDefaultLayout

kernel32

Sleep
VirtualProtectEx
GetStartupInfoA
GetACP
GetCurrentThread
InitializeCriticalSection
CommConfigDialogW
HeapDestroy
VirtualQuery
SetUnhandledExceptionFilter
HeapFree
EnumSystemLocalesA
IsValidLocale
HeapAlloc
GetStringTypeW
FreeEnvironmentStringsW
GetProcAddress
GetCPInfo
EnterCriticalSection
MultiByteToWideChar
lstrlenA
GetStringTypeA
GetLastError
MoveFileExW
GetFileType
SetFilePointer
HeapReAlloc
LCMapStringW
GetLocaleInfoW
GetOEMCP
FreeLibrary
FindNextFileW
GetEnvironmentStrings
CompareStringW
TerminateProcess
GetSystemTimeAsFileTime
GetDateFormatA
TlsFree
RtlUnwind
LoadLibraryA
TlsGetValue
ReleaseSemaphore
WideCharToMultiByte
GetTimeZoneInformation
InterlockedExchange
GetStdHandle
GetCurrentThreadId
InterlockedIncrement
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
LCMapStringA
GetModuleHandleA
GetProfileStringA
LeaveCriticalSection
IsValidCodePage
ExitProcess
VirtualAlloc
TlsSetValue
VirtualFree
UnhandledExceptionFilter
SetConsoleCtrlHandler
GetCurrentProcess
SetLocaleInfoW
HeapSize
GetUserDefaultLCID
GetCurrentProcessId
SetHandleCount
GetEnvironmentStringsW
WriteFile
SetLastError
QueryPerformanceCounter
SetEnvironmentVariableA
GetTickCount
GetVersionExA
CompareStringA
TlsAlloc
GetLocaleInfoA
GetCommandLineA
HeapCreate
GetTimeFormatA
InterlockedDecrement
IsDebuggerPresent
GetProcessHeap

shell32

RealShellExecuteExA

comdlg32

GetOpenFileNameW
LoadAlterBitmap
PageSetupDlgW
ChooseFontW

gdi32

GetEnhMetaFilePaletteEntries
GetColorAdjustment
CloseMetaFile
PaintRgn
SetICMProfileW
EnumFontFamiliesExA
ExtSelectClipRgn
GetAspectRatioFilterEx
SelectClipPath
GetNearestColor
GetBkMode
TextOutW
CreateRectRgn
CreateCompatibleDC
GetBrushOrgEx
InvertRgn
SelectPalette
BeginPath

wininet

InternetTimeFromSystemTimeA
InternetGetLastResponseInfoW
InternetCombineUrlA

Sections

.text
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c31eab27e277d851c483e26ccccc7c13

Headers

File Characteristics

Imports

user32

kernel32

shell32

comdlg32

gdi32

wininet

Sections

.text Size: 136KB - Virtual size: 136KB

.rdata Size: 9KB - Virtual size: 39KB

.data Size: 285KB - Virtual size: 285KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 136KB - Virtual size: 136KB

.rdata
Size: 9KB - Virtual size: 39KB

.data
Size: 285KB - Virtual size: 285KB

.rsrc
Size: 13KB - Virtual size: 12KB